Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
HmP9fn8NM9.exe

Overview

General Information

Sample name:HmP9fn8NM9.exe
renamed because original name is a hash value
Original sample name:c9a1ab7b39fcca82619ec34ee3c2a92a72100f28d5686d5f899a1b37c814dd57.exe
Analysis ID:1578217
MD5:1b4fa73741b1e40003326d8bed4b39dc
SHA1:7a23e3650d530a8bb4f7aa8c80690ed423f0b819
SHA256:c9a1ab7b39fcca82619ec34ee3c2a92a72100f28d5686d5f899a1b37c814dd57
Tags:51-15-17-193exeuser-JAMESWT_MHT
Infos:

Detection

Score:52
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus detection for URL or domain
Potentially malicious time measurement code found
Binary contains a suspicious time stamp
Contains functionality for execution timing, often used to detect debuggers
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query CPU information (cpuid)
Contains functionality to shutdown / reboot the system
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Creates a process in suspended mode (likely to inject code)
Detected potential crypto function
Drops PE files
Extensive use of GetProcAddress (often used to hide API calls)
Found dropped PE file which has not been started or loaded
Found evasive API chain checking for process token information
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
PE file contains sections with non-standard names
Queries the volume information (name, serial number etc) of a device
Sample file is different than original file name gathered from version info

Classification

Process Tree

  • System is w10x64
  • HmP9fn8NM9.exe (PID: 7112 cmdline: "C:\Users\user\Desktop\HmP9fn8NM9.exe" MD5: 1B4FA73741B1E40003326D8BED4B39DC)
    • HmP9fn8NM9.exe (PID: 5372 cmdline: "C:\Users\user\Desktop\HmP9fn8NM9.exe" MD5: 1B4FA73741B1E40003326D8BED4B39DC)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Antivirus detection for URL or domain
Source: https://palegreen-cheetah-217044.hostingersite.com/wp-content/uploads/2024/12/DebutMenus_nopump.exeAvira URL Cloud: Label: malware
Source: https://palegreen-cheetah-217044.hostingersite.com/wp-content/uploads/2024/12/truepepe-qt.exePAvira URL Cloud: Label: malware
Source: https://palegreen-cheetah-217044.hostingersite.com/wp-content/uploads/2024/12/DebutMenus_nopump.exeuAvira URL Cloud: Label: malware
Source: https://palegreen-cheetah-217044.hostingersite.com/wp-content/uploads/2024/12/truepepe-qt.exeAvira URL Cloud: Label: malware
Source: HmP9fn8NM9.exeStatic PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, GUARD_CF, TERMINAL_SERVER_AWARE
Source: Binary string: C:\Users\qt\work\qt\qtmultimedia\plugins\mediaservice\qtmedia_audioengine.pdb++ source: HmP9fn8NM9.exe, 00000000.00000003.2088769362.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtsvg\plugins\iconengines\qsvgicon.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2082299730.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtsensors\plugins\sensorgestures\qtsensorgestures_plugin.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2092707566.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtsvg\plugins\imageformats\qsvg.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2083140593.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtlocation\plugins\geoservices\qtgeoservices_itemsoverlay.pdb!! source: HmP9fn8NM9.exe, 00000000.00000003.2081574736.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtlocation\plugins\position\qtposition_serialnmea.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2091660715.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\_decimal.pdb## source: _decimal.pyd.0.dr
Source: Binary string: C:\Users\qt\work\qt\qtbase\plugins\generic\qtuiotouchplugin.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2080554093.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtserialport\lib\Qt5SerialPort.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2061176760.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtmultimedia\plugins\audio\qtaudio_wasapi.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2080183262.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\_lzma.pdbMM source: HmP9fn8NM9.exe, 00000003.00000002.2411561938.00007FF8B90EB000.00000002.00000001.01000000.00000010.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\plugins\imageformats\qico.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2082701841.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\_decimal.pdb source: _decimal.pyd.0.dr
Source: Binary string: C:\Users\qt\work\qt\qtmultimedia\plugins\mediaservice\qtmedia_audioengine.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2088769362.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtlocation\plugins\position\qtposition_positionpoll.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2091548479.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtlocation\plugins\position\qtposition_winrt.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2091792780.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtsensors\plugins\sensors\qtsensors_generic.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2092964019.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\plugins\bearer\qgenericbearer.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2080436480.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: d:\agent\_work\1\s\\binaries\amd64ret\bin\amd64\\vcruntime140_1.amd64.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2079370159.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtdeclarative\lib\Qt5QmlWorkerScript.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2051482997.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: @ compiler: cl /Zi /Fdossl_static.pdb /Gs0 /GF /Gy /MD /W3 /wd4090 /nologo /O2 -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAESNI_ASM -DVPAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASMOpenSSL 1.1.1t 7 Feb 2023built on: Thu Feb 9 15:27:40 2023 UTCplatform: VC-WIN64A-masmOPENSSLDIR: "C:\Program Files\Common Files\SSL"ENGINESDIR: "C:\Program Files\OpenSSL\lib\engines-1_1"not available source: HmP9fn8NM9.exe, 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmp
Source: Binary string: d:\a01\_work\12\s\\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb source: HmP9fn8NM9.exe, 00000003.00000002.2414086027.00007FF8BFBA1000.00000002.00000001.01000000.00000006.sdmp, VCRUNTIME140.dll.0.dr
Source: Binary string: D:\a\1\b\bin\amd64\_hashlib.pdb source: HmP9fn8NM9.exe, 00000003.00000002.2412256523.00007FF8B9F66000.00000002.00000001.01000000.0000000D.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtspeech\lib\Qt5TextToSpeech.pdb!! source: HmP9fn8NM9.exe, 00000000.00000003.2062173899.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\plugins\imageformats\qico.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2082701841.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qttools\lib\Qt5Help.pdbDD source: Qt5Help.dll.0.dr
Source: Binary string: C:\Users\qt\work\qt\qtbase\plugins\generic\qtuiotouchplugin.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2080554093.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\plugins\bearer\qgenericbearer.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2080436480.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\_lzma.pdb source: HmP9fn8NM9.exe, 00000003.00000002.2411561938.00007FF8B90EB000.00000002.00000001.01000000.00000010.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\_bz2.pdb source: HmP9fn8NM9.exe, 00000003.00000002.2412087895.00007FF8B93CD000.00000002.00000001.01000000.0000000F.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtlocation\plugins\geoservices\qtgeoservices_itemsoverlay.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2081574736.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\_socket.pdb source: HmP9fn8NM9.exe, 00000003.00000002.2413822315.00007FF8BFB78000.00000002.00000001.01000000.00000007.sdmp, _socket.pyd.0.dr
Source: Binary string: C:\Users\qt\work\qt\qtlocation\plugins\position\qtposition_serialnmea.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2091660715.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: d:\agent\_work\1\s\\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2079239753.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtimageformats\plugins\imageformats\qtiff.pdbBB source: HmP9fn8NM9.exe, 00000000.00000003.2083432073.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\plugins\platformthemes\qxdgdesktopportal.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2091175147.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\msvcp140.amd64.pdb source: MSVCP140.dll.0.dr
Source: Binary string: C:\Users\qt\work\qt\qtlocation\plugins\position\qtposition_winrt.pdb## source: HmP9fn8NM9.exe, 00000000.00000003.2091792780.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\unicodedata.pdb source: HmP9fn8NM9.exe, 00000003.00000002.2409006238.00007FF8A876C000.00000002.00000001.01000000.00000013.sdmp
Source: Binary string: d:\agent\_work\1\s\\binaries\amd64ret\bin\amd64\\msvcp140_1.amd64.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2072812860.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\msvcp140.amd64.pdbGCTL source: MSVCP140.dll.0.dr
Source: Binary string: C:\Users\qt\work\qt\qttools\lib\Qt5Help.pdb source: Qt5Help.dll.0.dr
Source: Binary string: C:\Users\qt\work\qt\qtmultimedia\plugins\audio\qtaudio_wasapi.pdb)) source: HmP9fn8NM9.exe, 00000000.00000003.2080183262.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtimageformats\plugins\imageformats\qtiff.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2083432073.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\plugins\imageformats\qgif.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2082426899.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\libssl-1_1.pdb@@ source: HmP9fn8NM9.exe, 00000003.00000002.2411840197.00007FF8B9176000.00000002.00000001.01000000.0000000B.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\plugins\printsupport\windowsprintersupport.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2091901895.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtquick3d\lib\Qt5Quick3DUtils.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2058146585.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: compiler: cl /Zi /Fdossl_static.pdb /Gs0 /GF /Gy /MD /W3 /wd4090 /nologo /O2 -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAESNI_ASM -DVPAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM source: HmP9fn8NM9.exe, 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtsensors\plugins\sensorgestures\qtsensorgestures_shakeplugin.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2092872120.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtimageformats\plugins\imageformats\qtga.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2083278098.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtmultimedia\plugins\audio\qtaudio_windows.pdb&& source: HmP9fn8NM9.exe, 00000000.00000003.2080316638.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qt3d\plugins\geometryloaders\defaultgeometryloader.pdb!! source: HmP9fn8NM9.exe, 00000000.00000003.2080799375.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtmultimedia\plugins\playlistformats\qtmultimedia_m3u.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2091399313.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtspeech\lib\Qt5TextToSpeech.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2062173899.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\libcrypto-1_1.pdb source: HmP9fn8NM9.exe, 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtsensors\plugins\sensorgestures\qtsensorgestures_plugin.pdb11 source: HmP9fn8NM9.exe, 00000000.00000003.2092707566.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtimageformats\plugins\imageformats\qicns.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2082564994.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\libssl-1_1.pdb source: HmP9fn8NM9.exe, 00000003.00000002.2411840197.00007FF8B9176000.00000002.00000001.01000000.0000000B.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\select.pdb source: HmP9fn8NM9.exe, 00000003.00000002.2413430495.00007FF8BFB63000.00000002.00000001.01000000.00000008.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtserialport\lib\Qt5SerialPort.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2061176760.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\python310.pdb source: HmP9fn8NM9.exe, 00000003.00000002.2410434371.00007FF8A8E1F000.00000002.00000001.01000000.00000005.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\_queue.pdb source: HmP9fn8NM9.exe, 00000003.00000002.2412990881.00007FF8BFB53000.00000002.00000001.01000000.0000000E.sdmp
Source: Binary string: C:\Users\qt\work\qt\qt3d\plugins\geometryloaders\gltfgeometryloader.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2081153367.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtmultimedia\plugins\audio\qtaudio_windows.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2080316638.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qt3d\plugins\geometryloaders\defaultgeometryloader.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2080799375.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtimageformats\plugins\imageformats\qwbmp.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2083945238.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\lib\libEGL.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2067965128.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\_ssl.pdb source: HmP9fn8NM9.exe, 00000003.00000002.2412429214.00007FF8BA50D000.00000002.00000001.01000000.00000009.sdmp, _ssl.pyd.0.dr
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774DA110 FindFirstFileExW,FindClose,0_2_00007FF7774DA110
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774D8E90 FindFirstFileW,RemoveDirectoryW,DeleteFileW,FindNextFileW,FindClose,RemoveDirectoryW,0_2_00007FF7774D8E90
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774F2704 _invalid_parameter_noinfo,FindFirstFileExW,FindNextFileW,FindClose,FindClose,0_2_00007FF7774F2704
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774DA110 FindFirstFileExW,FindClose,3_2_00007FF7774DA110
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774D8E90 FindFirstFileW,RemoveDirectoryW,DeleteFileW,FindNextFileW,FindClose,RemoveDirectoryW,3_2_00007FF7774D8E90
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774F2704 _invalid_parameter_noinfo,FindFirstFileExW,FindNextFileW,FindClose,FindClose,3_2_00007FF7774F2704
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A878322E _errno,malloc,_errno,MultiByteToWideChar,GetLastError,MultiByteToWideChar,MultiByteToWideChar,free,_errno,FindFirstFileW,_errno,FindNextFileW,WideCharToMultiByte,3_2_00007FF8A878322E
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile opened: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\EffectsJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile opened: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3DJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile opened: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5Jump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile opened: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qmlJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile opened: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5Jump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile opened: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designerJump to behavior
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficDNS traffic detected: DNS query: palegreen-cheetah-217044.hostingersite.com
Source: HmP9fn8NM9.exe, 00000003.00000002.2401424181.000001B1DE700000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://.../back.jpeg
Source: HmP9fn8NM9.exe, 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmp, _brotli.cp310-win_amd64.pyd.0.drString found in binary or memory: http://.css
Source: HmP9fn8NM9.exe, 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmp, _brotli.cp310-win_amd64.pyd.0.drString found in binary or memory: http://.jpg
Source: HmP9fn8NM9.exe, 00000000.00000003.2082132992.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://a.tile.thunderforest.com/landscape/%z/%x/%y.png
Source: HmP9fn8NM9.exe, 00000000.00000003.2082132992.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://a.tile.thunderforest.com/outdoors/%z/%x/%y.png
Source: HmP9fn8NM9.exe, 00000000.00000003.2082132992.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://a.tile.thunderforest.com/transport-dark/%z/%x/%y.png
Source: HmP9fn8NM9.exe, 00000000.00000003.2081705150.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://api.tiles.mapbox.com/v4/
Source: HmP9fn8NM9.exe, 00000000.00000003.2082132992.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://c.tile.opencyclemap.org/cycle/%z/%x/%y.png
Source: HmP9fn8NM9.exe, 00000000.00000003.2082132992.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://c.tile.openstreetmap.org/%z/%x/%y.png
Source: HmP9fn8NM9.exe, 00000000.00000003.2082132992.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://c.tile2.opencyclemap.org/transport/%z/%x/%y.png
Source: HmP9fn8NM9.exe, 00000000.00000003.2067965128.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredID
Source: HmP9fn8NM9.exe, 00000000.00000003.2061452200.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2048006420.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2039196341.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2043230731.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2091901895.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2081574736.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2083945238.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2092707566.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2081340730.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2082299730.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2179190957.000002024F4B4000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2084102219.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2080554093.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2053404409.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2092872120.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2088418034.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2057255476.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2051213407.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2062643177.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2088769362.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2064938784.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
Source: _decimal.pyd.0.dr, _socket.pyd.0.dr, _ssl.pyd.0.drString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E
Source: HmP9fn8NM9.exe, 00000000.00000003.2061452200.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2048006420.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2039196341.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2043230731.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2091901895.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2081574736.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2083945238.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2092707566.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2081340730.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2082299730.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2084102219.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2080554093.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2053404409.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2092872120.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2088418034.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2057255476.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2051213407.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2062643177.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2088769362.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2064938784.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2092357554.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDCodeSigningCA.crt0
Source: HmP9fn8NM9.exe, 00000000.00000003.2061452200.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2048006420.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2039196341.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2043230731.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2091901895.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2081574736.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2083945238.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2092707566.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2081340730.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2082299730.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2084102219.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2080554093.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2053404409.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2092872120.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2088418034.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2057255476.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2051213407.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2062643177.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2088769362.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2064938784.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2092357554.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDTimestampingCA.crt0
Source: _decimal.pyd.0.dr, _socket.pyd.0.dr, _ssl.pyd.0.drString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crt0
Source: _decimal.pyd.0.dr, _socket.pyd.0.dr, _ssl.pyd.0.drString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
Source: _decimal.pyd.0.dr, _socket.pyd.0.dr, _ssl.pyd.0.drString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
Source: HmP9fn8NM9.exe, 00000003.00000003.2388951498.000001B1DDF19000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387346478.000001B1DDF11000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2389028019.000001B1DDF1B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://code.activestate.com/recipes/577452-a-memoize-decorator-for-instance-methods/
Source: HmP9fn8NM9.exe, 00000003.00000003.2386039661.000001B1DEA30000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384955717.000001B1DEA22000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2383619216.000001B1DE9E7000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2406942901.000001B1DEA39000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.certigna.fr/certignarootca.crl01
Source: HmP9fn8NM9.exe, 00000003.00000003.2387346478.000001B1DDF57000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2388003331.000001B1DDF5C000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2388123600.000001B1DE3AB000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384108441.000001B1DE3A7000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2398365399.000001B1DDF91000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2389701855.000001B1DE3AF000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2389004041.000001B1DDF90000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2394751104.000001B1DE3AF000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387506599.000001B1DDF5A000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2390933747.000001B1DDF91000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386684419.000001B1DE3A7000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2388240887.000001B1DDF73000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl06
Source: HmP9fn8NM9.exe, 00000003.00000003.2386196107.000001B1DE989000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2383832932.000001B1DE980000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2404852642.000001B1DE98C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.comodoca.com/COMODOCertificationAuthority.crl
Source: HmP9fn8NM9.exe, 00000003.00000003.2387288897.000001B1DDF97000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2391988143.000001B1DDF99000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2388003331.000001B1DDF98000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.comodoca.com/COMODOCertificationAuthority.crl0
Source: HmP9fn8NM9.exe, 00000003.00000002.2406942901.000001B1DEA39000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.dhimyotis.com/certignarootca.crl
Source: HmP9fn8NM9.exe, 00000003.00000002.2396693199.000001B1DBEBA000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2392360626.000001B1DBEAD000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387316174.000001B1DBEAC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387107134.000001B1DBEAA000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2393083325.000001B1DBEB7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.securetrust.com/SGCA.crl
Source: HmP9fn8NM9.exe, 00000003.00000003.2384281246.000001B1DE990000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2385196511.000001B1DE99B000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2383832932.000001B1DE980000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384590210.000001B1DE992000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.securetrust.com/SGCA.crl0
Source: HmP9fn8NM9.exe, 00000003.00000002.2396693199.000001B1DBEBA000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2392360626.000001B1DBEAD000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387316174.000001B1DBEAC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387107134.000001B1DBEAA000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2393083325.000001B1DBEB7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.securetrust.com/SGCA.crlce
Source: HmP9fn8NM9.exe, 00000003.00000002.2396693199.000001B1DBEBA000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2392360626.000001B1DBEAD000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387316174.000001B1DBEAC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387107134.000001B1DBEAA000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2393083325.000001B1DBEB7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.securetrust.com/STCA.crl
Source: HmP9fn8NM9.exe, 00000003.00000003.2384281246.000001B1DE990000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2385196511.000001B1DE99B000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2383832932.000001B1DE980000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384590210.000001B1DE992000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2385453218.000001B1DE99C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.securetrust.com/STCA.crl0
Source: HmP9fn8NM9.exe, 00000003.00000002.2396693199.000001B1DBEBA000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2392360626.000001B1DBEAD000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387316174.000001B1DBEAC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387107134.000001B1DBEAA000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2393083325.000001B1DBEB7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.securetrust.com/STCA.crlxD
Source: HmP9fn8NM9.exe, 00000003.00000002.2396693199.000001B1DBEBA000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2392360626.000001B1DBEAD000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387316174.000001B1DBEAC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387107134.000001B1DBEAA000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2393083325.000001B1DBEB7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.xrampsecurity.com/XGCA.crl
Source: HmP9fn8NM9.exe, 00000003.00000003.2384108441.000001B1DE3A7000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386556582.000001B1DE3B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.xrampsecurity.com/XGCA.crl0
Source: _decimal.pyd.0.dr, _socket.pyd.0.dr, _ssl.pyd.0.drString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0
Source: HmP9fn8NM9.exe, 00000000.00000003.2061452200.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2048006420.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2039196341.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2043230731.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2091901895.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2081574736.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2083945238.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2092707566.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2081340730.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2082299730.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2084102219.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2080554093.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2053404409.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2092872120.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2088418034.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2057255476.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2051213407.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2062643177.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2088769362.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2064938784.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2092357554.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0O
Source: HmP9fn8NM9.exe, 00000000.00000003.2061452200.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2048006420.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2039196341.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2043230731.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2091901895.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2081574736.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2083945238.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2092707566.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2081340730.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2082299730.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2179190957.000002024F4B4000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2084102219.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2080554093.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2053404409.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2092872120.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2088418034.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2057255476.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2051213407.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2062643177.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2088769362.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2064938784.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0P
Source: _decimal.pyd.0.dr, _socket.pyd.0.dr, _ssl.pyd.0.drString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0S
Source: _decimal.pyd.0.dr, _socket.pyd.0.dr, _ssl.pyd.0.drString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
Source: _ssl.pyd.0.drString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
Source: HmP9fn8NM9.exe, 00000000.00000003.2061452200.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2048006420.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2039196341.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2043230731.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2091901895.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2081574736.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2083945238.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2092707566.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2081340730.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2082299730.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2179190957.000002024F4B4000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2084102219.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2080554093.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2053404409.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2092872120.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2088418034.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2057255476.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2051213407.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2062643177.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2088769362.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2064938784.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/sha2-assured-cs-g1.crl05
Source: HmP9fn8NM9.exe, 00000000.00000003.2084102219.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/sha2-assured-ts.crl
Source: HmP9fn8NM9.exe, 00000000.00000003.2061452200.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2048006420.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2039196341.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2043230731.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2091901895.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2081574736.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2083945238.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2092707566.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2081340730.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2082299730.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2084102219.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2080554093.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2053404409.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2092872120.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2088418034.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2057255476.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2051213407.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2062643177.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2088769362.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2064938784.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2092357554.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/sha2-assured-ts.crl02
Source: HmP9fn8NM9.exe, 00000000.00000003.2065447551.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert
Source: HmP9fn8NM9.exe, 00000000.00000003.2080799375.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/D
Source: HmP9fn8NM9.exe, 00000000.00000003.2051482997.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/Digi
Source: HmP9fn8NM9.exe, 00000000.00000003.2061452200.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2048006420.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2039196341.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2043230731.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2091901895.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2081574736.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2083945238.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2092707566.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2081340730.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2082299730.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2179190957.000002024F4B4000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2084102219.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2080554093.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2053404409.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2092872120.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2088418034.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2057255476.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2051213407.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2062643177.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2088769362.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2064938784.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
Source: _decimal.pyd.0.dr, _socket.pyd.0.dr, _ssl.pyd.0.drString found in binary or memory: http://crl4.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0
Source: HmP9fn8NM9.exe, 00000000.00000003.2061452200.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2048006420.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2039196341.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2043230731.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2091901895.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2081574736.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2083945238.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2092707566.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2081340730.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2082299730.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2179190957.000002024F4B4000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2084102219.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2080554093.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2053404409.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2092872120.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2088418034.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2057255476.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2051213407.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2062643177.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2088769362.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2064938784.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0L
Source: HmP9fn8NM9.exe, 00000000.00000003.2061452200.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2048006420.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2039196341.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2043230731.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2091901895.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2081574736.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2083945238.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2092707566.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2081340730.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2082299730.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2084102219.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2080554093.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2053404409.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2092872120.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2088418034.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2057255476.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2051213407.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2062643177.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2088769362.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2064938784.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2092357554.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/sha2-assured-ts.crl0
Source: HmP9fn8NM9.exe, 00000003.00000002.2401424181.000001B1DE7E4000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://curl.haxx.se/rfc/cookie_spec.html
Source: HmP9fn8NM9.exe, 00000000.00000003.2081340730.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://geocode.arcgis.com/arcgis/rest/services/World/GeocodeServer/findAddressCandidates
Source: HmP9fn8NM9.exe, 00000000.00000003.2081340730.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://geocode.arcgis.com/arcgis/rest/services/World/GeocodeServer/reverseGeocode
Source: HmP9fn8NM9.exe, 00000000.00000002.2422163133.000002024F4CA000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2390251415.000001B1DE395000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2395155000.000001B1DE395000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386935427.000001B1DE395000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384108441.000001B1DE393000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://google.com/
Source: HmP9fn8NM9.exe, 00000000.00000002.2422163133.000002024F4CA000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2390251415.000001B1DE395000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2395155000.000001B1DE395000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386935427.000001B1DE395000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384108441.000001B1DE393000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://google.com/mail/
Source: HmP9fn8NM9.exe, 00000003.00000003.2390216550.000001B1DE365000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384387931.000001B1DE34D000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386761009.000001B1DE34D000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2385039002.000001B1DE34D000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387138082.000001B1DE34E000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2389475496.000001B1DE35B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://hg.python.org/cpython/file/603b4d593758/Lib/socket.py#l535
Source: HmP9fn8NM9.exe, 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmp, _brotli.cp310-win_amd64.pyd.0.drString found in binary or memory: http://html4/loose.dtd
Source: HmP9fn8NM9.exe, 00000000.00000003.2082132992.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://maps-redirect.qt.io/osm/5.8/
Source: HmP9fn8NM9.exe, 00000000.00000003.2082132992.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://nominatim.openstreetmap.org/search
Source: HmP9fn8NM9.exe, 00000003.00000003.2386156508.000001B1DE9F0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.accv.es
Source: HmP9fn8NM9.exe, 00000003.00000003.2383832932.000001B1DE9A2000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384590210.000001B1DE9A2000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384694862.000001B1DE9B2000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384724844.000001B1DE9BD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.accv.es0
Source: _decimal.pyd.0.dr, _socket.pyd.0.dr, _ssl.pyd.0.drString found in binary or memory: http://ocsp.digicert.com0
Source: _decimal.pyd.0.dr, _socket.pyd.0.dr, _ssl.pyd.0.drString found in binary or memory: http://ocsp.digicert.com0A
Source: HmP9fn8NM9.exe, 00000000.00000003.2061452200.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2048006420.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2039196341.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2043230731.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2091901895.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2081574736.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2083945238.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2092707566.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2081340730.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2082299730.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2179190957.000002024F4B4000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2084102219.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2080554093.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2053404409.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2092872120.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2088418034.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2057255476.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2051213407.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2062643177.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2088769362.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2064938784.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0C
Source: HmP9fn8NM9.exe, 00000000.00000003.2061452200.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2048006420.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2039196341.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2043230731.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2091901895.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2081574736.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2083945238.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2092707566.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2081340730.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2082299730.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2084102219.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2080554093.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2053404409.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2092872120.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2088418034.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2057255476.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2051213407.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2062643177.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2088769362.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2064938784.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2092357554.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0N
Source: HmP9fn8NM9.exe, 00000000.00000003.2061452200.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2048006420.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2039196341.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2043230731.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2091901895.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2081574736.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2083945238.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2092707566.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2081340730.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2082299730.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2084102219.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2080554093.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2053404409.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2092872120.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2088418034.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2057255476.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2051213407.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2062643177.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2088769362.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2064938784.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2092357554.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0O
Source: _decimal.pyd.0.dr, _socket.pyd.0.dr, _ssl.pyd.0.drString found in binary or memory: http://ocsp.digicert.com0X
Source: HmP9fn8NM9.exe, 00000003.00000003.2395651640.000001B1DE970000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2402927206.000001B1DE920000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386196107.000001B1DE989000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2383832932.000001B1DE960000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387609233.000001B1DE960000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2395033297.000001B1DE966000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2404274166.000001B1DE974000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2383832932.000001B1DE980000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2404852642.000001B1DE98C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://repository.swisssign.com/
Source: HmP9fn8NM9.exe, 00000000.00000003.2081340730.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://route.arcgis.com/arcgis/rest/services/World/Route/NAServer/Route_World/solve
Source: HmP9fn8NM9.exe, 00000000.00000003.2082132992.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://router.project-osrm.org/route/v1/driving/
Source: HmP9fn8NM9.exe, 00000003.00000002.2401283903.000001B1DE634000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://tools.ietf.org/html/rfc6125#section-6.4.3
Source: HmP9fn8NM9.exe, 00000000.00000003.2082132992.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://wiki.openstreetmap.org/wiki/Special:Export/Nominatim/Special_Phrases/
Source: HmP9fn8NM9.exe, 00000003.00000003.2385327265.000001B1DE9F0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2383832932.000001B1DE9A2000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2383619216.000001B1DE9E7000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384590210.000001B1DE9A2000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2385172266.000001B1DE9EF000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386156508.000001B1DE9F0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384694862.000001B1DE9B2000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384724844.000001B1DE9BD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1.crt0
Source: HmP9fn8NM9.exe, 00000003.00000003.2384387931.000001B1DE34D000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386761009.000001B1DE34D000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2385039002.000001B1DE34D000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387138082.000001B1DE34E000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2399566393.000001B1DE34F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1_der.crl
Source: HmP9fn8NM9.exe, 00000003.00000003.2383832932.000001B1DE9A2000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384590210.000001B1DE9A2000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384694862.000001B1DE9B2000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384724844.000001B1DE9BD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1_der.crl0
Source: HmP9fn8NM9.exe, 00000003.00000003.2383832932.000001B1DE9A2000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384590210.000001B1DE9A2000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2385284981.000001B1DE9BA000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384694862.000001B1DE9B2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.accv.es/legislacion_c.htm
Source: HmP9fn8NM9.exe, 00000003.00000003.2383832932.000001B1DE9A2000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384590210.000001B1DE9A2000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384694862.000001B1DE9B2000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384724844.000001B1DE9BD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.accv.es/legislacion_c.htm0U
Source: HmP9fn8NM9.exe, 00000003.00000003.2383832932.000001B1DE9A2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.accv.es/legislacion_c.htmdv
Source: HmP9fn8NM9.exe, 00000003.00000003.2383832932.000001B1DE9A2000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384590210.000001B1DE9A2000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2385284981.000001B1DE9BA000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384694862.000001B1DE9B2000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384724844.000001B1DE9BD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.accv.es00
Source: HmP9fn8NM9.exe, 00000003.00000003.2394905674.000001B1DEA0D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.cert.fnmt.es/dpcs/
Source: HmP9fn8NM9.exe, 00000003.00000003.2383619216.000001B1DE9E7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.cert.fnmt.es/dpcs/Av
Source: datetime.pyc.0.drString found in binary or memory: http://www.cl.cam.ac.uk/~mgk25/iso-time.html
Source: _decimal.pyd.0.dr, _socket.pyd.0.dr, _ssl.pyd.0.drString found in binary or memory: http://www.digicert.com/CPS0
Source: HmP9fn8NM9.exe, 00000003.00000003.2389287647.000001B1DDEC2000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2407045349.000001B1DEA41000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2388657718.000001B1DDEC1000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386500459.000001B1DEA41000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2383619216.000001B1DE9E7000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384815102.000001B1DEA3C000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2391548514.000001B1DDEC5000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386039661.000001B1DEA41000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2393980437.000001B1DDEE2000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2391950337.000001B1DDEDB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.firmaprofesional.com/cps0
Source: QtHelpmod.sip.0.dr, qgraphicstransform.sip.0.dr, qaudioinput.sip.0.dr, qgesturerecognizer.sip.0.dr, qdom.sip.0.dr, QtWebSockets.pyi.0.dr, qwidgetaction.sip.0.dr, QtQuick.pyi.0.dr, qprogressdialog.sip.0.dr, qgraphicsanchorlayout.sip.0.dr, qgeocodingmanager.sip.0.dr, qcameraimagecapturecontrol.sip.0.dr, qabstracturiresolver.sip.0.dr, qundoview.sip.0.dr, qwinthumbnailtoolbutton.sip.0.dr, qhelpsearchengine.sip.0.dr, QtCore.pyi.0.dr, qcameralockscontrol.sip.0.dr, QtSql.pyi.0.dr, qcamerainfocontrol.sip.0.dr, qplacesearchreply.sip.0.drString found in binary or memory: http://www.gnu.org/copyleft/gpl.html.
Source: SwipeDelegate.qml.0.dr, ScrollViewSpecifics.qml.0.dr, Menu.qml1.0.dr, TabBarSpecifics.qml.0.dr, SwitchIndicator.qml.0.dr, SplitView.qml.0.dr, MenuItem.qml0.0.dr, ProgressBar.qml.0.dr, VerticalHeaderView.qml0.0.dr, RadioDelegate.qml.0.dr, CheckBoxSpecifics.qml.0.dr, PageSpecifics.qml.0.dr, TabButton.qml1.0.dr, ToolButton.qml0.0.dr, TextArea.qml0.0.dr, TextFieldSpecifics.qml.0.dr, Switch.qml2.0.dr, RoundButton.qml.0.dr, GroupBox.qml.0.dr, SwitchSpecifics.qml.0.dr, InsetSection.qml.0.drString found in binary or memory: http://www.gnu.org/licenses/gpl-2.0.html.
Source: HmP9fn8NM9.exe, 00000003.00000003.2388326939.000001B1DE309000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2399401277.000001B1DE313000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384387931.000001B1DE305000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2390722841.000001B1DE313000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2390343730.000001B1DE311000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2389969072.000001B1DE30C000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2385039002.000001B1DE306000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-6
Source: datetime.pyc.0.drString found in binary or memory: http://www.iana.org/time-zones/repository/tz-link.html
Source: qtlocation_uk.qm.0.drString found in binary or memory: http://www.mapquest.com/
Source: HmP9fn8NM9.exeString found in binary or memory: http://www.opensource.org/licenses/mit-license.ph
Source: HmP9fn8NM9.exeString found in binary or memory: http://www.opensource.org/licenses/mit-license.php.H
Source: HmP9fn8NM9.exe, 00000000.00000003.2071546388.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2079040959.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.openssl.org/V
Source: qtlocation_uk.qm.0.drString found in binary or memory: http://www.openstreetmap.org/copyright
Source: datetime.pyc.0.drString found in binary or memory: http://www.phys.uu.nl/~vgent/calendar/isocalendar.htm
Source: HmP9fn8NM9.exe, 00000000.00000003.2098203526.000002024F4B3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.qt-project.org/legal
Source: SwipeDelegate.qml.0.dr, ScrollViewSpecifics.qml.0.dr, Menu.qml1.0.dr, TabBarSpecifics.qml.0.dr, SwitchIndicator.qml.0.dr, SplitView.qml.0.dr, MenuItem.qml0.0.dr, ProgressBar.qml.0.dr, VerticalHeaderView.qml0.0.dr, RadioDelegate.qml.0.dr, CheckBoxSpecifics.qml.0.dr, PageSpecifics.qml.0.dr, TabButton.qml1.0.dr, ToolButton.qml0.0.dr, TextArea.qml0.0.dr, TextFieldSpecifics.qml.0.dr, Switch.qml2.0.dr, RoundButton.qml.0.dr, GroupBox.qml.0.dr, SwitchSpecifics.qml.0.dr, InsetSection.qml.0.drString found in binary or memory: http://www.qt.io/contact-us.
Source: SwipeDelegate.qml.0.dr, ScrollViewSpecifics.qml.0.dr, Menu.qml1.0.dr, TabBarSpecifics.qml.0.dr, SwitchIndicator.qml.0.dr, SplitView.qml.0.dr, MenuItem.qml0.0.dr, ProgressBar.qml.0.dr, VerticalHeaderView.qml0.0.dr, RadioDelegate.qml.0.dr, CheckBoxSpecifics.qml.0.dr, PageSpecifics.qml.0.dr, TabButton.qml1.0.dr, ToolButton.qml0.0.dr, TextArea.qml0.0.dr, TextFieldSpecifics.qml.0.dr, Switch.qml2.0.dr, RoundButton.qml.0.dr, GroupBox.qml.0.dr, SwitchSpecifics.qml.0.dr, InsetSection.qml.0.drString found in binary or memory: http://www.qt.io/licensing/
Source: SwipeDelegate.qml.0.dr, ScrollViewSpecifics.qml.0.dr, Menu.qml1.0.dr, TabBarSpecifics.qml.0.dr, SwitchIndicator.qml.0.dr, SplitView.qml.0.dr, MenuItem.qml0.0.dr, ProgressBar.qml.0.dr, VerticalHeaderView.qml0.0.dr, RadioDelegate.qml.0.dr, CheckBoxSpecifics.qml.0.dr, PageSpecifics.qml.0.dr, TabButton.qml1.0.dr, ToolButton.qml0.0.dr, TextArea.qml0.0.dr, TextFieldSpecifics.qml.0.dr, Switch.qml2.0.dr, RoundButton.qml.0.dr, GroupBox.qml.0.dr, SwitchSpecifics.qml.0.dr, InsetSection.qml.0.drString found in binary or memory: http://www.qt.io/terms-conditions.
Source: HmP9fn8NM9.exe, 00000003.00000003.2387548530.000001B1DDEE7000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387891656.000001B1DDEF7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.quovadisglobal.com/cps
Source: HmP9fn8NM9.exe, 00000003.00000002.2404049197.000001B1DE96E000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2396097098.000001B1DE96C000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2383832932.000001B1DE960000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387609233.000001B1DE960000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2395033297.000001B1DE966000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.quovadisglobal.com/cps0
Source: qtlocation_uk.qm.0.drString found in binary or memory: http://www.thunderforest.com/
Source: HmP9fn8NM9.exe, 00000003.00000003.2384108441.000001B1DE3A7000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386966163.000001B1DE3B6000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2393595650.000001B1DE3E3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2389145181.000001B1DE3B8000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387750983.000001B1DE3B8000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386556582.000001B1DE3B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://wwwsearch.sf.net/):
Source: HmP9fn8NM9.exe, 00000000.00000003.2081705150.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.mapbox.com/directions/v5/mapbox/
Source: HmP9fn8NM9.exe, 00000000.00000003.2081705150.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.mapbox.com/geocoding/v5/mapbox.places-permanent/
Source: HmP9fn8NM9.exe, 00000000.00000003.2081705150.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.mapbox.com/geocoding/v5/mapbox.places/
Source: qtlocation_uk.qm.0.drString found in binary or memory: https://developer.here.com/
Source: qtlocation_pl.qm.0.drString found in binary or memory: https://developers.arcgis.com/authentication/accessing-arcgis-online-services/
Source: HmP9fn8NM9.exe, 00000003.00000003.2307267517.000001B1DBEDC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2307237019.000001B1DBF0D000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2397410047.000001B1DDB60000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://docs.python.org/3/library/importlib.html#importlib.abc.ExecutionLoader.get_filename
Source: HmP9fn8NM9.exe, 00000003.00000003.2307267517.000001B1DBEDC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2307237019.000001B1DBF0D000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2397410047.000001B1DDBEC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://docs.python.org/3/library/importlib.html#importlib.abc.InspectLoader.get_code
Source: HmP9fn8NM9.exe, 00000003.00000003.2307267517.000001B1DBEDC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2307237019.000001B1DBF0D000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2397410047.000001B1DDB60000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://docs.python.org/3/library/importlib.html#importlib.abc.InspectLoader.get_source
Source: HmP9fn8NM9.exe, 00000003.00000003.2307267517.000001B1DBEDC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2307237019.000001B1DBF0D000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2397410047.000001B1DDBEC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://docs.python.org/3/library/importlib.html#importlib.abc.InspectLoader.is_package
Source: HmP9fn8NM9.exe, 00000003.00000003.2307267517.000001B1DBEDC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2307237019.000001B1DBF0D000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2397410047.000001B1DDBEC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://docs.python.org/3/library/importlib.html#importlib.abc.Loader.create_module
Source: HmP9fn8NM9.exe, 00000003.00000003.2307267517.000001B1DBEDC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2307237019.000001B1DBF0D000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2397410047.000001B1DDBEC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://docs.python.org/3/library/importlib.html#importlib.abc.Loader.exec_module
Source: HmP9fn8NM9.exe, 00000003.00000003.2307267517.000001B1DBEDC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2307237019.000001B1DBF0D000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2397410047.000001B1DDB60000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://docs.python.org/3/library/importlib.html#importlib.abc.MetaPathFinder.invalidate_caches
Source: HmP9fn8NM9.exe, 00000003.00000003.2307267517.000001B1DBEDC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2307237019.000001B1DBF0D000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2397410047.000001B1DDBEC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://docs.python.org/3/library/importlib.html#importlib.abc.PathEntryFinder.find_spec
Source: HmP9fn8NM9.exe, 00000003.00000003.2386866835.000001B1DBEC3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2392073916.000001B1DBEDC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2389757101.000001B1DBED0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2307267517.000001B1DBEDC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2307237019.000001B1DBF0D000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2396876851.000001B1DBEE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://docs.python.org/3/library/importlib.html#importlib.abc.ResourceLoader.get_data
Source: HmP9fn8NM9.exe, 00000003.00000002.2398457170.000001B1DE0A0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://foss.heptapod.net/pypy/pypy/-/issues/3539
Source: HmP9fn8NM9.exe, 00000003.00000003.2387548530.000001B1DDEE7000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2392683448.000001B1DDEFD000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2391849015.000001B1DDEFD000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2397925328.000001B1DDEFD000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2393980437.000001B1DDEFD000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387891656.000001B1DDEF7000.00000004.00000020.00020000.00000000.sdmp, __init__.pyc.0.drString found in binary or memory: https://github.com/Ousret/charset_normalizer
Source: HmP9fn8NM9.exe, 00000003.00000003.2388069537.000001B1DBF07000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386866835.000001B1DBEC3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2392073916.000001B1DBEDC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2389757101.000001B1DBED0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2392953988.000001B1DBF09000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2307267517.000001B1DBEDC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2307237019.000001B1DBF0D000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2392017419.000001B1DBF09000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2307267517.000001B1DBF01000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2397071579.000001B1DBF09000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387082081.000001B1DBF06000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/Unidata/MetPy/blob/a3424de66a44bf3a92b0dcacf4dff82ad7b86712/src/metpy/plots/wx_sy
Source: HmP9fn8NM9.exe, 00000003.00000002.2407780791.000001B1DED60000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://github.com/psf/requests/pull/6710
Source: HmP9fn8NM9.exe, 00000003.00000003.2307237019.000001B1DBF0D000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2397410047.000001B1DDBEC000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://github.com/python/cpython/blob/3.9/Lib/importlib/_bootstrap_external.py#L679-L688
Source: HmP9fn8NM9.exe, 00000003.00000003.2387082081.000001B1DBF06000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/python/cpython/blob/839d7893943782ee803536a47f1d4de160314f85/Lib/importlib/abc.py
Source: HmP9fn8NM9.exe, 00000003.00000003.2388069537.000001B1DBF07000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386866835.000001B1DBEC3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2392073916.000001B1DBEDC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2389757101.000001B1DBED0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2392953988.000001B1DBF09000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2307267517.000001B1DBEDC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2307237019.000001B1DBF0D000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2392017419.000001B1DBF09000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2307267517.000001B1DBF01000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2397071579.000001B1DBF09000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387082081.000001B1DBF06000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/python/cpython/blob/839d7893943782ee803536a47f1d4de160314f85/Lib/importlib/reader
Source: HmP9fn8NM9.exe, 00000003.00000003.2388069537.000001B1DBF07000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386866835.000001B1DBEC3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2392073916.000001B1DBEDC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2389757101.000001B1DBED0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2392953988.000001B1DBF09000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2307267517.000001B1DBEDC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2307237019.000001B1DBF0D000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2392017419.000001B1DBF09000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2307267517.000001B1DBF01000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2397071579.000001B1DBF09000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387082081.000001B1DBF06000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/tensorflow/datasets/blob/master/tensorflow_datasets/core/utils/resource_utils.py#
Source: HmP9fn8NM9.exe, 00000003.00000002.2398457170.000001B1DE0A0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://github.com/urllib3/urllib3/issues/2192#issuecomment-821832963
Source: HmP9fn8NM9.exe, 00000003.00000003.2388326939.000001B1DE309000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384387931.000001B1DE305000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2390343730.000001B1DE311000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2389969072.000001B1DE30C000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2385039002.000001B1DE306000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/urllib3/urllib3/issues/2513#issuecomment-1152559900.
Source: HmP9fn8NM9.exe, 00000003.00000002.2401096981.000001B1DE520000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://github.com/urllib3/urllib3/issues/2920
Source: HmP9fn8NM9.exe, 00000003.00000002.2401283903.000001B1DE634000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://github.com/urllib3/urllib3/issues/3290
Source: HmP9fn8NM9.exe, 00000003.00000002.2401283903.000001B1DE634000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://github.com/urllib3/urllib3/issues/32902b3
Source: HmP9fn8NM9.exe, 00000003.00000003.2386556582.000001B1DE3B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2393595650.000001B1DE3E9000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2398814320.000001B1DE2A0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://google.com/
Source: HmP9fn8NM9.exe, 00000003.00000003.2389145181.000001B1DE3E9000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384108441.000001B1DE3A7000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2388403528.000001B1DE3E7000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386966163.000001B1DE3B6000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387750983.000001B1DE3B8000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2400312578.000001B1DE3E9000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386556582.000001B1DE3B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2393595650.000001B1DE3E9000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2398814320.000001B1DE2A0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://google.com/mail
Source: HmP9fn8NM9.exe, 00000003.00000003.2389475496.000001B1DE35B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://google.com/mail/
Source: HmP9fn8NM9.exe, 00000003.00000003.2309174886.000001B1DDF15000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387288897.000001B1DDF97000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2391988143.000001B1DDF99000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2388003331.000001B1DDF98000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://html.spec.whatwg.org/multipage/
Source: HmP9fn8NM9.exe, 00000003.00000003.2386556582.000001B1DE3B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://httpbin.org/
Source: HmP9fn8NM9.exe, 00000003.00000002.2401424181.000001B1DE7E4000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://httpbin.org/get
Source: HmP9fn8NM9.exe, 00000003.00000003.2387346478.000001B1DDF57000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2388003331.000001B1DDF5C000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2309174886.000001B1DDF15000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2398207802.000001B1DDF61000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387506599.000001B1DDF5A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://httpbin.org/post
Source: HmP9fn8NM9.exe, 00000003.00000003.2386556582.000001B1DE3B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://json.org
Source: HmP9fn8NM9.exe, 00000003.00000003.2387346478.000001B1DDF57000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387506599.000001B1DDF5A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://mahler:8092/site-updates.py
Source: HmP9fn8NM9.exe, 00000000.00000003.2082132992.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://nominatim.openstreetmap.org
Source: HmP9fn8NM9.exe, 00000003.00000002.2398592765.000001B1DE1A0000.00000004.00001000.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2401283903.000001B1DE634000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://packaging.python.org/specifications/entry-points/
Source: HmP9fn8NM9.exe, 00000003.00000002.2397564694.000001B1DDC60000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://palegreen-cheetah-217044.hostingersite.com/wp-content/uploads/2024/12/DebutMenus_nopump.exe
Source: HmP9fn8NM9.exe, 00000003.00000002.2397564694.000001B1DDC60000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://palegreen-cheetah-217044.hostingersite.com/wp-content/uploads/2024/12/DebutMenus_nopump.exeu
Source: HmP9fn8NM9.exe, 00000003.00000002.2397564694.000001B1DDC60000.00000004.00001000.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2398457170.000001B1DE0A0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://palegreen-cheetah-217044.hostingersite.com/wp-content/uploads/2024/12/truepepe-qt.exe
Source: HmP9fn8NM9.exe, 00000003.00000002.2398457170.000001B1DE0A0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://palegreen-cheetah-217044.hostingersite.com/wp-content/uploads/2024/12/truepepe-qt.exeP
Source: HmP9fn8NM9.exe, 00000003.00000002.2410434371.00007FF8A8E1F000.00000002.00000001.01000000.00000005.sdmpString found in binary or memory: https://python.org/dev/peps/pep-0263/
Source: HmP9fn8NM9.exe, 00000003.00000002.2402098323.000001B1DE868000.00000004.00001000.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387346478.000001B1DDF57000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2388003331.000001B1DDF5C000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2309174886.000001B1DDF15000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387506599.000001B1DDF5A000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2393663565.000001B1DDF72000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://requests.readthedocs.io
Source: HmP9fn8NM9.exe, 00000003.00000003.2387548530.000001B1DDEE7000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387891656.000001B1DDEF7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/rfc2388#section-4.4
Source: HmP9fn8NM9.exe, 00000003.00000003.2384108441.000001B1DE3A7000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386966163.000001B1DE3B6000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386396514.000001B1DE48A000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2383767614.000001B1DE483000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386556582.000001B1DE3B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://twitter.com/
Source: HmP9fn8NM9.exe, 00000003.00000002.2398592765.000001B1DE1A0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#https-proxy-error-http-proxy
Source: HmP9fn8NM9.exe, 00000003.00000002.2401096981.000001B1DE520000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#tls-warnings
Source: HmP9fn8NM9.exe, 00000003.00000002.2401096981.000001B1DE520000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#tls-warningsp
Source: HmP9fn8NM9.exe, 00000000.00000003.2061452200.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2048006420.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2039196341.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2043230731.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2091901895.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2081574736.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2083945238.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2092707566.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2081340730.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2082299730.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2179190957.000002024F4B4000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2084102219.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2080554093.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2053404409.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2092872120.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2088418034.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2057255476.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2051213407.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2062643177.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2088769362.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2064938784.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.digicert.com/CPS0
Source: HmP9fn8NM9.exe, 00000000.00000003.2097067636.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095421515.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2097302255.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2096945404.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095213985.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095955986.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2179190957.000002024F4B4000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2096484093.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2101740506.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2099993202.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2099826184.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095719683.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2100210898.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2096837635.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095312977.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2097231899.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2099394407.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095853710.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2098203526.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2096288852.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2098493240.000002024F4B3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.gnu.org/licenses/gpl-2.0.html
Source: HmP9fn8NM9.exe, 00000000.00000003.2097067636.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095421515.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2097302255.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2096945404.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095213985.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095955986.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2179190957.000002024F4B4000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2106478718.000002024F4B5000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2106478718.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2096484093.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2106336866.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2101740506.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2106336866.000002024F4B5000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2099993202.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2099826184.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095719683.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2106170519.000002024F4B5000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2100210898.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2096837635.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095312977.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2097231899.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.gnu.org/licenses/gpl-3.0.html.
Source: HmP9fn8NM9.exe, 00000000.00000003.2097067636.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095421515.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2097302255.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2096945404.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095213985.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095955986.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2179190957.000002024F4B4000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2096484093.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2101740506.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2099993202.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2099826184.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095719683.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2100210898.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2096837635.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095312977.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2097231899.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2099394407.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095853710.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2098203526.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2096288852.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2098493240.000002024F4B3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.gnu.org/licenses/lgpl-3.0.html.
Source: SwipeDelegate.qml.0.dr, ScrollViewSpecifics.qml.0.dr, Menu.qml1.0.dr, TabBarSpecifics.qml.0.dr, SwitchIndicator.qml.0.dr, SplitView.qml.0.dr, MenuItem.qml0.0.dr, ProgressBar.qml.0.dr, VerticalHeaderView.qml0.0.dr, RadioDelegate.qml.0.dr, CheckBoxSpecifics.qml.0.dr, PageSpecifics.qml.0.dr, TabButton.qml1.0.dr, ToolButton.qml0.0.dr, TextArea.qml0.0.dr, TextFieldSpecifics.qml.0.dr, Switch.qml2.0.dr, RoundButton.qml.0.dr, GroupBox.qml.0.dr, SwitchSpecifics.qml.0.dr, InsetSection.qml.0.drString found in binary or memory: https://www.gnu.org/licenses/lgpl.html.
Source: qtlocation_uk.qm.0.drString found in binary or memory: https://www.mapbox.com
Source: qtlocation_pl.qm.0.drString found in binary or memory: https://www.mapbox.com.
Source: HmP9fn8NM9.exe, 00000000.00000003.2072240652.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2069543790.000002024F4B5000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2411913252.00007FF8B91AB000.00000002.00000001.01000000.0000000B.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpString found in binary or memory: https://www.openssl.org/H
Source: HmP9fn8NM9.exe, 00000003.00000003.2387346478.000001B1DDF57000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2388003331.000001B1DDF5C000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2309174886.000001B1DDF15000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2398207802.000001B1DDF61000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387506599.000001B1DDF5A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.python.org
Source: HmP9fn8NM9.exe, 00000003.00000003.2387346478.000001B1DDF57000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2398176113.000001B1DDF5B000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387506599.000001B1DDF5A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.python.org/
Source: HmP9fn8NM9.exe, 00000003.00000002.2398592765.000001B1DE1A0000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.python.org/dev/peps/pep-0205/
Source: HmP9fn8NM9.exe, 00000003.00000002.2397410047.000001B1DDB60000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://www.python.org/download/releases/2.3/mro/.
Source: HmP9fn8NM9.exe, 00000000.00000003.2097067636.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095421515.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2097302255.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2096945404.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095213985.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095955986.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2179190957.000002024F4B4000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2106478718.000002024F4B5000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2106478718.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2096484093.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2106336866.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2101740506.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2106336866.000002024F4B5000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2099993202.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2099826184.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095719683.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2106170519.000002024F4B5000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2100210898.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2096837635.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095312977.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2179190957.000002024F4EA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.qt.io/contact-us.
Source: HmP9fn8NM9.exe, 00000000.00000003.2097067636.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095421515.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2097302255.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2096945404.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095213985.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095955986.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2179190957.000002024F4B4000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2106478718.000002024F4B5000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2106478718.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2096484093.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2106336866.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2101740506.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2106336866.000002024F4B5000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2099993202.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2099826184.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095719683.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2106170519.000002024F4B5000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2100210898.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2096837635.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095312977.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2179190957.000002024F4EA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.qt.io/licensing/
Source: HmP9fn8NM9.exe, 00000000.00000003.2097067636.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095421515.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2097302255.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2096945404.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095213985.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095955986.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2179190957.000002024F4B4000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2106478718.000002024F4B5000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2106478718.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2096484093.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2106336866.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2101740506.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2106336866.000002024F4B5000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2099993202.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2099826184.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095719683.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2106170519.000002024F4B5000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2100210898.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2096837635.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095312977.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2179190957.000002024F4EA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.qt.io/terms-conditions.
Source: HmP9fn8NM9.exe, 00000003.00000003.2389145181.000001B1DE3E9000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384108441.000001B1DE3A7000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2388403528.000001B1DE3E7000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386966163.000001B1DE3B6000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387750983.000001B1DE3B8000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2400312578.000001B1DE3E9000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386556582.000001B1DE3B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2393595650.000001B1DE3E9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.rfc-editor.org/rfc/rfc8259#section-8.1
Source: HmP9fn8NM9.exe, 00000003.00000003.2385327265.000001B1DE9F0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2383619216.000001B1DE9E7000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2385172266.000001B1DE9EF000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2393758855.000001B1DE9F5000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2405744918.000001B1DE9F6000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386156508.000001B1DE9F0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://wwww.certigna.fr/autorites/
Source: HmP9fn8NM9.exe, 00000003.00000003.2386039661.000001B1DEA30000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384955717.000001B1DEA22000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2383619216.000001B1DE9E7000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2406942901.000001B1DEA39000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://wwww.certigna.fr/autorites/0m
Source: HmP9fn8NM9.exe, 00000003.00000003.2385327265.000001B1DE9F0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2383619216.000001B1DE9E7000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2385172266.000001B1DE9EF000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2393758855.000001B1DE9F5000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2405744918.000001B1DE9F6000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386156508.000001B1DE9F0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://wwww.certigna.fr/autorites/B
Source: HmP9fn8NM9.exe, 00000003.00000003.2389145181.000001B1DE3E9000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384108441.000001B1DE3A7000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2388403528.000001B1DE3E7000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386966163.000001B1DE3B6000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387750983.000001B1DE3B8000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2400312578.000001B1DE3E9000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386556582.000001B1DE3B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2393595650.000001B1DE3E9000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2398814320.000001B1DE2A0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://yahoo.com/
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: SetConsoleCtrlHandler,GetStartupInfoW,GetCommandLineW,CreateProcessW,GetLastError,RegisterClassW,GetLastError,CreateWindowExW,GetLastError,ShowWindow,WaitForSingleObject,GetLastError,PeekMessageW,TranslateMessage,DispatchMessageW,PeekMessageW,WaitForSingleObject,WaitForSingleObject,TerminateProcess,GetLastError,WaitForSingleObject,QueryPerformanceFrequency,QueryPerformanceCounter,MsgWaitForMultipleObjects,PeekMessageW,TranslateMessage,DispatchMessageW,PeekMessageW,QueryPerformanceCounter,GetMessageW,TranslateMessage,DispatchMessageW,DestroyWindow,GetExitCodeProcess,CloseHandle,CloseHandle, LOADER: creating hidden window to capture system shutdown events...0_2_00007FF7774D97F0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: SetConsoleCtrlHandler,GetStartupInfoW,GetCommandLineW,CreateProcessW,GetLastError,RegisterClassW,GetLastError,CreateWindowExW,GetLastError,ShowWindow,WaitForSingleObject,GetLastError,PeekMessageW,TranslateMessage,DispatchMessageW,PeekMessageW,WaitForSingleObject,WaitForSingleObject,TerminateProcess,GetLastError,WaitForSingleObject,QueryPerformanceFrequency,QueryPerformanceCounter,MsgWaitForMultipleObjects,PeekMessageW,TranslateMessage,DispatchMessageW,PeekMessageW,QueryPerformanceCounter,GetMessageW,TranslateMessage,DispatchMessageW,DestroyWindow,GetExitCodeProcess,CloseHandle,CloseHandle, LOADER: handling console shutdown - giving the child %d ms to exit...0_2_00007FF7774D97F0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: SetConsoleCtrlHandler,GetStartupInfoW,GetCommandLineW,CreateProcessW,GetLastError,RegisterClassW,GetLastError,CreateWindowExW,GetLastError,ShowWindow,WaitForSingleObject,GetLastError,PeekMessageW,TranslateMessage,DispatchMessageW,PeekMessageW,WaitForSingleObject,WaitForSingleObject,TerminateProcess,GetLastError,WaitForSingleObject,QueryPerformanceFrequency,QueryPerformanceCounter,MsgWaitForMultipleObjects,PeekMessageW,TranslateMessage,DispatchMessageW,PeekMessageW,QueryPerformanceCounter,GetMessageW,TranslateMessage,DispatchMessageW,DestroyWindow,GetExitCodeProcess,CloseHandle,CloseHandle, LOADER: received console shutdown event - exiting the wait loop!0_2_00007FF7774D97F0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: SetConsoleCtrlHandler,GetStartupInfoW,GetCommandLineW,CreateProcessW,GetLastError,RegisterClassW,GetLastError,CreateWindowExW,GetLastError,ShowWindow,WaitForSingleObject,GetLastError,PeekMessageW,TranslateMessage,DispatchMessageW,PeekMessageW,WaitForSingleObject,WaitForSingleObject,TerminateProcess,GetLastError,WaitForSingleObject,QueryPerformanceFrequency,QueryPerformanceCounter,MsgWaitForMultipleObjects,PeekMessageW,TranslateMessage,DispatchMessageW,PeekMessageW,QueryPerformanceCounter,GetMessageW,TranslateMessage,DispatchMessageW,DestroyWindow,GetExitCodeProcess,CloseHandle,CloseHandle, LOADER: received session shutdown signal via WM_QUERYENDSESSION; waiting for WM_ENDSESSION...0_2_00007FF7774D97F0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: SetConsoleCtrlHandler,GetStartupInfoW,GetCommandLineW,CreateProcessW,GetLastError,RegisterClassW,GetLastError,CreateWindowExW,GetLastError,ShowWindow,WaitForSingleObject,GetLastError,PeekMessageW,TranslateMessage,DispatchMessageW,PeekMessageW,WaitForSingleObject,WaitForSingleObject,TerminateProcess,GetLastError,WaitForSingleObject,QueryPerformanceFrequency,QueryPerformanceCounter,MsgWaitForMultipleObjects,PeekMessageW,TranslateMessage,DispatchMessageW,PeekMessageW,QueryPerformanceCounter,GetMessageW,TranslateMessage,DispatchMessageW,DestroyWindow,GetExitCodeProcess,CloseHandle,CloseHandle, LOADER: creating hidden window to capture system shutdown events...3_2_00007FF7774D97F0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: SetConsoleCtrlHandler,GetStartupInfoW,GetCommandLineW,CreateProcessW,GetLastError,RegisterClassW,GetLastError,CreateWindowExW,GetLastError,ShowWindow,WaitForSingleObject,GetLastError,PeekMessageW,TranslateMessage,DispatchMessageW,PeekMessageW,WaitForSingleObject,WaitForSingleObject,TerminateProcess,GetLastError,WaitForSingleObject,QueryPerformanceFrequency,QueryPerformanceCounter,MsgWaitForMultipleObjects,PeekMessageW,TranslateMessage,DispatchMessageW,PeekMessageW,QueryPerformanceCounter,GetMessageW,TranslateMessage,DispatchMessageW,DestroyWindow,GetExitCodeProcess,CloseHandle,CloseHandle, LOADER: handling console shutdown - giving the child %d ms to exit...3_2_00007FF7774D97F0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: SetConsoleCtrlHandler,GetStartupInfoW,GetCommandLineW,CreateProcessW,GetLastError,RegisterClassW,GetLastError,CreateWindowExW,GetLastError,ShowWindow,WaitForSingleObject,GetLastError,PeekMessageW,TranslateMessage,DispatchMessageW,PeekMessageW,WaitForSingleObject,WaitForSingleObject,TerminateProcess,GetLastError,WaitForSingleObject,QueryPerformanceFrequency,QueryPerformanceCounter,MsgWaitForMultipleObjects,PeekMessageW,TranslateMessage,DispatchMessageW,PeekMessageW,QueryPerformanceCounter,GetMessageW,TranslateMessage,DispatchMessageW,DestroyWindow,GetExitCodeProcess,CloseHandle,CloseHandle, LOADER: received console shutdown event - exiting the wait loop!3_2_00007FF7774D97F0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: SetConsoleCtrlHandler,GetStartupInfoW,GetCommandLineW,CreateProcessW,GetLastError,RegisterClassW,GetLastError,CreateWindowExW,GetLastError,ShowWindow,WaitForSingleObject,GetLastError,PeekMessageW,TranslateMessage,DispatchMessageW,PeekMessageW,WaitForSingleObject,WaitForSingleObject,TerminateProcess,GetLastError,WaitForSingleObject,QueryPerformanceFrequency,QueryPerformanceCounter,MsgWaitForMultipleObjects,PeekMessageW,TranslateMessage,DispatchMessageW,PeekMessageW,QueryPerformanceCounter,GetMessageW,TranslateMessage,DispatchMessageW,DestroyWindow,GetExitCodeProcess,CloseHandle,CloseHandle, LOADER: received session shutdown signal via WM_QUERYENDSESSION; waiting for WM_ENDSESSION...3_2_00007FF7774D97F0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774F77F40_2_00007FF7774F77F4
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774D97F00_2_00007FF7774D97F0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774D10000_2_00007FF7774D1000
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774F6A900_2_00007FF7774F6A90
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774E48340_2_00007FF7774E4834
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774EE8EC0_2_00007FF7774EE8EC
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774E8F740_2_00007FF7774E8F74
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774F17580_2_00007FF7774F1758
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774F4F3C0_2_00007FF7774F4F3C
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774E2FF40_2_00007FF7774E2FF4
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774E27D40_2_00007FF7774E27D4
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774DA6900_2_00007FF7774DA690
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774E96240_2_00007FF7774E9624
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774F27040_2_00007FF7774F2704
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774EED800_2_00007FF7774EED80
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774EAD300_2_00007FF7774EAD30
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774E2DF00_2_00007FF7774E2DF0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774E25D00_2_00007FF7774E25D0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774FA5B80_2_00007FF7774FA5B8
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774E44300_2_00007FF7774E4430
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774F6D0C0_2_00007FF7774F6D0C
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774DBB3D0_2_00007FF7774DBB3D
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774E2BE40_2_00007FF7774E2BE4
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774EF4000_2_00007FF7774EF400
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774E6BC00_2_00007FF7774E6BC0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774DB3040_2_00007FF7774DB304
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774F17580_2_00007FF7774F1758
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774F72A80_2_00007FF7774F72A8
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774E3AA00_2_00007FF7774E3AA0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774F4AA00_2_00007FF7774F4AA0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774DB16B0_2_00007FF7774DB16B
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774E29E00_2_00007FF7774E29E0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774F77F43_2_00007FF7774F77F4
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774D10003_2_00007FF7774D1000
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774E48343_2_00007FF7774E4834
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774EE8EC3_2_00007FF7774EE8EC
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774E8F743_2_00007FF7774E8F74
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774F17583_2_00007FF7774F1758
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774F4F3C3_2_00007FF7774F4F3C
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774E2FF43_2_00007FF7774E2FF4
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774D97F03_2_00007FF7774D97F0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774E27D43_2_00007FF7774E27D4
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774DA6903_2_00007FF7774DA690
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774E96243_2_00007FF7774E9624
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774F27043_2_00007FF7774F2704
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774EED803_2_00007FF7774EED80
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774EAD303_2_00007FF7774EAD30
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774E2DF03_2_00007FF7774E2DF0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774E25D03_2_00007FF7774E25D0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774FA5B83_2_00007FF7774FA5B8
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774E44303_2_00007FF7774E4430
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774F6D0C3_2_00007FF7774F6D0C
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774DBB3D3_2_00007FF7774DBB3D
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774E2BE43_2_00007FF7774E2BE4
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774EF4003_2_00007FF7774EF400
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774E6BC03_2_00007FF7774E6BC0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774F6A903_2_00007FF7774F6A90
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774DB3043_2_00007FF7774DB304
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774F17583_2_00007FF7774F1758
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774F72A83_2_00007FF7774F72A8
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774E3AA03_2_00007FF7774E3AA0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774F4AA03_2_00007FF7774F4AA0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774DB16B3_2_00007FF7774DB16B
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774E29E03_2_00007FF7774E29E0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A86618603_2_00007FF8A8661860
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A893A9003_2_00007FF8A893A900
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87853AD3_2_00007FF8A87853AD
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87823F63_2_00007FF8A87823F6
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8785DA33_2_00007FF8A8785DA3
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8785F103_2_00007FF8A8785F10
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8783A943_2_00007FF8A8783A94
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8784D093_2_00007FF8A8784D09
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87865643_2_00007FF8A8786564
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87812993_2_00007FF8A8781299
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87815C83_2_00007FF8A87815C8
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87854CF3_2_00007FF8A87854CF
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8862CD03_2_00007FF8A8862CD0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A88C2C003_2_00007FF8A88C2C00
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8781B273_2_00007FF8A8781B27
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87854343_2_00007FF8A8785434
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87853C63_2_00007FF8A87853C6
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A878213A3_2_00007FF8A878213A
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A879EF003_2_00007FF8A879EF00
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87821713_2_00007FF8A8782171
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8784F433_2_00007FF8A8784F43
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A893B0E03_2_00007FF8A893B0E0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A878638E3_2_00007FF8A878638E
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A89230103_2_00007FF8A8923010
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A879F0603_2_00007FF8A879F060
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87826EE3_2_00007FF8A87826EE
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8786D5C3_2_00007FF8A8786D5C
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A89361003_2_00007FF8A8936100
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87823013_2_00007FF8A8782301
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8786EBF3_2_00007FF8A8786EBF
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87812173_2_00007FF8A8781217
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87836343_2_00007FF8A8783634
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8781A503_2_00007FF8A8781A50
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A878318E3_2_00007FF8A878318E
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8786FFF3_2_00007FF8A8786FFF
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A88C25D03_2_00007FF8A88C25D0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A88AE5F03_2_00007FF8A88AE5F0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87810AA3_2_00007FF8A87810AA
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87865A03_2_00007FF8A87865A0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87844083_2_00007FF8A8784408
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A878144C3_2_00007FF8A878144C
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8784E533_2_00007FF8A8784E53
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87844CB3_2_00007FF8A87844CB
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87868CA3_2_00007FF8A87868CA
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A878348B3_2_00007FF8A878348B
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87836983_2_00007FF8A8783698
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A878707C3_2_00007FF8A878707C
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A878416A3_2_00007FF8A878416A
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8785A653_2_00007FF8A8785A65
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A88B3CC03_2_00007FF8A88B3CC0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8781CC63_2_00007FF8A8781CC6
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A879BD603_2_00007FF8A879BD60
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87860DC3_2_00007FF8A87860DC
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8785E253_2_00007FF8A8785E25
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A879BF203_2_00007FF8A879BF20
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87841063_2_00007FF8A8784106
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8786EF13_2_00007FF8A8786EF1
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87AB1C03_2_00007FF8A87AB1C0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87850B03_2_00007FF8A87850B0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A878114F3_2_00007FF8A878114F
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87872573_2_00007FF8A8787257
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87829873_2_00007FF8A8782987
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A879F2003_2_00007FF8A879F200
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87838373_2_00007FF8A8783837
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8783BA73_2_00007FF8A8783BA7
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87826713_2_00007FF8A8782671
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A88B74803_2_00007FF8A88B7480
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8782D103_2_00007FF8A8782D10
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87AB5503_2_00007FF8A87AB550
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87837923_2_00007FF8A8783792
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A878435E3_2_00007FF8A878435E
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A878474B3_2_00007FF8A878474B
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8781B363_2_00007FF8A8781B36
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A88B77803_2_00007FF8A88B7780
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87857D63_2_00007FF8A87857D6
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87EF7003_2_00007FF8A87EF700
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A878516E3_2_00007FF8A878516E
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8782D793_2_00007FF8A8782D79
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8785D8A3_2_00007FF8A8785D8A
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A88B89603_2_00007FF8A88B8960
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8783B983_2_00007FF8A8783B98
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8784A593_2_00007FF8A8784A59
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87859343_2_00007FF8A8785934
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A878704A3_2_00007FF8A878704A
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8781EA63_2_00007FF8A8781EA6
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8786F283_2_00007FF8A8786F28
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87821BC3_2_00007FF8A87821BC
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87811403_2_00007FF8A8781140
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87860A03_2_00007FF8A87860A0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A89C0E003_2_00007FF8A89C0E00
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87822ED3_2_00007FF8A87822ED
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A878655F3_2_00007FF8A878655F
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8783FDF3_2_00007FF8A8783FDF
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8781F9B3_2_00007FF8A8781F9B
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A89250B03_2_00007FF8A89250B0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A878710D3_2_00007FF8A878710D
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8786A873_2_00007FF8A8786A87
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8785B783_2_00007FF8A8785B78
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A89241703_2_00007FF8A8924170
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8785B143_2_00007FF8A8785B14
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8782C7A3_2_00007FF8A8782C7A
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A879C4803_2_00007FF8A879C480
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A88304403_2_00007FF8A8830440
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87872C53_2_00007FF8A87872C5
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87825F43_2_00007FF8A87825F4
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87846383_2_00007FF8A8784638
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87869E73_2_00007FF8A87869E7
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87821443_2_00007FF8A8782144
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A879C6203_2_00007FF8A879C620
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A878177B3_2_00007FF8A878177B
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A88BC6603_2_00007FF8A88BC660
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8786C213_2_00007FF8A8786C21
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87829D23_2_00007FF8A87829D2
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8786CBC3_2_00007FF8A8786CBC
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8784B5B3_2_00007FF8A8784B5B
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A89399D03_2_00007FF8A89399D0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87859FC3_2_00007FF8A87859FC
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8783A8A3_2_00007FF8A8783A8A
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8781D023_2_00007FF8A8781D02
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87836023_2_00007FF8A8783602
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A88ADC503_2_00007FF8A88ADC50
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8781D883_2_00007FF8A8781D88
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87816223_2_00007FF8A8781622
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A878736A3_2_00007FF8A878736A
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87872AC3_2_00007FF8A87872AC
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87827613_2_00007FF8A8782761
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87822B13_2_00007FF8A87822B1
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8784C193_2_00007FF8A8784C19
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87811CC3_2_00007FF8A87811CC
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8782FD13_2_00007FF8A8782FD1
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8785BF53_2_00007FF8A8785BF5
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A88B91303_2_00007FF8A88B9130
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A89391003_2_00007FF8A8939100
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87A52003_2_00007FF8A87A5200
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87830C63_2_00007FF8A87830C6
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A879D2603_2_00007FF8A879D260
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A878228E3_2_00007FF8A878228E
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87855153_2_00007FF8A8785515
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A88B14903_2_00007FF8A88B1490
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87856143_2_00007FF8A8785614
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A878428C3_2_00007FF8A878428C
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87832EC3_2_00007FF8A87832EC
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A878276B3_2_00007FF8A878276B
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8784C3C3_2_00007FF8A8784C3C
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8782E913_2_00007FF8A8782E91
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8784ACA3_2_00007FF8A8784ACA
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A878504C3_2_00007FF8A878504C
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87854D43_2_00007FF8A87854D4
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A88C17603_2_00007FF8A88C1760
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87814243_2_00007FF8A8781424
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B833C9403_2_00007FF8B833C940
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B83429D03_2_00007FF8B83429D0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B83641E03_2_00007FF8B83641E0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B835F9E03_2_00007FF8B835F9E0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B83469A03_2_00007FF8B83469A0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B83809A03_2_00007FF8B83809A0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B835B2703_2_00007FF8B835B270
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B834BA003_2_00007FF8B834BA00
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B83822303_2_00007FF8B8382230
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B8362AE03_2_00007FF8B8362AE0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B83612903_2_00007FF8B8361290
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B8377AA03_2_00007FF8B8377AA0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B837C3403_2_00007FF8B837C340
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B8381B603_2_00007FF8B8381B60
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B837DB703_2_00007FF8B837DB70
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B833B3003_2_00007FF8B833B300
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B8335BA03_2_00007FF8B8335BA0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B83674503_2_00007FF8B8367450
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B8365C003_2_00007FF8B8365C00
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B837F4003_2_00007FF8B837F400
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B83794B03_2_00007FF8B83794B0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B8377D503_2_00007FF8B8377D50
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B8333D603_2_00007FF8B8333D60
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B833A5603_2_00007FF8B833A560
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B835F5D03_2_00007FF8B835F5D0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B8359D903_2_00007FF8B8359D90
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B83776603_2_00007FF8B8377660
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B8347E703_2_00007FF8B8347E70
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B83706003_2_00007FF8B8370600
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B835B6203_2_00007FF8B835B620
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B83366C03_2_00007FF8B83366C0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B83646903_2_00007FF8B8364690
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B8360EB03_2_00007FF8B8360EB0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B837FEB03_2_00007FF8B837FEB0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B8366F403_2_00007FF8B8366F40
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B83447503_2_00007FF8B8344750
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B83627003_2_00007FF8B8362700
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B837B7103_2_00007FF8B837B710
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B833DF203_2_00007FF8B833DF20
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B8376FC03_2_00007FF8B8376FC0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B837E8603_2_00007FF8B837E860
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B833786B3_2_00007FF8B833786B
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B83320703_2_00007FF8B8332070
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B835A8103_2_00007FF8B835A810
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B83668C03_2_00007FF8B83668C0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B835C8E03_2_00007FF8B835C8E0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B83458F03_2_00007FF8B83458F0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B83708F03_2_00007FF8B83708F0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B835E0903_2_00007FF8B835E090
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: String function: 00007FF8A8781EF6 appears 1580 times
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: String function: 00007FF7774D2960 appears 108 times
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: String function: 00007FF8A8782A09 appears 172 times
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: String function: 00007FF8A8782739 appears 516 times
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: String function: 00007FF8A8784D6D appears 34 times
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: String function: 00007FF7774D2880 appears 128 times
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: String function: 00007FF8A878688E appears 31 times
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: String function: 00007FF8A8783012 appears 55 times
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: String function: 00007FF7774D2770 appears 192 times
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: String function: 00007FF8A878405C appears 779 times
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: String function: 00007FF8A878698D appears 49 times
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: String function: 00007FF8A87824BE appears 84 times
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: String function: 00007FF8A8784840 appears 129 times
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: String function: 00007FF7774D2B70 appears 34 times
Source: HmP9fn8NM9.exeBinary or memory string: OriginalFilename vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2061452200.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Sql.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2048006420.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5PrintSupport.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2079370159.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamevcruntime140_1.dllT vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2066163136.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameconcrt140.dllT vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2039196341.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Core.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2043230731.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Gui.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2091901895.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamewindowsprintersupport.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2081574736.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtgeoservices_itemsoverlay.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2038067236.000002024F4AF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamemsvcp140.dllT vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2072556869.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamemsvcp140.dllT vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2083945238.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqwbmp.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2092707566.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtsensorgestures_plugin.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2081340730.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtgeoservices_esri.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2082299730.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqsvgicon.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpBinary or memory string: OriginalFilenametruepepe-qt.exe< vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2084102219.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqwebp.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2080554093.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtuiotouchplugin.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2053404409.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Quick3D.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2092872120.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtsensorgestures_shakeplugin.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2088418034.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedsengine.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2057255476.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Quick3DRuntimeRender.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2051213407.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5QmlModels.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2062643177.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5WebView.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2088769362.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtmedia_audioengine.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2064938784.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Xml.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2092357554.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamegltfsceneexport.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2062297632.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5WebChannel.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2071546388.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamelibeay32.dllH vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2059632191.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5QuickTest.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2045006414.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Help.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2082426899.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqgif.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2047245275.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Nfc.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2080436480.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqgenericbearer.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2091660715.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtposition_serialnmea.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2072812860.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamemsvcp140_1.dllT vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2090738104.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqwindows.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2082701841.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqico.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2083278098.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtga.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2045385488.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Location.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2058346760.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5QuickControls2.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2089515700.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqminimal.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2061968759.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Test.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2079040959.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamessleay32.dllH vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2079597167.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameassimp.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2082564994.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqicns.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2059083481.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5QuickTemplates2.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2058826367.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5QuickShapes.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2072240652.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamelibsslH vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2041539952.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Designer.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2046818934.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Network.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2091792780.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtposition_winrt.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2061700963.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Svg.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2069543790.000002024F4B5000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamelibcryptoH vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2083432073.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtiff.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2080799375.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamedefaultgeometryloader.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2091399313.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtmultimedia_m3u.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2067965128.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilename vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2067965128.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamelibEGL.dll. vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2092523915.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamegltfsceneimport.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2082132992.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtgeoservices_osm.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2055958605.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Q vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2055958605.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Quick3DRender.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2047651059.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Positioning.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2064650331.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5WinExtras.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2079239753.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamevcruntime140.dllT vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2089162649.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamewmfengine.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2082887560.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqjpeg.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2060978343.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Sensors.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2045901533.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Multimedia.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2186217522.000002024F4CA000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqmllocalstorageplugin.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2091548479.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtposition_positionpoll.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2062173899.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5TextToSpeech.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2083140593.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqsvg.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2186217522.000002024F4BA000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqmllocalstorageplugin.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2179169299.000002024F4EB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtquickcontrolsplugin.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2060265602.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5QuickWidgets.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2089906487.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqoffscreen.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2081933985.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtgeoservices_nokia.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2092086322.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameopenglrenderer.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2068487707.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamelibGLESv2.dll4 vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2047852220.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5PositioningQuick.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2062455230.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5WebSockets.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2061176760.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5SerialPort.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2081153367.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamegltfgeometryloader.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2080183262.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtaudio_wasapi.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2040972497.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5DBus.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2090279732.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqwebgl.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2080316638.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtaudio_windows.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2054441943.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Quick3DAssetImport.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2073031918.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamemsvcp140_2.dllT vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2060689114.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5RemoteObjects.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2051482997.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5QmlWorkerScript.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2058146585.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Quick3DUtils.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2058552646.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5QuickParticles.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2079982904.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameuip.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2081705150.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtgeoservices_mapbox.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2046496800.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5MultimediaWidgets.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2048614734.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Qml.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2047418645.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5OpenGL.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2092964019.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqtsensors_generic.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2091175147.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameqxdgdesktopportal.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000000.00000003.2038418787.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameQt5Bluetooth.dll( vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exeBinary or memory string: OriginalFilename vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000003.00000002.2411913252.00007FF8B91AB000.00000002.00000001.01000000.0000000B.sdmpBinary or memory string: OriginalFilenamelibsslH vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000003.00000002.2414169547.00007FF8BFBA7000.00000002.00000001.01000000.00000006.sdmpBinary or memory string: OriginalFilenamevcruntime140.dllT vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpBinary or memory string: OriginalFilenamelibcryptoH vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000003.00000002.2409316182.00007FF8A8771000.00000002.00000001.01000000.00000013.sdmpBinary or memory string: OriginalFilenameunicodedata.pyd. vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000003.00000002.2412319996.00007FF8B9F6E000.00000002.00000001.01000000.0000000D.sdmpBinary or memory string: OriginalFilename_hashlib.pyd. vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000003.00000002.2413269643.00007FF8BFB56000.00000002.00000001.01000000.0000000E.sdmpBinary or memory string: OriginalFilename_queue.pyd. vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000003.00000002.2413960062.00007FF8BFB82000.00000002.00000001.01000000.00000007.sdmpBinary or memory string: OriginalFilename_socket.pyd. vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000003.00000002.2413579199.00007FF8BFB66000.00000002.00000001.01000000.00000008.sdmpBinary or memory string: OriginalFilenameselect.pyd. vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000003.00000002.2411038111.00007FF8A8F28000.00000002.00000001.01000000.00000005.sdmpBinary or memory string: OriginalFilenamepython310.dll. vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000003.00000002.2412573086.00007FF8BA525000.00000002.00000001.01000000.00000009.sdmpBinary or memory string: OriginalFilename_ssl.pyd. vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpBinary or memory string: OriginalFilenametruepepe-qt.exe< vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000003.00000002.2412157155.00007FF8B93D2000.00000002.00000001.01000000.0000000F.sdmpBinary or memory string: OriginalFilename_bz2.pyd. vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exe, 00000003.00000002.2411663281.00007FF8B90F4000.00000002.00000001.01000000.00000010.sdmpBinary or memory string: OriginalFilename_lzma.pyd. vs HmP9fn8NM9.exe
Source: HmP9fn8NM9.exeBinary or memory string: OriginalFilenametruepepe-qt.exe< vs HmP9fn8NM9.exe
Source: Qt5Core.dll.0.drStatic PE information: Section: .qtmimed ZLIB complexity 0.997458770800317
Source: classification engineClassification label: mal52.evad.winEXE@3/1026@1/1
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI71122Jump to behavior
Source: HmP9fn8NM9.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeKey opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
Source: Qt5Help.dll.0.drBinary or memory string: CREATE TABLE info (id INTEGER PRIMARY KEY, namespace, attributes, url, title, data);
Source: Qt5Help.dll.0.drBinary or memory string: CREATE TABLE foo ();
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile read: C:\Users\user\Desktop\HmP9fn8NM9.exeJump to behavior
Source: unknownProcess created: C:\Users\user\Desktop\HmP9fn8NM9.exe "C:\Users\user\Desktop\HmP9fn8NM9.exe"
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeProcess created: C:\Users\user\Desktop\HmP9fn8NM9.exe "C:\Users\user\Desktop\HmP9fn8NM9.exe"
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeProcess created: C:\Users\user\Desktop\HmP9fn8NM9.exe "C:\Users\user\Desktop\HmP9fn8NM9.exe"Jump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeSection loaded: version.dllJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeSection loaded: vcruntime140.dllJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeSection loaded: python3.dllJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeSection loaded: libcrypto-1_1.dllJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeSection loaded: libssl-1_1.dllJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeSection loaded: mswsock.dllJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeSection loaded: rasadhlp.dllJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeSection loaded: fwpuclnt.dllJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeSection loaded: textshaping.dllJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeSection loaded: textinputframework.dllJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile opened: C:\Users\user\Desktop\pyvenv.cfgJump to behavior
Source: HmP9fn8NM9.exeStatic PE information: Image base 0x140000000 > 0x60000000
Source: HmP9fn8NM9.exeStatic file information: File size 58303966 > 1048576
Source: HmP9fn8NM9.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IMPORT
Source: HmP9fn8NM9.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_RESOURCE
Source: HmP9fn8NM9.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_BASERELOC
Source: HmP9fn8NM9.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
Source: HmP9fn8NM9.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG
Source: HmP9fn8NM9.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IAT
Source: HmP9fn8NM9.exeStatic PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, GUARD_CF, TERMINAL_SERVER_AWARE
Source: HmP9fn8NM9.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
Source: Binary string: C:\Users\qt\work\qt\qtmultimedia\plugins\mediaservice\qtmedia_audioengine.pdb++ source: HmP9fn8NM9.exe, 00000000.00000003.2088769362.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtsvg\plugins\iconengines\qsvgicon.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2082299730.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtsensors\plugins\sensorgestures\qtsensorgestures_plugin.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2092707566.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtsvg\plugins\imageformats\qsvg.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2083140593.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtlocation\plugins\geoservices\qtgeoservices_itemsoverlay.pdb!! source: HmP9fn8NM9.exe, 00000000.00000003.2081574736.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtlocation\plugins\position\qtposition_serialnmea.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2091660715.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\_decimal.pdb## source: _decimal.pyd.0.dr
Source: Binary string: C:\Users\qt\work\qt\qtbase\plugins\generic\qtuiotouchplugin.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2080554093.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtserialport\lib\Qt5SerialPort.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2061176760.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtmultimedia\plugins\audio\qtaudio_wasapi.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2080183262.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\_lzma.pdbMM source: HmP9fn8NM9.exe, 00000003.00000002.2411561938.00007FF8B90EB000.00000002.00000001.01000000.00000010.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\plugins\imageformats\qico.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2082701841.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\_decimal.pdb source: _decimal.pyd.0.dr
Source: Binary string: C:\Users\qt\work\qt\qtmultimedia\plugins\mediaservice\qtmedia_audioengine.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2088769362.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtlocation\plugins\position\qtposition_positionpoll.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2091548479.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtlocation\plugins\position\qtposition_winrt.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2091792780.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtsensors\plugins\sensors\qtsensors_generic.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2092964019.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\plugins\bearer\qgenericbearer.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2080436480.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: d:\agent\_work\1\s\\binaries\amd64ret\bin\amd64\\vcruntime140_1.amd64.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2079370159.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtdeclarative\lib\Qt5QmlWorkerScript.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2051482997.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: @ compiler: cl /Zi /Fdossl_static.pdb /Gs0 /GF /Gy /MD /W3 /wd4090 /nologo /O2 -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAESNI_ASM -DVPAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASMOpenSSL 1.1.1t 7 Feb 2023built on: Thu Feb 9 15:27:40 2023 UTCplatform: VC-WIN64A-masmOPENSSLDIR: "C:\Program Files\Common Files\SSL"ENGINESDIR: "C:\Program Files\OpenSSL\lib\engines-1_1"not available source: HmP9fn8NM9.exe, 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmp
Source: Binary string: d:\a01\_work\12\s\\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb source: HmP9fn8NM9.exe, 00000003.00000002.2414086027.00007FF8BFBA1000.00000002.00000001.01000000.00000006.sdmp, VCRUNTIME140.dll.0.dr
Source: Binary string: D:\a\1\b\bin\amd64\_hashlib.pdb source: HmP9fn8NM9.exe, 00000003.00000002.2412256523.00007FF8B9F66000.00000002.00000001.01000000.0000000D.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtspeech\lib\Qt5TextToSpeech.pdb!! source: HmP9fn8NM9.exe, 00000000.00000003.2062173899.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\plugins\imageformats\qico.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2082701841.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qttools\lib\Qt5Help.pdbDD source: Qt5Help.dll.0.dr
Source: Binary string: C:\Users\qt\work\qt\qtbase\plugins\generic\qtuiotouchplugin.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2080554093.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\plugins\bearer\qgenericbearer.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2080436480.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\_lzma.pdb source: HmP9fn8NM9.exe, 00000003.00000002.2411561938.00007FF8B90EB000.00000002.00000001.01000000.00000010.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\_bz2.pdb source: HmP9fn8NM9.exe, 00000003.00000002.2412087895.00007FF8B93CD000.00000002.00000001.01000000.0000000F.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtlocation\plugins\geoservices\qtgeoservices_itemsoverlay.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2081574736.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\_socket.pdb source: HmP9fn8NM9.exe, 00000003.00000002.2413822315.00007FF8BFB78000.00000002.00000001.01000000.00000007.sdmp, _socket.pyd.0.dr
Source: Binary string: C:\Users\qt\work\qt\qtlocation\plugins\position\qtposition_serialnmea.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2091660715.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: d:\agent\_work\1\s\\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2079239753.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtimageformats\plugins\imageformats\qtiff.pdbBB source: HmP9fn8NM9.exe, 00000000.00000003.2083432073.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\plugins\platformthemes\qxdgdesktopportal.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2091175147.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\msvcp140.amd64.pdb source: MSVCP140.dll.0.dr
Source: Binary string: C:\Users\qt\work\qt\qtlocation\plugins\position\qtposition_winrt.pdb## source: HmP9fn8NM9.exe, 00000000.00000003.2091792780.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\unicodedata.pdb source: HmP9fn8NM9.exe, 00000003.00000002.2409006238.00007FF8A876C000.00000002.00000001.01000000.00000013.sdmp
Source: Binary string: d:\agent\_work\1\s\\binaries\amd64ret\bin\amd64\\msvcp140_1.amd64.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2072812860.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\msvcp140.amd64.pdbGCTL source: MSVCP140.dll.0.dr
Source: Binary string: C:\Users\qt\work\qt\qttools\lib\Qt5Help.pdb source: Qt5Help.dll.0.dr
Source: Binary string: C:\Users\qt\work\qt\qtmultimedia\plugins\audio\qtaudio_wasapi.pdb)) source: HmP9fn8NM9.exe, 00000000.00000003.2080183262.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtimageformats\plugins\imageformats\qtiff.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2083432073.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\plugins\imageformats\qgif.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2082426899.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\libssl-1_1.pdb@@ source: HmP9fn8NM9.exe, 00000003.00000002.2411840197.00007FF8B9176000.00000002.00000001.01000000.0000000B.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\plugins\printsupport\windowsprintersupport.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2091901895.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtquick3d\lib\Qt5Quick3DUtils.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2058146585.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: compiler: cl /Zi /Fdossl_static.pdb /Gs0 /GF /Gy /MD /W3 /wd4090 /nologo /O2 -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAESNI_ASM -DVPAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM source: HmP9fn8NM9.exe, 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtsensors\plugins\sensorgestures\qtsensorgestures_shakeplugin.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2092872120.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtimageformats\plugins\imageformats\qtga.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2083278098.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtmultimedia\plugins\audio\qtaudio_windows.pdb&& source: HmP9fn8NM9.exe, 00000000.00000003.2080316638.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qt3d\plugins\geometryloaders\defaultgeometryloader.pdb!! source: HmP9fn8NM9.exe, 00000000.00000003.2080799375.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtmultimedia\plugins\playlistformats\qtmultimedia_m3u.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2091399313.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtspeech\lib\Qt5TextToSpeech.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2062173899.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\libcrypto-1_1.pdb source: HmP9fn8NM9.exe, 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtsensors\plugins\sensorgestures\qtsensorgestures_plugin.pdb11 source: HmP9fn8NM9.exe, 00000000.00000003.2092707566.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtimageformats\plugins\imageformats\qicns.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2082564994.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\libssl-1_1.pdb source: HmP9fn8NM9.exe, 00000003.00000002.2411840197.00007FF8B9176000.00000002.00000001.01000000.0000000B.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\select.pdb source: HmP9fn8NM9.exe, 00000003.00000002.2413430495.00007FF8BFB63000.00000002.00000001.01000000.00000008.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtserialport\lib\Qt5SerialPort.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2061176760.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\python310.pdb source: HmP9fn8NM9.exe, 00000003.00000002.2410434371.00007FF8A8E1F000.00000002.00000001.01000000.00000005.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\_queue.pdb source: HmP9fn8NM9.exe, 00000003.00000002.2412990881.00007FF8BFB53000.00000002.00000001.01000000.0000000E.sdmp
Source: Binary string: C:\Users\qt\work\qt\qt3d\plugins\geometryloaders\gltfgeometryloader.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2081153367.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtmultimedia\plugins\audio\qtaudio_windows.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2080316638.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qt3d\plugins\geometryloaders\defaultgeometryloader.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2080799375.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtimageformats\plugins\imageformats\qwbmp.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2083945238.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\qt\work\qt\qtbase\lib\libEGL.pdb source: HmP9fn8NM9.exe, 00000000.00000003.2067965128.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: D:\a\1\b\bin\amd64\_ssl.pdb source: HmP9fn8NM9.exe, 00000003.00000002.2412429214.00007FF8BA50D000.00000002.00000001.01000000.00000009.sdmp, _ssl.pyd.0.dr
Source: HmP9fn8NM9.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IMPORT is in: .rdata
Source: HmP9fn8NM9.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_RESOURCE is in: .rsrc
Source: HmP9fn8NM9.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_BASERELOC is in: .reloc
Source: HmP9fn8NM9.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG is in: .rdata
Source: HmP9fn8NM9.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IAT is in: .rdata
Source: MSVCP140.dll.0.drStatic PE information: 0xAEDDD920 [Tue Dec 19 17:23:44 2062 UTC]
Source: Qt5Core.dll.0.drStatic PE information: section name: .qtmimed
Source: qtquickcontrols2materialstyleplugin.dll.0.drStatic PE information: section name: .qtmetad
Source: qtquick3deffectplugin.dll.0.drStatic PE information: section name: .qtmetad
Source: qtquick3dhelpersplugin.dll.0.drStatic PE information: section name: .qtmetad
Source: VCRUNTIME140.dll.0.drStatic PE information: section name: _RDATA
Source: qtquickextrasflatplugin.dll.0.drStatic PE information: section name: .qtmetad
Source: qtquickcontrols2universalstyleplugin.dll.0.drStatic PE information: section name: .qtmetad
Source: qtquickcontrolsplugin.dll.0.drStatic PE information: section name: .qtmetad
Source: dialogsprivateplugin.dll.0.drStatic PE information: section name: .qtmetad
Source: dialogplugin.dll.0.drStatic PE information: section name: .qtmetad
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin\Qt5Location.dllJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\qtquickcontrolsplugin.dllJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI71122\_socket.pydJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin\Qt5Help.dllJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\Private\dialogsprivateplugin.dllJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin\Qt5Bluetooth.dllJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\dialogplugin.dllJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI71122\_decimal.pydJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI71122\MSVCP140.dllJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin\Qt5Multimedia.dllJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI71122\charset_normalizer\md__mypyc.cp310-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\qtquickcontrols2universalstyleplugin.dllJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Flat\qtquickextrasflatplugin.dllJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI71122\_hashlib.pydJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin\Qt5Designer.dllJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin\Qt5Core.dllJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin\Qt5Gui.dllJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI71122\_lzma.pydJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\qtquick3deffectplugin.dllJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI71122\_bz2.pydJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI71122\VCRUNTIME140.dllJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Helpers\qtquick3dhelpersplugin.dllJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI71122\_ssl.pydJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI71122\VCRUNTIME140_1.dllJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin\Qt5DBus.dllJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\qtquickcontrols2materialstyleplugin.dllJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI71122\_brotli.cp310-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI71122\charset_normalizer\md.cp310-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile created: C:\Users\user\AppData\Local\Temp\_MEI71122\_queue.pydJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774D8020 GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,GetProcAddress,GetLastError,0_2_00007FF7774D8020
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeProcess information set: NOGPFAULTERRORBOXJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87832FB rdtsc 3_2_00007FF8A87832FB
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\qtquickcontrolsplugin.dllJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin\Qt5Location.dllJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI71122\_socket.pydJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin\Qt5Help.dllJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\Private\dialogsprivateplugin.dllJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\dialogplugin.dllJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin\Qt5Bluetooth.dllJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI71122\_decimal.pydJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI71122\MSVCP140.dllJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin\Qt5Multimedia.dllJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI71122\charset_normalizer\md__mypyc.cp310-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\qtquickcontrols2universalstyleplugin.dllJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Flat\qtquickextrasflatplugin.dllJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI71122\_hashlib.pydJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin\Qt5Designer.dllJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin\Qt5Core.dllJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin\Qt5Gui.dllJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI71122\_lzma.pydJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\qtquick3deffectplugin.dllJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI71122\_bz2.pydJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Helpers\qtquick3dhelpersplugin.dllJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI71122\_ssl.pydJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI71122\VCRUNTIME140_1.dllJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin\Qt5DBus.dllJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\qtquickcontrols2materialstyleplugin.dllJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI71122\_brotli.cp310-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI71122\charset_normalizer\md.cp310-win_amd64.pydJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI71122\_queue.pydJump to dropped file
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCheck user administrative privileges: GetTokenInformation,DecisionNodesgraph_0-18059
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeAPI coverage: 9.2 %
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774DA110 FindFirstFileExW,FindClose,0_2_00007FF7774DA110
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774D8E90 FindFirstFileW,RemoveDirectoryW,DeleteFileW,FindNextFileW,FindClose,RemoveDirectoryW,0_2_00007FF7774D8E90
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774F2704 _invalid_parameter_noinfo,FindFirstFileExW,FindNextFileW,FindClose,FindClose,0_2_00007FF7774F2704
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774DA110 FindFirstFileExW,FindClose,3_2_00007FF7774DA110
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774D8E90 FindFirstFileW,RemoveDirectoryW,DeleteFileW,FindNextFileW,FindClose,RemoveDirectoryW,3_2_00007FF7774D8E90
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774F2704 _invalid_parameter_noinfo,FindFirstFileExW,FindNextFileW,FindClose,FindClose,3_2_00007FF7774F2704
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A878322E _errno,malloc,_errno,MultiByteToWideChar,GetLastError,MultiByteToWideChar,MultiByteToWideChar,free,_errno,FindFirstFileW,_errno,FindNextFileW,WideCharToMultiByte,3_2_00007FF8A878322E
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile opened: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\EffectsJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile opened: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3DJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile opened: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5Jump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile opened: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qmlJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile opened: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5Jump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeFile opened: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designerJump to behavior
Source: cacert.pem.0.drBinary or memory string: j2aTPs+9xYa9+bG3tD60B8jzljHz7aRP+KNOjSkVWLjVb3/ubCK1sK9IRQq9qEmU
Source: HmP9fn8NM9.exe, 00000003.00000003.2393819585.000001B1DE2BF000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2393727852.000001B1DE2BA000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2398882400.000001B1DE2C0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
Source: cacert.pem.0.drBinary or memory string: zJVSk/BwJVmcIGfE7vmLV2H0knZ9P4SNVbfo5azV8fUZVqZa+5Acr5Pr5RzUZ5dd

Anti Debugging

barindex
Potentially malicious time measurement code found
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87842463_2_00007FF8A8784246
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87857313_2_00007FF8A8785731
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A87832FB rdtsc 3_2_00007FF8A87832FB
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774DDFBC IsProcessorFeaturePresent,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_00007FF7774DDFBC
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774F4310 GetProcessHeap,0_2_00007FF7774F4310
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774DD730 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,0_2_00007FF7774DD730
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774DDFBC IsProcessorFeaturePresent,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_00007FF7774DDFBC
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774EB4A4 RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_00007FF7774EB4A4
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774DE19C SetUnhandledExceptionFilter,0_2_00007FF7774DE19C
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774DD730 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,3_2_00007FF7774DD730
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774DDFBC IsProcessorFeaturePresent,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,3_2_00007FF7774DDFBC
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774EB4A4 RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,3_2_00007FF7774EB4A4
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF7774DE19C SetUnhandledExceptionFilter,3_2_00007FF7774DE19C
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8662A60 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,3_2_00007FF8A8662A60
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8663028 IsProcessorFeaturePresent,memset,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,3_2_00007FF8A8663028
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8785A24 IsProcessorFeaturePresent,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,3_2_00007FF8A8785A24
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8B8384050 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,3_2_00007FF8B8384050
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeProcess created: C:\Users\user\Desktop\HmP9fn8NM9.exe "C:\Users\user\Desktop\HmP9fn8NM9.exe"Jump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774FA400 cpuid 0_2_00007FF7774FA400
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins\audio VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins\geometryloaders VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins\geoservices VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins\geoservices VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins\geoservices VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins\geoservices VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins\imageformats VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins\imageformats VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins\imageformats VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins\imageformats VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins\mediaservice VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins\mediaservice VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins\platforms VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins\platforms VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins\platforms VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins\position VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins\sceneparsers VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins\sensorgestures VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins\sqldrivers VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins\sqldrivers VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\plugins VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtBluetooth VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtBluetooth VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects\private VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects\private VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects\private VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects\private VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects\private VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects\private VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects\private VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects\private VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects\private VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects\private VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects\private VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects\private VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtGraphicalEffects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtLocation VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtLocation VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtMultimedia VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtMultimedia VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtMultimedia VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtNfc VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtNfc VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtPositioning VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQml\Models.2 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQml\RemoteObjects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQml\RemoteObjects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQml\StateMachine VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQml\StateMachine VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQml\WorkerScript.2 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQml\WorkerScript.2 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick.2 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick.2 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\images VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\images VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\maps VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Helpers VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Helpers VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeQueries volume information: C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5 VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774DDEA0 GetSystemTimeAsFileTime,GetCurrentThreadId,GetCurrentProcessId,QueryPerformanceCounter,0_2_00007FF7774DDEA0
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 0_2_00007FF7774F6A90 _get_daylight,_get_daylight,_get_daylight,_get_daylight,_get_daylight,GetTimeZoneInformation,0_2_00007FF7774F6A90
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior
Source: C:\Users\user\Desktop\HmP9fn8NM9.exeCode function: 3_2_00007FF8A8782B62 bind,WSAGetLastError,3_2_00007FF8A8782B62

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid Accounts1
Native API		1
DLL Side-Loading		11
Process Injection		11
Process Injection		OS Credential Dumping2
System Time Discovery		Remote Services1
Archive Collected Data		12
Encrypted Channel		Exfiltration Over Other Network Medium1
System Shutdown/Reboot
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
DLL Side-Loading		1
Deobfuscate/Decode Files or Information		LSASS Memory31
Security Software Discovery		Remote Desktop ProtocolData from Removable Media1
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
Obfuscated Files or Information		Security Account Manager2
File and Directory Discovery		SMB/Windows Admin SharesData from Network Shared Drive2
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
Software Packing		NTDS23
System Information Discovery		Distributed Component Object ModelInput CaptureProtocol ImpersonationTraffic DuplicationData Destruction
Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
Timestomp		LSA SecretsInternet Connection DiscoverySSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
DLL Side-Loading		Cached Domain CredentialsWi-Fi DiscoveryVNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
HmP9fn8NM9.exe5%ReversingLabsWin64.Trojan.Generic
HmP9fn8NM9.exe6%VirustotalBrowse

Dropped Files

SourceDetectionScannerLabelLink
C:\Users\user\AppData\Local\Temp\_MEI71122\MSVCP140.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QAxContainer.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin\Qt5Bluetooth.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin\Qt5Core.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin\Qt5DBus.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin\Qt5Designer.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin\Qt5Gui.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin\Qt5Help.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin\Qt5Location.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin\Qt5Multimedia.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\qtquick3deffectplugin.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Helpers\qtquick3dhelpersplugin.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\qtquickcontrols2materialstyleplugin.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\qtquickcontrols2universalstyleplugin.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Flat\qtquickextrasflatplugin.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\qtquickcontrolsplugin.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\Private\dialogsprivateplugin.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\dialogplugin.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtBluetooth.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtCore.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtDBus.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtDesigner.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtGui.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtHelp.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtLocation.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtMultimedia.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtMultimediaWidgets.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtNetwork.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtNfc.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtOpenGL.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtPositioning.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtPrintSupport.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtQml.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtQuick.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtQuick3D.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtQuickWidgets.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtRemoteObjects.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtSensors.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtSerialPort.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtSql.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtSvg.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtTest.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtTextToSpeech.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtWebChannel.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtWebSockets.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtWidgets.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtWinExtras.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtXml.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtXmlPatterns.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\sip.pyi0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\VCRUNTIME140.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\VCRUNTIME140_1.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\_brotli.cp310-win_amd64.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\_bz2.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\_decimal.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\_hashlib.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\_lzma.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\_queue.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\_socket.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\_ssl.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\charset_normalizer\md.cp310-win_amd64.pyd0%ReversingLabs
C:\Users\user\AppData\Local\Temp\_MEI71122\charset_normalizer\md__mypyc.cp310-win_amd64.pyd0%ReversingLabs

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://www.mapbox.com.0%Avira URL Cloudsafe
http://c.tile.opencyclemap.org/cycle/%z/%x/%y.png0%Avira URL Cloudsafe
https://palegreen-cheetah-217044.hostingersite.com/wp-content/uploads/2024/12/DebutMenus_nopump.exe100%Avira URL Cloudmalware
https://wwww.certigna.fr/autorites/B0%Avira URL Cloudsafe
https://palegreen-cheetah-217044.hostingersite.com/wp-content/uploads/2024/12/truepepe-qt.exeP100%Avira URL Cloudmalware
http://crl4.digicert0%Avira URL Cloudsafe
https://palegreen-cheetah-217044.hostingersite.com/wp-content/uploads/2024/12/DebutMenus_nopump.exeu100%Avira URL Cloudmalware
http://www.opensource.org/licenses/mit-license.ph0%Avira URL Cloudsafe
https://palegreen-cheetah-217044.hostingersite.com/wp-content/uploads/2024/12/truepepe-qt.exe100%Avira URL Cloudmalware
http://c.tile2.opencyclemap.org/transport/%z/%x/%y.png0%Avira URL Cloudsafe
https://urllib3.readthedocs.io/en/latest/advanced-usage.html#tls-warningsp0%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
free.cdn.hstgr.net
92.113.16.201
truefalse
    		high
    palegreen-cheetah-217044.hostingersite.com
    		unknown
    		unknownfalse
      		unknown

      URLs from Memory and Binaries

      NameSourceMaliciousAntivirus DetectionReputation
      https://wwww.certigna.fr/autorites/BHmP9fn8NM9.exe, 00000003.00000003.2385327265.000001B1DE9F0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2383619216.000001B1DE9E7000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2385172266.000001B1DE9EF000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2393758855.000001B1DE9F5000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2405744918.000001B1DE9F6000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386156508.000001B1DE9F0000.00000004.00000020.00020000.00000000.sdmpfalse
      • Avira URL Cloud: safe
      		unknown
      https://palegreen-cheetah-217044.hostingersite.com/wp-content/uploads/2024/12/truepepe-qt.exePHmP9fn8NM9.exe, 00000003.00000002.2398457170.000001B1DE0A0000.00000004.00001000.00020000.00000000.sdmpfalse
      • Avira URL Cloud: malware
      		unknown
      https://developer.here.com/qtlocation_uk.qm.0.drfalse
        		high
        http://crl.securetrust.com/STCA.crlxDHmP9fn8NM9.exe, 00000003.00000002.2396693199.000001B1DBEBA000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2392360626.000001B1DBEAD000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387316174.000001B1DBEAC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387107134.000001B1DBEAA000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2393083325.000001B1DBEB7000.00000004.00000020.00020000.00000000.sdmpfalse
          		high
          http://crl4.digicertHmP9fn8NM9.exe, 00000000.00000003.2065447551.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpfalse
          • Avira URL Cloud: safe
          		unknown
          https://python.org/dev/peps/pep-0263/HmP9fn8NM9.exe, 00000003.00000002.2410434371.00007FF8A8E1F000.00000002.00000001.01000000.00000005.sdmpfalse
            		high
            https://github.com/tensorflow/datasets/blob/master/tensorflow_datasets/core/utils/resource_utils.py#HmP9fn8NM9.exe, 00000003.00000003.2388069537.000001B1DBF07000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386866835.000001B1DBEC3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2392073916.000001B1DBEDC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2389757101.000001B1DBED0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2392953988.000001B1DBF09000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2307267517.000001B1DBEDC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2307237019.000001B1DBF0D000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2392017419.000001B1DBF09000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2307267517.000001B1DBF01000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2397071579.000001B1DBF09000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387082081.000001B1DBF06000.00000004.00000020.00020000.00000000.sdmpfalse
              		high
              http://a.tile.thunderforest.com/landscape/%z/%x/%y.pngHmP9fn8NM9.exe, 00000000.00000003.2082132992.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpfalse
                		high
                https://api.mapbox.com/geocoding/v5/mapbox.places-permanent/HmP9fn8NM9.exe, 00000000.00000003.2081705150.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpfalse
                  		high
                  https://www.mapbox.com.qtlocation_pl.qm.0.drfalse
                  • Avira URL Cloud: safe
                  		unknown
                  https://tools.ietf.org/html/rfc2388#section-4.4HmP9fn8NM9.exe, 00000003.00000003.2387548530.000001B1DDEE7000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387891656.000001B1DDEF7000.00000004.00000020.00020000.00000000.sdmpfalse
                    		high
                    http://c.tile2.opencyclemap.org/transport/%z/%x/%y.pngHmP9fn8NM9.exe, 00000000.00000003.2082132992.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpfalse
                    • Avira URL Cloud: safe
                    		unknown
                    http://c.tile.opencyclemap.org/cycle/%z/%x/%y.pngHmP9fn8NM9.exe, 00000000.00000003.2082132992.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpfalse
                    • Avira URL Cloud: safe
                    		unknown
                    http://a.tile.thunderforest.com/outdoors/%z/%x/%y.pngHmP9fn8NM9.exe, 00000000.00000003.2082132992.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpfalse
                      		high
                      https://github.com/urllib3/urllib3/issues/2192#issuecomment-821832963HmP9fn8NM9.exe, 00000003.00000002.2398457170.000001B1DE0A0000.00000004.00001000.00020000.00000000.sdmpfalse
                        		high
                        http://router.project-osrm.org/route/v1/driving/HmP9fn8NM9.exe, 00000000.00000003.2082132992.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpfalse
                          		high
                          https://api.mapbox.com/geocoding/v5/mapbox.places/HmP9fn8NM9.exe, 00000000.00000003.2081705150.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpfalse
                            		high
                            http://crl.dhimyotis.com/certignarootca.crlHmP9fn8NM9.exe, 00000003.00000002.2406942901.000001B1DEA39000.00000004.00000020.00020000.00000000.sdmpfalse
                              		high
                              http://curl.haxx.se/rfc/cookie_spec.htmlHmP9fn8NM9.exe, 00000003.00000002.2401424181.000001B1DE7E4000.00000004.00001000.00020000.00000000.sdmpfalse
                                		high
                                http://ocsp.accv.esHmP9fn8NM9.exe, 00000003.00000003.2386156508.000001B1DE9F0000.00000004.00000020.00020000.00000000.sdmpfalse
                                  		high
                                  http://www.qt.io/contact-us.SwipeDelegate.qml.0.dr, ScrollViewSpecifics.qml.0.dr, Menu.qml1.0.dr, TabBarSpecifics.qml.0.dr, SwitchIndicator.qml.0.dr, SplitView.qml.0.dr, MenuItem.qml0.0.dr, ProgressBar.qml.0.dr, VerticalHeaderView.qml0.0.dr, RadioDelegate.qml.0.dr, CheckBoxSpecifics.qml.0.dr, PageSpecifics.qml.0.dr, TabButton.qml1.0.dr, ToolButton.qml0.0.dr, TextArea.qml0.0.dr, TextFieldSpecifics.qml.0.dr, Switch.qml2.0.dr, RoundButton.qml.0.dr, GroupBox.qml.0.dr, SwitchSpecifics.qml.0.dr, InsetSection.qml.0.drfalse
                                    		high
                                    http://crl.securetrust.com/SGCA.crlceHmP9fn8NM9.exe, 00000003.00000002.2396693199.000001B1DBEBA000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2392360626.000001B1DBEAD000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387316174.000001B1DBEAC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387107134.000001B1DBEAA000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2393083325.000001B1DBEB7000.00000004.00000020.00020000.00000000.sdmpfalse
                                      		high
                                      https://developers.arcgis.com/authentication/accessing-arcgis-online-services/qtlocation_pl.qm.0.drfalse
                                        		high
                                        https://docs.python.org/3/library/importlib.html#importlib.abc.ExecutionLoader.get_filenameHmP9fn8NM9.exe, 00000003.00000003.2307267517.000001B1DBEDC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2307237019.000001B1DBF0D000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2397410047.000001B1DDB60000.00000004.00001000.00020000.00000000.sdmpfalse
                                          		high
                                          https://urllib3.readthedocs.io/en/latest/advanced-usage.html#https-proxy-error-http-proxyHmP9fn8NM9.exe, 00000003.00000002.2398592765.000001B1DE1A0000.00000004.00001000.00020000.00000000.sdmpfalse
                                            		high
                                            http://www.opensource.org/licenses/mit-license.phHmP9fn8NM9.exefalse
                                            • Avira URL Cloud: safe
                                            		unknown
                                            https://github.com/python/cpython/blob/3.9/Lib/importlib/_bootstrap_external.py#L679-L688HmP9fn8NM9.exe, 00000003.00000003.2307237019.000001B1DBF0D000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2397410047.000001B1DDBEC000.00000004.00001000.00020000.00000000.sdmpfalse
                                              		high
                                              https://httpbin.org/getHmP9fn8NM9.exe, 00000003.00000002.2401424181.000001B1DE7E4000.00000004.00001000.00020000.00000000.sdmpfalse
                                                		high
                                                https://nominatim.openstreetmap.orgHmP9fn8NM9.exe, 00000000.00000003.2082132992.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                  		high
                                                  https://api.mapbox.com/directions/v5/mapbox/HmP9fn8NM9.exe, 00000000.00000003.2081705150.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                    		high
                                                    https://docs.python.org/3/library/importlib.html#importlib.abc.InspectLoader.get_codeHmP9fn8NM9.exe, 00000003.00000003.2307267517.000001B1DBEDC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2307237019.000001B1DBF0D000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2397410047.000001B1DDBEC000.00000004.00001000.00020000.00000000.sdmpfalse
                                                      		high
                                                      http://www.gnu.org/licenses/gpl-2.0.html.SwipeDelegate.qml.0.dr, ScrollViewSpecifics.qml.0.dr, Menu.qml1.0.dr, TabBarSpecifics.qml.0.dr, SwitchIndicator.qml.0.dr, SplitView.qml.0.dr, MenuItem.qml0.0.dr, ProgressBar.qml.0.dr, VerticalHeaderView.qml0.0.dr, RadioDelegate.qml.0.dr, CheckBoxSpecifics.qml.0.dr, PageSpecifics.qml.0.dr, TabButton.qml1.0.dr, ToolButton.qml0.0.dr, TextArea.qml0.0.dr, TextFieldSpecifics.qml.0.dr, Switch.qml2.0.dr, RoundButton.qml.0.dr, GroupBox.qml.0.dr, SwitchSpecifics.qml.0.dr, InsetSection.qml.0.drfalse
                                                        		high
                                                        https://wwww.certigna.fr/autorites/0mHmP9fn8NM9.exe, 00000003.00000003.2386039661.000001B1DEA30000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384955717.000001B1DEA22000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2383619216.000001B1DE9E7000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2406942901.000001B1DEA39000.00000004.00000020.00020000.00000000.sdmpfalse
                                                          		high
                                                          https://github.com/python/cpython/blob/839d7893943782ee803536a47f1d4de160314f85/Lib/importlib/readerHmP9fn8NM9.exe, 00000003.00000003.2388069537.000001B1DBF07000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386866835.000001B1DBEC3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2392073916.000001B1DBEDC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2389757101.000001B1DBED0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2392953988.000001B1DBF09000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2307267517.000001B1DBEDC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2307237019.000001B1DBF0D000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2392017419.000001B1DBF09000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2307267517.000001B1DBF01000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2397071579.000001B1DBF09000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387082081.000001B1DBF06000.00000004.00000020.00020000.00000000.sdmpfalse
                                                            		high
                                                            https://palegreen-cheetah-217044.hostingersite.com/wp-content/uploads/2024/12/DebutMenus_nopump.exeHmP9fn8NM9.exe, 00000003.00000002.2397564694.000001B1DDC60000.00000004.00001000.00020000.00000000.sdmpfalse
                                                            • Avira URL Cloud: malware
                                                            		unknown
                                                            https://www.gnu.org/licenses/lgpl.html.SwipeDelegate.qml.0.dr, ScrollViewSpecifics.qml.0.dr, Menu.qml1.0.dr, TabBarSpecifics.qml.0.dr, SwitchIndicator.qml.0.dr, SplitView.qml.0.dr, MenuItem.qml0.0.dr, ProgressBar.qml.0.dr, VerticalHeaderView.qml0.0.dr, RadioDelegate.qml.0.dr, CheckBoxSpecifics.qml.0.dr, PageSpecifics.qml.0.dr, TabButton.qml1.0.dr, ToolButton.qml0.0.dr, TextArea.qml0.0.dr, TextFieldSpecifics.qml.0.dr, Switch.qml2.0.dr, RoundButton.qml.0.dr, GroupBox.qml.0.dr, SwitchSpecifics.qml.0.dr, InsetSection.qml.0.drfalse
                                                              		high
                                                              https://httpbin.org/HmP9fn8NM9.exe, 00000003.00000003.2386556582.000001B1DE3B0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                		high
                                                                https://wwww.certigna.fr/autorites/HmP9fn8NM9.exe, 00000003.00000003.2385327265.000001B1DE9F0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2383619216.000001B1DE9E7000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2385172266.000001B1DE9EF000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2393758855.000001B1DE9F5000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2405744918.000001B1DE9F6000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386156508.000001B1DE9F0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                  		high
                                                                  http://www.cl.cam.ac.uk/~mgk25/iso-time.htmldatetime.pyc.0.drfalse
                                                                    		high
                                                                    https://docs.python.org/3/library/importlib.html#importlib.abc.Loader.exec_moduleHmP9fn8NM9.exe, 00000003.00000003.2307267517.000001B1DBEDC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2307237019.000001B1DBF0D000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2397410047.000001B1DDBEC000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                      		high
                                                                      https://docs.python.org/3/library/importlib.html#importlib.abc.MetaPathFinder.invalidate_cachesHmP9fn8NM9.exe, 00000003.00000003.2307267517.000001B1DBEDC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2307237019.000001B1DBF0D000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2397410047.000001B1DDB60000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                        		high
                                                                        https://palegreen-cheetah-217044.hostingersite.com/wp-content/uploads/2024/12/DebutMenus_nopump.exeuHmP9fn8NM9.exe, 00000003.00000002.2397564694.000001B1DDC60000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                        • Avira URL Cloud: malware
                                                                        		unknown
                                                                        http://hg.python.org/cpython/file/603b4d593758/Lib/socket.py#l535HmP9fn8NM9.exe, 00000003.00000003.2390216550.000001B1DE365000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384387931.000001B1DE34D000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386761009.000001B1DE34D000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2385039002.000001B1DE34D000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387138082.000001B1DE34E000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2389475496.000001B1DE35B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                          		high
                                                                          https://github.com/Unidata/MetPy/blob/a3424de66a44bf3a92b0dcacf4dff82ad7b86712/src/metpy/plots/wx_syHmP9fn8NM9.exe, 00000003.00000003.2388069537.000001B1DBF07000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386866835.000001B1DBEC3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2392073916.000001B1DBEDC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2389757101.000001B1DBED0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2392953988.000001B1DBF09000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2307267517.000001B1DBEDC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2307237019.000001B1DBF0D000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2392017419.000001B1DBF09000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2307267517.000001B1DBF01000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2397071579.000001B1DBF09000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387082081.000001B1DBF06000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                            		high
                                                                            http://www.openstreetmap.org/copyrightqtlocation_uk.qm.0.drfalse
                                                                              		high
                                                                              http://www.accv.es/legislacion_c.htmdvHmP9fn8NM9.exe, 00000003.00000003.2383832932.000001B1DE9A2000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                		high
                                                                                http://crl.securetrust.com/STCA.crlHmP9fn8NM9.exe, 00000003.00000002.2396693199.000001B1DBEBA000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2392360626.000001B1DBEAD000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387316174.000001B1DBEAC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387107134.000001B1DBEAA000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2393083325.000001B1DBEB7000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                  		high
                                                                                  http://wwwsearch.sf.net/):HmP9fn8NM9.exe, 00000003.00000003.2384108441.000001B1DE3A7000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386966163.000001B1DE3B6000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2393595650.000001B1DE3E3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2389145181.000001B1DE3B8000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387750983.000001B1DE3B8000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386556582.000001B1DE3B0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                    		high
                                                                                    http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1.crt0HmP9fn8NM9.exe, 00000003.00000003.2385327265.000001B1DE9F0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2383832932.000001B1DE9A2000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2383619216.000001B1DE9E7000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384590210.000001B1DE9A2000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2385172266.000001B1DE9EF000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386156508.000001B1DE9F0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384694862.000001B1DE9B2000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384724844.000001B1DE9BD000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                      		high
                                                                                      http://www.accv.es/legislacion_c.htmHmP9fn8NM9.exe, 00000003.00000003.2383832932.000001B1DE9A2000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384590210.000001B1DE9A2000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2385284981.000001B1DE9BA000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384694862.000001B1DE9B2000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                        		high
                                                                                        http://tools.ietf.org/html/rfc6125#section-6.4.3HmP9fn8NM9.exe, 00000003.00000002.2401283903.000001B1DE634000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                          		high
                                                                                          https://www.qt.io/contact-us.HmP9fn8NM9.exe, 00000000.00000003.2097067636.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095421515.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2097302255.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2096945404.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095213985.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095955986.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2179190957.000002024F4B4000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2106478718.000002024F4B5000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2106478718.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2096484093.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2106336866.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2101740506.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2106336866.000002024F4B5000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2099993202.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2099826184.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095719683.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2106170519.000002024F4B5000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2100210898.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2096837635.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095312977.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2179190957.000002024F4EA000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                            		high
                                                                                            http://crl.xrampsecurity.com/XGCA.crl0HmP9fn8NM9.exe, 00000003.00000003.2384108441.000001B1DE3A7000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386556582.000001B1DE3B0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                              		high
                                                                                              http://www.gnu.org/copyleft/gpl.html.QtHelpmod.sip.0.dr, qgraphicstransform.sip.0.dr, qaudioinput.sip.0.dr, qgesturerecognizer.sip.0.dr, qdom.sip.0.dr, QtWebSockets.pyi.0.dr, qwidgetaction.sip.0.dr, QtQuick.pyi.0.dr, qprogressdialog.sip.0.dr, qgraphicsanchorlayout.sip.0.dr, qgeocodingmanager.sip.0.dr, qcameraimagecapturecontrol.sip.0.dr, qabstracturiresolver.sip.0.dr, qundoview.sip.0.dr, qwinthumbnailtoolbutton.sip.0.dr, qhelpsearchengine.sip.0.dr, QtCore.pyi.0.dr, qcameralockscontrol.sip.0.dr, QtSql.pyi.0.dr, qcamerainfocontrol.sip.0.dr, qplacesearchreply.sip.0.drfalse
                                                                                                		high
                                                                                                http://www.mapquest.com/qtlocation_uk.qm.0.drfalse
                                                                                                  		high
                                                                                                  http://www.cert.fnmt.es/dpcs/HmP9fn8NM9.exe, 00000003.00000003.2394905674.000001B1DEA0D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                    		high
                                                                                                    https://www.mapbox.comqtlocation_uk.qm.0.drfalse
                                                                                                      		high
                                                                                                      https://google.com/mailHmP9fn8NM9.exe, 00000003.00000003.2389145181.000001B1DE3E9000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384108441.000001B1DE3A7000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2388403528.000001B1DE3E7000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386966163.000001B1DE3B6000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387750983.000001B1DE3B8000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2400312578.000001B1DE3E9000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386556582.000001B1DE3B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2393595650.000001B1DE3E9000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2398814320.000001B1DE2A0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                        		high
                                                                                                        https://packaging.python.org/specifications/entry-points/HmP9fn8NM9.exe, 00000003.00000002.2398592765.000001B1DE1A0000.00000004.00001000.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2401283903.000001B1DE634000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                          		high
                                                                                                          http://www.qt.io/terms-conditions.SwipeDelegate.qml.0.dr, ScrollViewSpecifics.qml.0.dr, Menu.qml1.0.dr, TabBarSpecifics.qml.0.dr, SwitchIndicator.qml.0.dr, SplitView.qml.0.dr, MenuItem.qml0.0.dr, ProgressBar.qml.0.dr, VerticalHeaderView.qml0.0.dr, RadioDelegate.qml.0.dr, CheckBoxSpecifics.qml.0.dr, PageSpecifics.qml.0.dr, TabButton.qml1.0.dr, ToolButton.qml0.0.dr, TextArea.qml0.0.dr, TextFieldSpecifics.qml.0.dr, Switch.qml2.0.dr, RoundButton.qml.0.dr, GroupBox.qml.0.dr, SwitchSpecifics.qml.0.dr, InsetSection.qml.0.drfalse
                                                                                                            		high
                                                                                                            http://www.accv.es00HmP9fn8NM9.exe, 00000003.00000003.2383832932.000001B1DE9A2000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384590210.000001B1DE9A2000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2385284981.000001B1DE9BA000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384694862.000001B1DE9B2000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384724844.000001B1DE9BD000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                              		high
                                                                                                              https://github.com/python/cpython/blob/839d7893943782ee803536a47f1d4de160314f85/Lib/importlib/abc.pyHmP9fn8NM9.exe, 00000003.00000003.2387082081.000001B1DBF06000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                		high
                                                                                                                http://www.phys.uu.nl/~vgent/calendar/isocalendar.htmdatetime.pyc.0.drfalse
                                                                                                                  		high
                                                                                                                  https://foss.heptapod.net/pypy/pypy/-/issues/3539HmP9fn8NM9.exe, 00000003.00000002.2398457170.000001B1DE0A0000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                    		high
                                                                                                                    https://github.com/urllib3/urllib3/issues/2513#issuecomment-1152559900.HmP9fn8NM9.exe, 00000003.00000003.2388326939.000001B1DE309000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384387931.000001B1DE305000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2390343730.000001B1DE311000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2389969072.000001B1DE30C000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2385039002.000001B1DE306000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                      		high
                                                                                                                      http://google.com/HmP9fn8NM9.exe, 00000000.00000002.2422163133.000002024F4CA000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2390251415.000001B1DE395000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2395155000.000001B1DE395000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386935427.000001B1DE395000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384108441.000001B1DE393000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                        		high
                                                                                                                        http://html4/loose.dtdHmP9fn8NM9.exe, 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmp, _brotli.cp310-win_amd64.pyd.0.drfalse
                                                                                                                          		high
                                                                                                                          http://www.qt.io/licensing/SwipeDelegate.qml.0.dr, ScrollViewSpecifics.qml.0.dr, Menu.qml1.0.dr, TabBarSpecifics.qml.0.dr, SwitchIndicator.qml.0.dr, SplitView.qml.0.dr, MenuItem.qml0.0.dr, ProgressBar.qml.0.dr, VerticalHeaderView.qml0.0.dr, RadioDelegate.qml.0.dr, CheckBoxSpecifics.qml.0.dr, PageSpecifics.qml.0.dr, TabButton.qml1.0.dr, ToolButton.qml0.0.dr, TextArea.qml0.0.dr, TextFieldSpecifics.qml.0.dr, Switch.qml2.0.dr, RoundButton.qml.0.dr, GroupBox.qml.0.dr, SwitchSpecifics.qml.0.dr, InsetSection.qml.0.drfalse
                                                                                                                            		high
                                                                                                                            https://mahler:8092/site-updates.pyHmP9fn8NM9.exe, 00000003.00000003.2387346478.000001B1DDF57000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387506599.000001B1DDF5A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                              		high
                                                                                                                              http://geocode.arcgis.com/arcgis/rest/services/World/GeocodeServer/findAddressCandidatesHmP9fn8NM9.exe, 00000000.00000003.2081340730.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                		high
                                                                                                                                http://crl.securetrust.com/SGCA.crlHmP9fn8NM9.exe, 00000003.00000002.2396693199.000001B1DBEBA000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2392360626.000001B1DBEAD000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387316174.000001B1DBEAC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387107134.000001B1DBEAA000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2393083325.000001B1DBEB7000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                  		high
                                                                                                                                  http://.../back.jpegHmP9fn8NM9.exe, 00000003.00000002.2401424181.000001B1DE700000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                    		high
                                                                                                                                    http://www.openssl.org/VHmP9fn8NM9.exe, 00000000.00000003.2071546388.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2079040959.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                      		high
                                                                                                                                      https://www.python.org/download/releases/2.3/mro/.HmP9fn8NM9.exe, 00000003.00000002.2397410047.000001B1DDB60000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                        		high
                                                                                                                                        https://httpbin.org/postHmP9fn8NM9.exe, 00000003.00000003.2387346478.000001B1DDF57000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2388003331.000001B1DDF5C000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2309174886.000001B1DDF15000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2398207802.000001B1DDF61000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387506599.000001B1DDF5A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                          		high
                                                                                                                                          http://nominatim.openstreetmap.org/searchHmP9fn8NM9.exe, 00000000.00000003.2082132992.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                            		high
                                                                                                                                            https://docs.python.org/3/library/importlib.html#importlib.abc.InspectLoader.get_sourceHmP9fn8NM9.exe, 00000003.00000003.2307267517.000001B1DBEDC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2307237019.000001B1DBF0D000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2397410047.000001B1DDB60000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                              		high
                                                                                                                                              https://github.com/Ousret/charset_normalizerHmP9fn8NM9.exe, 00000003.00000003.2387548530.000001B1DDEE7000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2392683448.000001B1DDEFD000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2391849015.000001B1DDEFD000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2397925328.000001B1DDEFD000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2393980437.000001B1DDEFD000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387891656.000001B1DDEF7000.00000004.00000020.00020000.00000000.sdmp, __init__.pyc.0.drfalse
                                                                                                                                                		high
                                                                                                                                                http://www.firmaprofesional.com/cps0HmP9fn8NM9.exe, 00000003.00000003.2389287647.000001B1DDEC2000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2407045349.000001B1DEA41000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2388657718.000001B1DDEC1000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386500459.000001B1DEA41000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2383619216.000001B1DE9E7000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384815102.000001B1DEA3C000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2391548514.000001B1DDEC5000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386039661.000001B1DEA41000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2393980437.000001B1DDEE2000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2391950337.000001B1DDEDB000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                  		high
                                                                                                                                                  https://docs.python.org/3/library/importlib.html#importlib.abc.PathEntryFinder.find_specHmP9fn8NM9.exe, 00000003.00000003.2307267517.000001B1DBEDC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2307237019.000001B1DBF0D000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2397410047.000001B1DDBEC000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                    		high
                                                                                                                                                    https://github.com/urllib3/urllib3/issues/2920HmP9fn8NM9.exe, 00000003.00000002.2401096981.000001B1DE520000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                      		high
                                                                                                                                                      https://palegreen-cheetah-217044.hostingersite.com/wp-content/uploads/2024/12/truepepe-qt.exeHmP9fn8NM9.exe, 00000003.00000002.2397564694.000001B1DDC60000.00000004.00001000.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2398457170.000001B1DE0A0000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                      • Avira URL Cloud: malware
                                                                                                                                                      		unknown
                                                                                                                                                      http://.cssHmP9fn8NM9.exe, 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmp, _brotli.cp310-win_amd64.pyd.0.drfalse
                                                                                                                                                        		high
                                                                                                                                                        http://crl.securetrust.com/SGCA.crl0HmP9fn8NM9.exe, 00000003.00000003.2384281246.000001B1DE990000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2385196511.000001B1DE99B000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2383832932.000001B1DE980000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384590210.000001B1DE992000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                          		high
                                                                                                                                                          http://c.tile.openstreetmap.org/%z/%x/%y.pngHmP9fn8NM9.exe, 00000000.00000003.2082132992.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                            		high
                                                                                                                                                            https://docs.python.org/3/library/importlib.html#importlib.abc.ResourceLoader.get_dataHmP9fn8NM9.exe, 00000003.00000003.2386866835.000001B1DBEC3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2392073916.000001B1DBEDC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2389757101.000001B1DBED0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2307267517.000001B1DBEDC000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2307237019.000001B1DBF0D000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2396876851.000001B1DBEE0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                              		high
                                                                                                                                                              https://yahoo.com/HmP9fn8NM9.exe, 00000003.00000003.2389145181.000001B1DE3E9000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384108441.000001B1DE3A7000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2388403528.000001B1DE3E7000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386966163.000001B1DE3B6000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387750983.000001B1DE3B8000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2400312578.000001B1DE3E9000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386556582.000001B1DE3B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2393595650.000001B1DE3E9000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2398814320.000001B1DE2A0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                		high
                                                                                                                                                                http://crl.securetrust.com/STCA.crl0HmP9fn8NM9.exe, 00000003.00000003.2384281246.000001B1DE990000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2385196511.000001B1DE99B000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2383832932.000001B1DE980000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384590210.000001B1DE992000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2385453218.000001B1DE99C000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                  		high
                                                                                                                                                                  https://www.gnu.org/licenses/gpl-3.0.html.HmP9fn8NM9.exe, 00000000.00000003.2097067636.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095421515.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2097302255.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2096945404.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095213985.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095955986.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2179190957.000002024F4B4000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2106478718.000002024F4B5000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2106478718.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2096484093.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2106336866.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2101740506.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2106336866.000002024F4B5000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2099993202.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2099826184.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095719683.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2106170519.000002024F4B5000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2100210898.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2096837635.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095312977.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2097231899.000002024F4B0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                    		high
                                                                                                                                                                    https://www.gnu.org/licenses/gpl-2.0.htmlHmP9fn8NM9.exe, 00000000.00000003.2097067636.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095421515.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2097302255.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2096945404.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095213985.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095955986.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2179190957.000002024F4B4000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2096484093.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2101740506.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2099993202.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2099826184.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095719683.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2100210898.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2096837635.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095312977.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2097231899.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2099394407.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095853710.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2098203526.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2096288852.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2098493240.000002024F4B3000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                      		high
                                                                                                                                                                      http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-6HmP9fn8NM9.exe, 00000003.00000003.2388326939.000001B1DE309000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2399401277.000001B1DE313000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384387931.000001B1DE305000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2390722841.000001B1DE313000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2390343730.000001B1DE311000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2389969072.000001B1DE30C000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2385039002.000001B1DE306000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                        		high
                                                                                                                                                                        https://html.spec.whatwg.org/multipage/HmP9fn8NM9.exe, 00000003.00000003.2309174886.000001B1DDF15000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387288897.000001B1DDF97000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2391988143.000001B1DDF99000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2388003331.000001B1DDF98000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                          		high
                                                                                                                                                                          http://www.quovadisglobal.com/cps0HmP9fn8NM9.exe, 00000003.00000002.2404049197.000001B1DE96E000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2396097098.000001B1DE96C000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2383832932.000001B1DE960000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387609233.000001B1DE960000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2395033297.000001B1DE966000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                            		high
                                                                                                                                                                            http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1_der.crlHmP9fn8NM9.exe, 00000003.00000003.2384387931.000001B1DE34D000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386761009.000001B1DE34D000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2385039002.000001B1DE34D000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387138082.000001B1DE34E000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2399566393.000001B1DE34F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                              		high
                                                                                                                                                                              https://urllib3.readthedocs.io/en/latest/advanced-usage.html#tls-warningsHmP9fn8NM9.exe, 00000003.00000002.2401096981.000001B1DE520000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                                		high
                                                                                                                                                                                http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1_der.crl0HmP9fn8NM9.exe, 00000003.00000003.2383832932.000001B1DE9A2000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384590210.000001B1DE9A2000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384694862.000001B1DE9B2000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384724844.000001B1DE9BD000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                  		high
                                                                                                                                                                                  https://urllib3.readthedocs.io/en/latest/advanced-usage.html#tls-warningspHmP9fn8NM9.exe, 00000003.00000002.2401096981.000001B1DE520000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                                  • Avira URL Cloud: safe
                                                                                                                                                                                  		unknown
                                                                                                                                                                                  https://www.gnu.org/licenses/lgpl-3.0.html.HmP9fn8NM9.exe, 00000000.00000003.2097067636.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095421515.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2097302255.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2096945404.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095213985.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095955986.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2179190957.000002024F4B4000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2096484093.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2101740506.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2099993202.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2099826184.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095719683.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2100210898.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2096837635.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095312977.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2097231899.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2099394407.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095853710.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2098203526.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2096288852.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2098493240.000002024F4B3000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                    		high
                                                                                                                                                                                    https://www.qt.io/terms-conditions.HmP9fn8NM9.exe, 00000000.00000003.2097067636.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095421515.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2097302255.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2096945404.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095213985.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095955986.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2179190957.000002024F4B4000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2106478718.000002024F4B5000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2106478718.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2096484093.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2106336866.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2101740506.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2106336866.000002024F4B5000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2099993202.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2099826184.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095719683.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2106170519.000002024F4B5000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2100210898.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2096837635.000002024F4B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2095312977.000002024F4B3000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000000.00000003.2179190957.000002024F4EA000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                      		high
                                                                                                                                                                                      https://www.rfc-editor.org/rfc/rfc8259#section-8.1HmP9fn8NM9.exe, 00000003.00000003.2389145181.000001B1DE3E9000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2384108441.000001B1DE3A7000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2388403528.000001B1DE3E7000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386966163.000001B1DE3B6000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2387750983.000001B1DE3B8000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000002.2400312578.000001B1DE3E9000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2386556582.000001B1DE3B0000.00000004.00000020.00020000.00000000.sdmp, HmP9fn8NM9.exe, 00000003.00000003.2393595650.000001B1DE3E9000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                        		high

                                                                                                                                                                                        World Map of Contacted IPs

                                                                                                                                                                                        • No. of IPs < 25%
                                                                                                                                                                                        • 25% < No. of IPs < 50%
                                                                                                                                                                                        • 50% < No. of IPs < 75%
                                                                                                                                                                                        • 75% < No. of IPs

                                                                                                                                                                                        Public IPs

                                                                                                                                                                                        IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                        92.113.16.201
                                                                                                                                                                                        		free.cdn.hstgr.netUkraine
                                                                                                                                                                                        		6849UKRTELNETUAfalse

                                                                                                                                                                                        General Information

                                                                                                                                                                                        Joe Sandbox version:41.0.0 Charoite
                                                                                                                                                                                        Analysis ID:1578217
                                                                                                                                                                                        Start date and time:2024-12-19 12:39:13 +01:00
                                                                                                                                                                                        Joe Sandbox product:CloudBasic
                                                                                                                                                                                        Overall analysis duration:0h 8m 39s
                                                                                                                                                                                        Hypervisor based Inspection enabled:false
                                                                                                                                                                                        Report type:full
                                                                                                                                                                                        Cookbook file name:default.jbs
                                                                                                                                                                                        Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                        Number of analysed new started processes analysed:5
                                                                                                                                                                                        Number of new started drivers analysed:0
                                                                                                                                                                                        Number of existing processes analysed:0
                                                                                                                                                                                        Number of existing drivers analysed:0
                                                                                                                                                                                        Number of injected processes analysed:0
                                                                                                                                                                                        Technologies:
                                                                                                                                                                                        • HCA enabled
                                                                                                                                                                                        • EGA enabled
                                                                                                                                                                                        • AMSI enabled
                                                                                                                                                                                        Analysis Mode:default
                                                                                                                                                                                        Analysis stop reason:Timeout
                                                                                                                                                                                        Sample name:HmP9fn8NM9.exe
                                                                                                                                                                                        renamed because original name is a hash value
                                                                                                                                                                                        Original Sample Name:c9a1ab7b39fcca82619ec34ee3c2a92a72100f28d5686d5f899a1b37c814dd57.exe
                                                                                                                                                                                        Detection:MAL
                                                                                                                                                                                        Classification:mal52.evad.winEXE@3/1026@1/1
                                                                                                                                                                                        EGA Information:
                                                                                                                                                                                        • Successful, ratio: 100%
                                                                                                                                                                                        HCA Information:Failed
                                                                                                                                                                                        Cookbook Comments:
                                                                                                                                                                                        • Found application associated with file extension: .exe

                                                                                                                                                                                        Warnings

                                                                                                                                                                                        • Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe
                                                                                                                                                                                        • Excluded IPs from analysis (whitelisted): 13.107.246.63, 20.12.23.50
                                                                                                                                                                                        • Excluded domains from analysis (whitelisted): ocsp.digicert.com, slscr.update.microsoft.com, otelrules.azureedge.net, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com
                                                                                                                                                                                        • Report size getting too big, too many NtCreateFile calls found.
                                                                                                                                                                                        • Report size getting too big, too many NtOpenFile calls found.
                                                                                                                                                                                        • Report size getting too big, too many NtQueryVolumeInformationFile calls found.
                                                                                                                                                                                        • Report size getting too big, too many NtReadFile calls found.
                                                                                                                                                                                        • Report size getting too big, too many NtSetInformationFile calls found.
                                                                                                                                                                                        • Report size getting too big, too many NtWriteFile calls found.

                                                                                                                                                                                        Simulations

                                                                                                                                                                                        Behavior and APIs

                                                                                                                                                                                        No simulations

                                                                                                                                                                                        Joe Sandbox View / Context

                                                                                                                                                                                        IPs

                                                                                                                                                                                        No context

                                                                                                                                                                                        Domains

                                                                                                                                                                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                        free.cdn.hstgr.nettruepepe-qt.exeGet hashmaliciousQuasarBrowse
                                                                                                                                                                                        • 84.32.84.101
                                                                                                                                                                                        iGxCM2I5u9.exeGet hashmaliciousFlesh StealerBrowse
                                                                                                                                                                                        • 84.32.84.100
                                                                                                                                                                                        iGxCM2I5u9.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                        • 84.32.84.122
                                                                                                                                                                                        FmmYUD4pt7.wsfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                        • 84.32.84.136
                                                                                                                                                                                        https://ohpky5.fj78.fdske.com/e/c/01jbx9w45rt8n7dv9hga5bx34b/01jbx9w45rt8n7dv9hgd1yw31dGet hashmaliciousUnknownBrowse
                                                                                                                                                                                        • 84.32.84.121
                                                                                                                                                                                        http://zip.lu/?redirect=3k7wIGet hashmaliciousUnknownBrowse
                                                                                                                                                                                        • 84.32.84.104
                                                                                                                                                                                        https://aliceblue-dolphin-702154.hostingersite.com/juno-server-alerts.com/authen.php/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                        • 84.32.84.197
                                                                                                                                                                                        http://zip.lu/?redirect=3k7wIGet hashmaliciousUnknownBrowse
                                                                                                                                                                                        • 84.32.84.227
                                                                                                                                                                                        https://aliceblue-dolphin-702154.hostingersite.com/juno-server-alerts.com/authen.php/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                        • 93.127.179.137
                                                                                                                                                                                        e0OOofAl0S.exeGet hashmaliciousCryptOne, SmokeLoader, StealcBrowse
                                                                                                                                                                                        • 191.96.144.157

                                                                                                                                                                                        ASNs

                                                                                                                                                                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                        UKRTELNETUAarm5.nn-20241218-1651.elfGet hashmaliciousMirai, OkiruBrowse
                                                                                                                                                                                        • 94.178.159.232
                                                                                                                                                                                        arm.nn.elfGet hashmaliciousMirai, OkiruBrowse
                                                                                                                                                                                        • 94.178.39.247
                                                                                                                                                                                        jew.arm.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                        • 92.112.21.155
                                                                                                                                                                                        https://alluc.co/watch-movies/passengers.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                        • 213.186.120.178
                                                                                                                                                                                        arm5.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                        • 92.113.237.55
                                                                                                                                                                                        bot.m68k.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                        • 94.178.33.185
                                                                                                                                                                                        bot.sh4.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                        • 94.178.146.21
                                                                                                                                                                                        armv7l.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                        • 95.134.58.57
                                                                                                                                                                                        armv4l.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                        • 95.135.16.74
                                                                                                                                                                                        rebirth.arm.elfGet hashmaliciousMirai, OkiruBrowse
                                                                                                                                                                                        • 94.179.104.62

                                                                                                                                                                                        JA3 Fingerprints

                                                                                                                                                                                        No context

                                                                                                                                                                                        Dropped Files

                                                                                                                                                                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\_MEI71122\MSVCP140.dllfAatfRnCZ5.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QAxContainer.pyifAatfRnCZ5.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                            C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin\Qt5Bluetooth.dllfAatfRnCZ5.exeGet hashmaliciousUnknownBrowse

                                                                                                                                                                                              Created / dropped Files

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\MSVCP140.dll

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):575056
                                                                                                                                                                                              Entropy (8bit):6.52904444699071
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12288:ZSTTigI46Bb3SUPvRgrKtzL4paQEKZm+jWodEEVPLwtQV:ZUStQaQEKZm+jWodEE9CQV
                                                                                                                                                                                              MD5:6C3AD90EE8D03A4CE68DBB34B0D72B1E
                                                                                                                                                                                              SHA1:55157B5AABD167DC9DBD158A5C7AD435101652E7
                                                                                                                                                                                              SHA-256:7B8A6F283884E6448559DCF510B00C1A885BFB8E598EA05CD2C290C874657326
                                                                                                                                                                                              SHA-512:6D1626906C9D924254839A1FB9115047A8F49864338EC8902431AF5D5C9AB65596208CA71F0C7E8094C103F47C788FC1A9B8E9F347471FA81ADFE3AA9367065A
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Joe Sandbox View:
                                                                                                                                                                                              • Filename: fAatfRnCZ5.exe, Detection: malicious, Browse
                                                                                                                                                                                              Reputation:low
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........)...H...H...H...0...H...0...H...H...H......H......H......H....._H......H....w..H......H..Rich.H..................PE..d... ............" ...(.6...X......0................................................v....`A.........................................2..h...X...,............p.. :...v..PP..............p...........................`...@............P..x............................text....4.......6.................. ..`.rdata.......P.......:..............@..@.data...p8...0......................@....pdata.. :...p...<...,..............@..@.rsrc................h..............@..@.reloc...............l..............@..B........................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QAxContainer.pyi

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5063
                                                                                                                                                                                              Entropy (8bit):5.148372340778111
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:U6Q+rzMoJ/kFuTDOyfKRAPOVOmcIKRAPOVvXXfRIZrPfWZIV:yisAfKRAPOVOoKRAPOVve2S
                                                                                                                                                                                              MD5:62CB7130F70C4036FDA297D643CBD7E6
                                                                                                                                                                                              SHA1:740C58A5F92892CE081AFB46DF56E5545C5FD4E7
                                                                                                                                                                                              SHA-256:D71476219FF5E5015BE2C30DEAD4E9B35E1EA3A2DC1827D525089B7E9C0C8B09
                                                                                                                                                                                              SHA-512:928B121C7EE20137BE252792A3B856A7B84C4B8FB30B91320D7D754821BCFF149ED76AF227F58BEE255DA98A946910D173E200FDFC6AF962B5541782D9679399
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Joe Sandbox View:
                                                                                                                                                                                              • Filename: fAatfRnCZ5.exe, Detection: malicious, Browse
                                                                                                                                                                                              Reputation:low
                                                                                                                                                                                              Preview:# The PEP 484 type hints stub file for the QAxContainer module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import Qt

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin\Qt5Bluetooth.dll

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):547824
                                                                                                                                                                                              Entropy (8bit):6.287419036859771
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12288:2uHPEWA+tJeWIHe/Q6JfFRj9r0Iju/W38tDZR2sjjzXlMt:2ucStJeCzFRj9r0Iju/W38tDZR2sjjI
                                                                                                                                                                                              MD5:2C7A3F9A9158DC733E3053F2D2678F6F
                                                                                                                                                                                              SHA1:6EB9F9849D2D901739C79C2FD7832E77860C8AFB
                                                                                                                                                                                              SHA-256:13617D6112C31F91D8F69771FADD7819F957FBD957AFE34E090C9C45E0DFDF30
                                                                                                                                                                                              SHA-512:DDE9E4B21E6B9D6BA31A6AC917E26AB5350652DC21038FDE04AD660D50F61634D2858BB3ECD55CC8A10BFE92098938CBCE0BDD4475534F2AA541BBDE04AC2BF6
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Joe Sandbox View:
                                                                                                                                                                                              • Filename: fAatfRnCZ5.exe, Detection: malicious, Browse
                                                                                                                                                                                              Reputation:low
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........Z..Y;j.Y;j.Y;j..Tn.Q;j..Ti.Z;j..To.N;j..Tk._;j..Kk.[;j.MPk._;j.PC..P;j.Y;k.c:j..Ko.j;j..Kj.X;j..K..X;j.Y;..X;j..Kh.X;j.RichY;j.........................PE..d......_.........." ................\........................................p....... ....`..........................................U......`........P..........tO...@.......`......0...T......................(.......0............................................text.............................. ..`.rdata..Bv.......x..................@..@.data...(....0......................@....pdata..tO.......P..................@..@.rsrc........P......................@..@.reloc.......`.......4..............@..B........................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin\Qt5Core.dll

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):6023664
                                                                                                                                                                                              Entropy (8bit):6.768988071491288
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:98304:hcirJylHYab/6bMJsv6tWKFdu9CLiZxqfg8gwf:+irJylHFb/QMJsv6tWKFdu9CL4xqfg8x
                                                                                                                                                                                              MD5:817520432A42EFA345B2D97F5C24510E
                                                                                                                                                                                              SHA1:FEA7B9C61569D7E76AF5EFFD726B7FF6147961E5
                                                                                                                                                                                              SHA-256:8D2FF4CE9096DDCCC4F4CD62C2E41FC854CFD1B0D6E8D296645A7F5FD4AE565A
                                                                                                                                                                                              SHA-512:8673B26EC5421FCE8E23ADF720DE5690673BB4CE6116CB44EBCC61BBBEF12C0AD286DFD675EDBED5D8D000EFD7609C81AAE4533180CF4EC9CD5316E7028F7441
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Reputation:moderate, very likely benign file
                                                                                                                                                                                              Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......D.............................UJ......................................................W.....,..................r....................Rich............PE..d...;._.........." ..........-.......-......................................`\.....x.\...`...........................................L..O....T...... \.......U.. ....[......0\..%..,.H.T.....................H.(.....H.0............./.H............................text............................... ..`.rdata..F7%.../..8%.................@..@.data...x....PT..\...6T.............@....pdata... ....U.."....T.............@..@.qtmimed.....0W.......V.............@..P.rsrc........ \.......[.............@..@.reloc...%...0\..&....[.............@..B........................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin\Qt5DBus.dll

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):436720
                                                                                                                                                                                              Entropy (8bit):6.392610185061176
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6144:ZLvnUJ17UTGOkWHUe/W9TgYMDu96ixMZQ8IlXbKgp8aIDeN:KP7cGOGegTwu96ixMZQtlrPN
                                                                                                                                                                                              MD5:0E8FF02D971B61B5D2DD1AC4DF01AE4A
                                                                                                                                                                                              SHA1:638F0B46730884FA036900649F69F3021557E2FE
                                                                                                                                                                                              SHA-256:1AA70B106A10C86946E23CAA9FC752DC16E29FBE803BBA1F1AB30D1C63EE852A
                                                                                                                                                                                              SHA-512:7BA616EDE66B16D9F8B2A56C3117DB49A74D59D0D32EAA6958DE57EAC78F14B1C7F2DBBA9EAE4D77937399CF14D44535531BAF6F9DB16F357F8712DFAAE4346A
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........D..*..*..*.....*...+..*.../..*.......*...)..*...+..*.O.+..*..+...*.O./..*.O.*..*.O....*.....*.O.(..*.Rich.*.........................PE..d...]._.........." .....\...<.......\..............................................K.....`..........................................h..to...................`...Q..............4.......T.......................(...`...0............p...............................text...yZ.......\.................. ..`.rdata..0....p.......`..............@..@.data...X....@......."..............@....pdata...Q...`...R...2..............@..@.rsrc...............................@..@.reloc..4...........................@..B........................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin\Qt5Designer.dll

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4487152
                                                                                                                                                                                              Entropy (8bit):7.387256867718643
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:98304:wriDM0a/9ul3ttbU/pQP2xlEeOCGfmcQWmvHWd/52/:wriDM0a/9ul3ttbcQOx4CUmcQWmvGU/
                                                                                                                                                                                              MD5:C4351384C469750009E5464DD773019A
                                                                                                                                                                                              SHA1:9F114BAC87AF2E0598790CF3298CA7BDFAFDFE21
                                                                                                                                                                                              SHA-256:807E2B399048BC482E1A96F10669387F5F27542CA1B1D8DBCBAEABE53055752A
                                                                                                                                                                                              SHA-512:6199AF25E0224B7288D4B84B9677BAD7CFFCE64F6BCD7B46817823887F94894FA764E1FB31EB300B5F1AFC64CCF433E71DB2ED28044F2001CC1715CB20433944
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........gzI..)I..)I..)@.)C..)...(M..)]..(K..)...(A..)...(M..)...(P..)...(@..)I..)..)...(...)...(H..)...)H..)I..)H..)...(H..)RichI..)........................PE..d...+.._.........." .........^......t.........................................D......JE...`.......................................... :. .....>......0D.......B..W...\D......@D. `....7.T...................P.7.(... .7.0............ ...d...........................text............................... ..`.rdata....+.. ....+.................@..@.data...8.....A.......A.............@....pdata...W....B..X....B.............@..@.rsrc........0D.......C.............@..@.reloc.. `...@D..b....C.............@..B........................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin\Qt5Gui.dll

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):7008240
                                                                                                                                                                                              Entropy (8bit):6.674290383197779
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:49152:9VPhJZWVvpg+za3cFlc61j2VjBW77I4iNlmLPycNRncuUx24LLsXZFC6FOCfDt2/:BJZzI1ZR3U9Cxc22aDACInVc4Z
                                                                                                                                                                                              MD5:47307A1E2E9987AB422F09771D590FF1
                                                                                                                                                                                              SHA1:0DFC3A947E56C749A75F921F4A850A3DCBF04248
                                                                                                                                                                                              SHA-256:5E7D2D41B8B92A880E83B8CC0CA173F5DA61218604186196787EE1600956BE1E
                                                                                                                                                                                              SHA-512:21B1C133334C7CA7BBBE4F00A689C580FF80005749DA1AA453CCEB293F1AD99F459CA954F54E93B249D406AEA038AD3D44D667899B73014F884AFDBD9C461C14
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:MZ......................@...................................(...........!..L.!This program cannot be run in DOS mode....$.......QH^~.)0-.)0-.)0-.Q.-.)0-...-.)0-.F4,.)0-.F3,.)0-.F5,.)0-.F1,.)0-.Y1,.)0-.B5,.)0-.B1,.)0-.)1-m,0-.Y4,.)0-.Y5,|(0-.Y0,.)0-.Y.-.)0-.).-.)0-.Y2,.)0-Rich.)0-................PE..d....._.........." ......?...+.....X.?.......................................k.....R.k...`.........................................pKK.....d.e.|....`k.......g.......j......pk..6....F.T................... .F.(.....F.0.............?.p+...........................text...2.?.......?................. ..`.rdata...z&...?..|&...?.............@..@.data....o... f.......f.............@....pdata........g.......f.............@..@.rsrc........`k.......j.............@..@.reloc...6...pk..8....j.............@..B........................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin\Qt5Help.dll

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):428528
                                                                                                                                                                                              Entropy (8bit):6.385860506526288
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6144:W5OU+lG3LViV3hMkkAGdFxBsVn3uhIb4kW4XJjnK2xKDgpywUoVXqXrarUPtGBf2:W5OEViVRMpAv3uh+4kzKmKafzu6g
                                                                                                                                                                                              MD5:6FAAB9F54169B33F970A2CE0AE8EAD06
                                                                                                                                                                                              SHA1:0EE3071737827204FEB6FDAEB5A4A9A01EB43EC0
                                                                                                                                                                                              SHA-256:E976997B615403842437E46053412FE571377443631D7BEC99FF5C2C7E00A5CC
                                                                                                                                                                                              SHA-512:D35A3E41C68B160C8E475A04888BA9397F029E4A091335ED7080EE917B70A42F0CBE9161B16A27C37E730701936798C2E195E3921B6DAE13B838B41617E932D2
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......G.?...Q...Q...Q......Q..P...Q...P...Q..T...Q..U...Q..R...Q...P...Q...P...Q...T.+.Q...Q...Q.......Q......Q...S...Q.Rich..Q.........................PE..d......_.........." .....................................................................`..............................................M..HL...............@..48...n..................T.......................(.......0............................................text...o........................... ..`.rdata...Z.......\..................@..@.data...x.... ......................@....pdata..48...@...:... ..............@..@.rsrc................Z..............@..@.reloc...............`..............@..B........................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin\Qt5Location.dll

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1645552
                                                                                                                                                                                              Entropy (8bit):6.453516525501338
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:49152:IkbrrRuQFClXJLeYyj+LZ1s3yoqKYe+Ok:InQgLz
                                                                                                                                                                                              MD5:3E8F0D7A97856A7A4FAB71CE11D0C46E
                                                                                                                                                                                              SHA1:2402EFD8E996DD45F10A42F6D0D5DBA9427D9D57
                                                                                                                                                                                              SHA-256:E25D5470EBF057743E9A427358AA1F13B661442EDDBD695D20AC421A97E19A40
                                                                                                                                                                                              SHA-512:C37BB5535906AFAE12D317408E11E91514178B0B74FA08F17D7C7C47963367A4F8768721BF2D156AF2193366DC79630729BBB082F11950C14205521519F3C9F0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......V....o.P.o.P.o.P...P.o.P...Q.o.P...Q.o.P...Q.o.P...Q.o.P...Q.o.P...Q.o.P.o.PTk.P...Q.o.P...Q.o.P..}P.o.P.o.P.o.P...Q.o.PRich.o.P........PE..d....o._.........." ........."......H........................................@............`..............................................u..pm..T................ ..............T#..0G..T....................H..(....G..0................"...........................text...2........................... ..`.rdata...O.......P..................@..@.data...p....P...~...8..............@....pdata... ....... ..................@..@.rsrc...............................@..@.reloc..T#.......$..................@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\bin\Qt5Multimedia.dll

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):746480
                                                                                                                                                                                              Entropy (8bit):6.260644163524817
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6144:jLIJMPFfMerCs1uXdHbbbboLxywnY9jnvQz5dm9mMhI/p5PQCf3FR19EjqD0jKds:j+MPFfMervUXzYeg/mR4G
                                                                                                                                                                                              MD5:01DF79071F9DA0B9B7BDA3DB7FDC8809
                                                                                                                                                                                              SHA1:6944ACC06F8691A27AA0833D29F0389F0E036BF0
                                                                                                                                                                                              SHA-256:1A59AE2A9FF768AD6BFB888FE3DD2544E238F0B28DA83CF375EBD803CE713DC4
                                                                                                                                                                                              SHA-512:486D3F93E56AB50E0C9937E3472762946AFDBB28279818D42081F5784F3AF2DF6D55253D4CF4839601058DCEFB5E543144B91B4572BED96CA9926A0A2AFE5711
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........Q..Q..Q..X.&.Y..E...S.....D.....Y.....U.....U.....V..Q.......$.....P...J.P..Q.".P.....P..RichQ..........PE..d...2.._.........." ...............................................................{.....`.................................................@8.......`..............H.......p.......^..T...................P`..(... _..0...............X............................text...R........................... ..`.rdata..............................@..@.data....3.......(...|..............@....pdata.............................@..@.rsrc........`.......,..............@..@.reloc.......p.......2..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\Flip.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1709
                                                                                                                                                                                              Entropy (8bit):4.799915026290413
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9lz3UECQm8/s:M2aay6E+iCshvSdGvVny9lzkECQm80
                                                                                                                                                                                              MD5:B8ED6D32EDCB90671AE0A293EDBD08B8
                                                                                                                                                                                              SHA1:ED7D906F68433049514B111044E33504936D4616
                                                                                                                                                                                              SHA-256:9CF08837204CC84A8B4FD12B27EF7AF61A00B6A2CDC8A37E3FFF21C49BBAE64B
                                                                                                                                                                                              SHA-512:7DC93CB7F50BD804105036D58877CBBBCFB197710722797DB21D414AA63B82E0E4D620B7968BC683344777896EFA7103A00323981733B02178F551868B16BD94
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\Fxaa.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2358
                                                                                                                                                                                              Entropy (8bit):4.707889370378023
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:M2aay6E+iCshvSdGvVny9lzkueUtfhMIqpb1j:Laa8qdOnalzq/
                                                                                                                                                                                              MD5:A1588486A002590202FE15399C3EF03E
                                                                                                                                                                                              SHA1:8339D591574356F8BB29C2CBC7B0365481572DDD
                                                                                                                                                                                              SHA-256:4867F4EF343A90B269473132A217AB01B69C3E819533D711EBB315484AAB2D97
                                                                                                                                                                                              SHA-512:00D3D5371E88F0734F6C0EC4C6D4946A5E7EB55DB462FA2222B529582BF9811001E54DEDC32FF54C5C2E1FE58BC5EA0E9D6BA0EDC603384C0E68F8E4AEC0A4A5
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\GaussianBlur.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2433
                                                                                                                                                                                              Entropy (8bit):4.718878049526607
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:M2aay6E+iCshvSdGvVny9lzkEcQC6CdRtQqpTMILG:Laa8qdOnibytQqan
                                                                                                                                                                                              MD5:DFCD8CD4E27DF1197AC3F4D50102E430
                                                                                                                                                                                              SHA1:017105BE6ADF152B565327358C13161DD2FC1BC2
                                                                                                                                                                                              SHA-256:4FA125609C3FAAC5938FB8358B3AE004B0645A50FD7001D23F542CF9B9FB4CB7
                                                                                                                                                                                              SHA-512:D3B67EC0F1CF63CA346EB0D8A2D3B94325C7DB8B9C4DEF4AE68DEBB1B714351D3A35F5E28FACF48D59BD70519F2EEAEA4B209DF6B730A4B7CD5ABD5ED5407F45
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\HDRBloomTonemap.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4952
                                                                                                                                                                                              Entropy (8bit):4.574667393084756
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:M2aay6E+iCshvSdGvVny9lzkuiQfi2UGQgBTzQ+LC0xaCTNdZIcGWiGWCGbYxnxd:Laa8qdOnaiuiBlgtEI7YXtWrWLWxEjDG
                                                                                                                                                                                              MD5:D5DCB47BDD1CC70CA4223C51DB8D09C4
                                                                                                                                                                                              SHA1:E2539CB5B1C4F6C366B20547C6B55655AF4913D1
                                                                                                                                                                                              SHA-256:EC04E7A38EAAF958FA887DFC6D93F39BAEC5A867326F4EEA113E4A07A2280CA1
                                                                                                                                                                                              SHA-512:0D58AE204F6EAA57A60E911DEF18CA25C89639A375B5EBA6FC39E2DAC24C6C541A253CBED1725AD01891551269B55BD63339E153FCAB10FC7964C996DF2B82B3
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\MotionBlur.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3625
                                                                                                                                                                                              Entropy (8bit):4.569448410738466
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:M2aay6E+iCshvSdGvVny9lzkuetxnCs8C4h44bMGz0tCGz4TYtdYJ8:Laa8qdOnaGngHB4tL3P
                                                                                                                                                                                              MD5:B8D06C1DD38ED9B0A9FF7972FC5E8FDF
                                                                                                                                                                                              SHA1:A34336923125A2A431E4C9B594A568815FF654FB
                                                                                                                                                                                              SHA-256:A99CF910E8953409A69DBE7DD166885BB680892A4F8A67F92B7323A179CC1D7B
                                                                                                                                                                                              SHA-512:5D3FAEA2219F9DE776B97D502C9A5877C9E15FCB21CC6D203EA09603DA4D4CB0A248AFB7D202D6B98B1B9539C7D5A6ED20E9850C122137D1D77CF135842DF2AF
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\SCurveTonemap.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2315
                                                                                                                                                                                              Entropy (8bit):4.812087002644841
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:M2aay6E+iCshvSdGvVny9wzkTEYXNe67NJnA36/7xmseK:Laa8qdOnUOst
                                                                                                                                                                                              MD5:B431393D0D9845458521FD90D8B27C2E
                                                                                                                                                                                              SHA1:9D6DF6DDE6353E5EA412390F7D85294A9F902796
                                                                                                                                                                                              SHA-256:3FB073533E77446705DAED838656B38CCF7C7833C91A4B7FC626F8CEA57132D8
                                                                                                                                                                                              SHA-512:22B6E3AE2B477498C7E8708BDE7EE27CEAB85105C513251D87A6BE6E183800E15321C29203567044719D420DF2AD9A25950A8C0BE8815C5C5EE1BDAC0696675E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\Scatter.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2044
                                                                                                                                                                                              Entropy (8bit):4.798738085354523
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:M2aay6E+iCshvSdGvVny9lzkA936GRKohH:Laa8qdOnAKs
                                                                                                                                                                                              MD5:6FEB7C814848E3B7BC2B5DDD27E618CB
                                                                                                                                                                                              SHA1:57E513762F0FD5300B1D73CBF2E63E5BA517C9E3
                                                                                                                                                                                              SHA-256:E3A4CB42A3B1E0353A339CAF8D1D5353CD0865D10B29ABF3B03D5A99AF769F15
                                                                                                                                                                                              SHA-512:AB0F98DADAEF0EB66C7E0F0311FAF8BF3101BCC9D9EBA469B576B6329887638CF9565E2E9B310EF0AABF5D83A2D0A840F7F68EBF16D371AB21C655BBB3FBDE78
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\TiltShift.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3007
                                                                                                                                                                                              Entropy (8bit):4.693165448047509
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:M2aay6E+iCshvSdGvVny9lzku45UBw9CO8Cqc0Gz/3:Laa8qdOnagIQl7
                                                                                                                                                                                              MD5:699B6B39A7D06716B15805F125849363
                                                                                                                                                                                              SHA1:17399EDE2F72CFEFF99BD3A7A02002825A2ACA05
                                                                                                                                                                                              SHA-256:976CF7D7F32A03D7C4B1094EDBC9E4F2942F4D0605AA6E7EA85F82456F7B2FD1
                                                                                                                                                                                              SHA-512:ABD40A0B9F413AD6F68442DC42BDE545BC71C9BA905523F483A13210C9B4028264BFC4F3E0850BD3BE7426D30BF52CF134EF5158B921664C301B02F4438A2732
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\Vignette.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1803
                                                                                                                                                                                              Entropy (8bit):4.825264796540213
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9lz3UYt95fHx/WU:M2aay6E+iCshvSdGvVny9lzkY/5fHxZ
                                                                                                                                                                                              MD5:DA8EE720861657460C5C7C09D1A8F0B4
                                                                                                                                                                                              SHA1:5B84CE0EA45C48D784DB9DE7B4E4BCF83A78315C
                                                                                                                                                                                              SHA-256:6E37478F9914227DE2EAC7094D12E40B83251E1491BB0D42482668A2C9C3BE44
                                                                                                                                                                                              SHA-512:036CBAFD2D9CF550087B4497A39859BABBAB4F695F7EF3CFD89805FE3D8192A17A9794958C35D52510F0552CCE2EFB4B1F526F3946817D81653CD391ED466CAB
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\AdditiveColorGradientSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2104
                                                                                                                                                                                              Entropy (8bit):4.746574125289865
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:M2aay6E+iCshvSdGvVny9tm05LoO1kCBdO1ZkCBf:Laa8qdOnKFLogBdc5Bf
                                                                                                                                                                                              MD5:C4259DD7EFEAE9DD33D096FCE19EE88D
                                                                                                                                                                                              SHA1:BB4C5139BC03490DB66FB6A088EA27B2C7FE724D
                                                                                                                                                                                              SHA-256:CCBF62975ADAF7F2C1E2AE48654D3BB553BC359DEA4394D67F20A1C95D4DF325
                                                                                                                                                                                              SHA-512:C70201E8243D04244356860A7C44BF59465B2468C8BB5FE63A3536C346108E6FCC23DF30CE58EAA96489563B48C63B1559EAF5901A2FF10974289265F6F0F8D2
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\AdditiveColorGradientSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1539
                                                                                                                                                                                              Entropy (8bit):4.800824421539057
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7YLGXy:M2aay6E+iCshvSdGvVny9tm05Ldi
                                                                                                                                                                                              MD5:923A93362DE96B354D8785FE34C1D06C
                                                                                                                                                                                              SHA1:33398B1F8398D55781F0F3CEF8EE5E04D9F89078
                                                                                                                                                                                              SHA-256:E083FCB98F6B3AA43007C35A72D0BAA3778BEE092F51E79851721ED444CB34ED
                                                                                                                                                                                              SHA-512:78F2AEA0C996F8FB7FE1EAE323A8E798B2144D47612431DA86AC39F48C9DCA375F94AA37398B7F260A788A6D87F5772A98A8733D2B15BC5F8694DE6DAB5BA402
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\BlurSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2057
                                                                                                                                                                                              Entropy (8bit):4.6512392453906495
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:M2aay6E+iCshvSdGvVny9tm05LRLyxaHYmz:Laa8qdOnKFLRLyQFz
                                                                                                                                                                                              MD5:9537476F40DFC84D6A877DEFBCCFC1A3
                                                                                                                                                                                              SHA1:BA2B655F680B860D2E14BCA55E5396DBA22060D8
                                                                                                                                                                                              SHA-256:2743C34358466337D98F0A631D05DAD6C3B084696EEF103586D0163CC9D469CD
                                                                                                                                                                                              SHA-512:535EF1A1480A0A76FE7E115F58BE13C77D31490A83717B60231B24DBEFF60A198BD483C0C3FA272495DAA3C29E9E946E14CE86388BB6A35E39900C438E4FC2A6
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\BlurSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1522
                                                                                                                                                                                              Entropy (8bit):4.79833169400743
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7dXy:M2aay6E+iCshvSdGvVny9tm05Ldi
                                                                                                                                                                                              MD5:40D31201324BBD3A4E2B899090405880
                                                                                                                                                                                              SHA1:F50C44268412AEE6DC4DCB5826122712476A51C3
                                                                                                                                                                                              SHA-256:77F2FDE62F4ABE65F81669FC58BD0B6FD88618EAA2FF4BD119225567B1D3DD31
                                                                                                                                                                                              SHA-512:7C619833F79DE9A4B8D73DCFC4DCBF5A440A291164BD917F9A2D160B0B8F4D4FCB978E5109237380D285270063A980A119DA601C5E4EC2F90D219D81CC4FB446
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\BrushStrokesSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3522
                                                                                                                                                                                              Entropy (8bit):4.357425528955801
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:M2aay6E+iCshvSdGvVny9tm05LyLZspDDfgLxA9AeRaHYzDRaHvcqqcpyaHwnqIz:Laa8qdOnKFLyLSpgLGiewADw2sKz
                                                                                                                                                                                              MD5:F91855A634FE01B962B8F71E651DD355
                                                                                                                                                                                              SHA1:690F5618244F28C9EBBDD894BD2E2DD9EDC26BCE
                                                                                                                                                                                              SHA-256:AD25482C90B8BFEA45B03C326D9FAA88B1D3D052B37645DFF8FB59C883500BD1
                                                                                                                                                                                              SHA-512:CADBE41B548D1FCC25916F21F4684234E4B92C327B26B2E1131BE1348B7F462744516987A1CFADE242756C530A3F8A1FCD39616A42CC99025EFD076A2EB752BF
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\BrushStrokesSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1530
                                                                                                                                                                                              Entropy (8bit):4.801929096715566
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7Ig+yXy:M2aay6E+iCshvSdGvVny9tm05LDRi
                                                                                                                                                                                              MD5:9F26317AC61C69E39D687841C2319FEE
                                                                                                                                                                                              SHA1:65143DD3767841F8FF43EA2DBD11153851D35609
                                                                                                                                                                                              SHA-256:59D5F99959EDFB5331AE5655C2DDD4DD85DD8136EF40ABCC3CBEAF8D63D57E5F
                                                                                                                                                                                              SHA-512:03945465FF7D2B0972D3709604C28559961A7A2BDEAD215DC4727E1452AC981CB52355658095ED3B45AAD50C338F4AFCB75AA9517B1F0115698DDF03C3B31CE0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\ChromaticAberrationSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3115
                                                                                                                                                                                              Entropy (8bit):4.466751803011135
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:M2aay6E+iCshvSdGvVny9tm05LcLcsqf7/LUNaHq9qHgUNaH0nsqD6z:Laa8qdOnKFLcLBw7/LUk9gUkBz
                                                                                                                                                                                              MD5:7D09739BDA995ACB7A99238D21BFE655
                                                                                                                                                                                              SHA1:41C7BFF919E302AFB6190C23078A1C451E047A68
                                                                                                                                                                                              SHA-256:77F856FFFF9D3700CE67E2B46808795466696CC938FCE3BC9FEAF15F65E02405
                                                                                                                                                                                              SHA-512:439ADC24C2FCB77758F2B08FCA7E5945976A523A5642AE1C2B5C992ECA6895853254BEDB16DF2D500F362E4A4B243481D9AB4D5EF795619CB72BE8FEA8604F93
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\ChromaticAberrationSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1537
                                                                                                                                                                                              Entropy (8bit):4.799298907428088
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7eGXy:M2aay6E+iCshvSdGvVny9tm05LeGi
                                                                                                                                                                                              MD5:C60DA88FFF4898D7302711D6830515D3
                                                                                                                                                                                              SHA1:9EF87D101E189DAD3F77215BB57322842D6C988A
                                                                                                                                                                                              SHA-256:41ACA92160D6EE1FDC3B930DFA5EFC5EC83CDDBE764C4270B51821A6E2A45A57
                                                                                                                                                                                              SHA-512:405F64B2AA7C2804644581B4796293D1ADD6E02D642644E5CCED3FF011D69EAAAFB0F6070E066123C341BED73A1DC0D39D76E197E37515106EAB911F0D603851
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\ColorMasterSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3480
                                                                                                                                                                                              Entropy (8bit):4.285181433179726
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:M2aay6E+iCshvSdGvVny9tm05LgvLEaHvZjaHvF1aHv+ZEaHAz:Laa8qdOnKFL0LvB2dsmtAz
                                                                                                                                                                                              MD5:13E49A2E0B769A8F4023774BF7024DDA
                                                                                                                                                                                              SHA1:145CA40977A4966F4C40F5A1926E6E31E06C4F47
                                                                                                                                                                                              SHA-256:9740D69ECD3BEC3204C88639CF5159C841DE2A630BE491B2F08B08C7495D0DD8
                                                                                                                                                                                              SHA-512:D66334B1DAA3EA57B8B69D06FA81A9F2AC0CF7CA3BCF40179BB41CDD348B798FFB6EAE8BACFC4881AB86BB54BC6D09D80ACADC8BDCA0DDD00E8E07E14BF78759
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\ColorMasterSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1529
                                                                                                                                                                                              Entropy (8bit):4.799407736066554
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7DXy:M2aay6E+iCshvSdGvVny9tm05LDi
                                                                                                                                                                                              MD5:0A2F7111BC8B8070CC6DAE2AD10171D3
                                                                                                                                                                                              SHA1:612F8F1F40603A9F529D1E7D54ADFB8263A20855
                                                                                                                                                                                              SHA-256:8097B1E011AE76221C36C9D4F95BD6A4B1D9B2591DF5C74DDD4A6CF1119A2C5A
                                                                                                                                                                                              SHA-512:36F90E55A9FFAC4496F7BA78D5633E88F338A3AFB8B0B379DB84A68A20AD0CA24EF47D6BEE827B05F24BCB7C0A0AA47EF82790D6FFFA94A4B49E032E48D53BC7
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\DepthOfFieldHQBlurSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2926
                                                                                                                                                                                              Entropy (8bit):4.43207626937159
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:M2aay6E+iCshvSdGvVny9tm05LRL3xaHOnn25xaHGnqDgQVxaHGnqD+z:Laa8qdOnKFLRL3QMCQgQVQ+z
                                                                                                                                                                                              MD5:2C5CD29E1C9A38CF7DCAB358EA97AC67
                                                                                                                                                                                              SHA1:F63402F27064BA334E9C279C480DA750DFDFF87F
                                                                                                                                                                                              SHA-256:25EB30D81009BAC3EE9E54972170FA51604BBF26B096701182B0A29F0C91B93E
                                                                                                                                                                                              SHA-512:DD1936E2A3575FE498203A5D7F7D3968F6264D531AE64C630103351082B6282D648A6259E54AC0489FC996E4FD1361D1D0173BCEF42936F7EB517656CA1AA26C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\DepthOfFieldHQBlurSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1536
                                                                                                                                                                                              Entropy (8bit):4.813624160047879
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7UXy:M2aay6E+iCshvSdGvVny9tm05LUi
                                                                                                                                                                                              MD5:9A16842CC5F0FEF74A82268C12773113
                                                                                                                                                                                              SHA1:4F38B627E25AB5EE68B65668EE578AAD0116266A
                                                                                                                                                                                              SHA-256:48B683F1B0B2BC74C0653FEE4E1C3569D198923151C954A34E66225B13763F2D
                                                                                                                                                                                              SHA-512:185986F0A4C3FB32318896957079DCE8FBF70263C7437B13F28CA104B05796635D2AA63E12187D6295572BC445422B8EEFC3D45796BF6068EAF95E817CEB7C59
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\DesaturateSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2067
                                                                                                                                                                                              Entropy (8bit):4.6466344726526145
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:M2aay6E+iCshvSdGvVny9tm05LaLBaHAz:Laa8qdOnKFLaLgAz
                                                                                                                                                                                              MD5:BD2EAA68C817F1BCC47EC70D8F40923C
                                                                                                                                                                                              SHA1:7EAD92CFDC9379CA2561BBA712C3675481B2A6FB
                                                                                                                                                                                              SHA-256:AFC6214773B96050522D6418DFC0BF2D4B8C07D5B4A1640D0E4EEB130749FEA5
                                                                                                                                                                                              SHA-512:3726B7CF51B850B93AF9F5C755B30680D785B44765B7BBAC6A809B51373FA5F83D0DAA415A5CC9306DA5A54DA1CFFC17DDE47C524D7569BD5DA6CDC3B54FB23E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\DesaturateSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1528
                                                                                                                                                                                              Entropy (8bit):4.795103453843901
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7MXy:M2aay6E+iCshvSdGvVny9tm05LMi
                                                                                                                                                                                              MD5:E2DE29F988FD7C925E0E50FB38883F87
                                                                                                                                                                                              SHA1:3F883FE6A7F95A541F326EA9A418847D0C71D18A
                                                                                                                                                                                              SHA-256:C484B6BB4601439FCEA96641267ACA7F543745B25316D5DDA61EE8F219271189
                                                                                                                                                                                              SHA-512:22C8F5F871AC6044280152B346F4404413CA867DEDF64DC4C45739503261EE75CBB6F3C66153590EA02E79FF0E1ECEAF13B4E163C1D52BDF7E79D39F158C31EF
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\DistortionRippleSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5054
                                                                                                                                                                                              Entropy (8bit):4.171506524669465
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:Laa8qdOnKFL3nLWZnE/F5zbpOmb+wXb25F:La7qvgETnUm7AF
                                                                                                                                                                                              MD5:79315DEC3AFACE1C12AC78EB79494017
                                                                                                                                                                                              SHA1:53CDCEBBC0B95BBD2FC8885FD0E1BDA922854CAE
                                                                                                                                                                                              SHA-256:790B7B2475E7F9B33034006E31AE38EFF40AE56586E740C4A9700D5DE66506C3
                                                                                                                                                                                              SHA-512:8E29DFDCDA6DA212526951661AE332352DD1046C967FD565CA4025CB14B608EBEE0AB75DA3E5D6E12BCDA78526FAD06B626731695B437225F1B4235319CCF5DD
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\DistortionRippleSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1534
                                                                                                                                                                                              Entropy (8bit):4.80012610963183
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7c/MOGXy:M2aay6E+iCshvSdGvVny9tm05Lc/Ai
                                                                                                                                                                                              MD5:DF3244126B2143C024D85181FDBA7F4D
                                                                                                                                                                                              SHA1:48CD3532EE3BE14C8E5F0103DA022ADE3D8514C6
                                                                                                                                                                                              SHA-256:CF4819104E6308217E07E6A2A756C86E44E04DCFCCB106DF7CE6ACBB496A8B78
                                                                                                                                                                                              SHA-512:AA3BFD0E55059BF3986EA15F4BB27C4658131A4D207E08D2460791EA049A186224C0D677610FBC524AC8AC8ABB987EF38A69FC848E5DB157B5B2BD9C97724E72
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\DistortionSphereSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4231
                                                                                                                                                                                              Entropy (8bit):4.266633518821681
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:M2aay6E+iCshvSdGvVny9tm05L3nLDaHuFUaHy5lAEi2Ymb7yHuRXbuHu8hF:Laa8qdOnKFL3nLWK/y5pOmb+wXb25F
                                                                                                                                                                                              MD5:B31BEB88F5C88E944E26D3BCB87881E5
                                                                                                                                                                                              SHA1:3FB7FC6BFD3F53A1594BD177554C12F51DF217F9
                                                                                                                                                                                              SHA-256:3512EAFB9E4B023A44EB12EC53A80B8D2E4A90A98DB89B0DE7BAD314D15C4FD6
                                                                                                                                                                                              SHA-512:52D91AF0AE3A9AA3F14B7C28AECBB6B9F8BE4E5151283C2CF7C1CE1C2439CA06FAC98BE89CA38D57ABF7200F1D214DE656F415C863349A70D8E3F3E9AF1740D6
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\DistortionSphereSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1534
                                                                                                                                                                                              Entropy (8bit):4.796470957927611
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7c2KXy:M2aay6E+iCshvSdGvVny9tm05Lc2Ki
                                                                                                                                                                                              MD5:87696A6A7D47BDEAB1D31BD54AEC7450
                                                                                                                                                                                              SHA1:83F7F7FA373452DF32CADFF9E585E4C2BB6ED331
                                                                                                                                                                                              SHA-256:457D46AD9510D9E8B501CFF96906374089D7B883748EF4A8BCAB84D7AEDFDFF6
                                                                                                                                                                                              SHA-512:0132653484BB409B627739F0F0AB1A2A6FD97736577BE6CC7F2C1CD7EF01DF594B7602AA102CC5B15CC2623B89D065A66500D8E2801078799B1D178B9A8C8002
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\DistortionSpiralSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4204
                                                                                                                                                                                              Entropy (8bit):4.274531996244904
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:M2aay6E+iCshvSdGvVny9tm05L3nLDaHuFgaHyd4lAEi2Ymb7yHuRXbuHu8hF:Laa8qdOnKFL3nLWKD1pOmb+wXb25F
                                                                                                                                                                                              MD5:F8BD81AD65364F919BF2E8B84600DA51
                                                                                                                                                                                              SHA1:ED1549ED3DB4F8B76399BC759B1077D03A38B19D
                                                                                                                                                                                              SHA-256:82D094BAD2AD474ABCC0B2A6E9F47F086E051C45589C4A50CB4B074AD4BE43B4
                                                                                                                                                                                              SHA-512:CE54699BF830BB4997437DA86F6DC531BB3292CEE887722B3B3D3720FFE5C4C5797AC2D103A67219480E20C0977C8A3D45D47E2AA638FD977B40349F21FB9871
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\DistortionSpiralSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1534
                                                                                                                                                                                              Entropy (8bit):4.797416705697905
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7ctXy:M2aay6E+iCshvSdGvVny9tm05Lcti
                                                                                                                                                                                              MD5:06B7213C24EF67375812B29C9C8DFD17
                                                                                                                                                                                              SHA1:E7A31D72D006F9B8680FA37E080847E7B977903F
                                                                                                                                                                                              SHA-256:385E161D223E3E8CC7ECE315358B7797B8541F6B4CB27E839F49C1B6B7858CE3
                                                                                                                                                                                              SHA-512:892216CD5C5A2C04604F881F463D76832DE316D215B1EA71891C328DDB508C3B0D87DEB27607D229E5A74EBFD3F0825B1F4C8A5DBBB150FFEE6C63AD2FBBE3FD
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\EdgeDetectSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2062
                                                                                                                                                                                              Entropy (8bit):4.645228489303386
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:M2aay6E+iCshvSdGvVny9tm05LZLxaHubz:Laa8qdOnKFLZLQ0z
                                                                                                                                                                                              MD5:E7E03551D902EA271694F936A8E2F0C9
                                                                                                                                                                                              SHA1:2FB0CBB8B35D44F88ACB622136D6D582B4132B00
                                                                                                                                                                                              SHA-256:E10EE0182482194C5E42E066E2DEFD6CD676EA6A28264B6E11980510D59AF0D4
                                                                                                                                                                                              SHA-512:8A94972E14776235726F17F45EB219FED0021C1F4564FA47C261DEAB40CEEDE7912CC980F5C796843C75D83AE78799E6DE425174C6C53ADB2D9D1E0C3C5594B0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\EdgeDetectSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1528
                                                                                                                                                                                              Entropy (8bit):4.7971248862000975
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7UXy:M2aay6E+iCshvSdGvVny9tm05LUi
                                                                                                                                                                                              MD5:FC7CB5791C03CEBC60CD1B777EBFA2A6
                                                                                                                                                                                              SHA1:E79353F50AC2EB3E3F05BA6ABE7B3F5F7DE820E8
                                                                                                                                                                                              SHA-256:FEB82D8909583F91788163B81792E3BA4209048D11E7D2991AB551B8936206A0
                                                                                                                                                                                              SHA-512:3602F7A218ADDDA5D199C6097BA2EB1C5C00F56A48A05AC0A3FF8B676C04B27069D9CD8F6D514ABB2D62E025ABF57B565134009CA3F9AC7F637360238E3BA480
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\EffectSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2203
                                                                                                                                                                                              Entropy (8bit):4.799215764007693
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:M2aay6E+iCshvSdGvVny9tm0RL+8pOui2+Xh+T+p:Laa8qdOnKlLs5N
                                                                                                                                                                                              MD5:34EF33B304059754D056FCF8427AC959
                                                                                                                                                                                              SHA1:C4A7286FD68B8833B5B97C88305E00AD81E43102
                                                                                                                                                                                              SHA-256:54A4BA7624C86EBDC683913B213CC437B078953F4FC1A3DFBDF97718AB7D20E6
                                                                                                                                                                                              SHA-512:F1AAFD50251CF4F323416A0759A2E4D453499AE003CF096C7AEE1A907A603D9699013F756AECCEF4D54E14593769D22CE7712E31784C9BFBBBBB9C415CC5428C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\EffectSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1524
                                                                                                                                                                                              Entropy (8bit):4.796886961330271
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7ZXy:M2aay6E+iCshvSdGvVny9tm05LZi
                                                                                                                                                                                              MD5:02BCF94269A210F9E369FC6E5E265E3A
                                                                                                                                                                                              SHA1:8BC35F91B7E4B390F9FBB638155259565654F2DC
                                                                                                                                                                                              SHA-256:03EDB0273A36D35CC5477B88E3A1DDFF98741CD8FB45F4EBD62FB10D3BB300AB
                                                                                                                                                                                              SHA-512:51EF3B1E8E06A761E7B7A283164C35D57B6F78BFB9050EE22DB24CF34E2771699CA9C3BDD5EC5830CED014F9082BE7D8E7559882C1B99180C4FEE69307387E05
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\EmbossSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2063
                                                                                                                                                                                              Entropy (8bit):4.656271137063214
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:M2aay6E+iCshvSdGvVny9tm05LzL/F+aH05z:Laa8qdOnKFLzL/fwz
                                                                                                                                                                                              MD5:58A7CAED5E43C81A69432BB99E09D859
                                                                                                                                                                                              SHA1:0DAF916A7A256AB127AF6CD892831B11847B4930
                                                                                                                                                                                              SHA-256:D12F9507248557699E52494BEF7E4590A8A1E601BDC73D76F935C2DABA9CC733
                                                                                                                                                                                              SHA-512:AC371ADC4CC079C48E526641FC5BD30E0BD9C3C8F8B0C967253B7C034A85524F22650FEC640B4F094297A6DE519638B1C8F3EE176D934AF2567D2596A572F800
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\EmbossSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1524
                                                                                                                                                                                              Entropy (8bit):4.797997058019242
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7zXy:M2aay6E+iCshvSdGvVny9tm05Lzi
                                                                                                                                                                                              MD5:4C1C7EA3EA0C7C89108B0A9685D63D03
                                                                                                                                                                                              SHA1:09A362F6B1D68DDD367D0C1E77F25E99E388D479
                                                                                                                                                                                              SHA-256:FFC83285E8B1C5A04C8F494C58F11BA62DDDAC984D57B4FA329135DC6F1A8C86
                                                                                                                                                                                              SHA-512:67A343694B0EDE377EBB78B54C255A2F77798A971960E0091F0A73005691217B590C6481FC1701A313E502D577575A0A7D59FB154AF420D59C3C1835459FBC3F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\FlipSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2397
                                                                                                                                                                                              Entropy (8bit):4.6316950448104794
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:M2aay6E+iCshvSdGvVny9tm05LLLlcOAkpuISz:Laa8qdOnKFLLLlNAkplSz
                                                                                                                                                                                              MD5:941A50E4034E0D719751CC204EE0F625
                                                                                                                                                                                              SHA1:92C9BEC6ACFE966CBEB6D6769C7CBDAB065F4CD0
                                                                                                                                                                                              SHA-256:A8485BA282788C04259C6431B815468E469DF4F8FC8CC4C4A577626DDC51AE58
                                                                                                                                                                                              SHA-512:28A55F4E2C2C5BCF63E82A6C4CEB9853F1AAC29AA416972D44AD2CC427E8B14BEC0B7E7A26034908579C0FAB38A82423C7789DB634968B9036ED6F2A39F12EE1
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\FlipSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1522
                                                                                                                                                                                              Entropy (8bit):4.796507643516898
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7LXy:M2aay6E+iCshvSdGvVny9tm05LLi
                                                                                                                                                                                              MD5:26BCCDEDABFB4F67ED155ED9A37B155B
                                                                                                                                                                                              SHA1:3B07A2D99E6B1DF48DF507FB0EAC383E8981BD0B
                                                                                                                                                                                              SHA-256:0EF96714EBFEDDD6B539EEF948EED0793CCF4DEDB9151F041FE70555D3DD2D26
                                                                                                                                                                                              SHA-512:9E48919BBEA5F8A08774BA31AB2238613AA521601F26ADAC474EE263497F9BD5E7E43C1155A4F63BEDD9134E50C6918A6543317DFFAAFEF6FA2970ADF9E909C6
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\FxaaSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1516
                                                                                                                                                                                              Entropy (8bit):4.802421585653045
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7My:M2aay6E+iCshvSdGvVny9tm05LMy
                                                                                                                                                                                              MD5:706B09EC616FC9AFD139949C7EDF885B
                                                                                                                                                                                              SHA1:60F92C2F85369842FC86D7BC0FFD01AE1C09F863
                                                                                                                                                                                              SHA-256:190AF9AE69CA648A43DA355C675823154E2F2E2AF96B1232A74BE30877A9B341
                                                                                                                                                                                              SHA-512:4DC676D286602B3D696CD7A54B115E5B35902C7B9721D19FBD98A45FDD70DE66814604516EE2752BBD8A84B0F521E43AEC10BFE70FEFDF287E194991CF790C35
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\FxaaSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1522
                                                                                                                                                                                              Entropy (8bit):4.800552959170186
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7/GXy:M2aay6E+iCshvSdGvVny9tm05L/Gi
                                                                                                                                                                                              MD5:1AECC95838F1690BE917AD843DCFD2BC
                                                                                                                                                                                              SHA1:027989B071FADD997C40098B2BC1B68B9706AF26
                                                                                                                                                                                              SHA-256:B18D3D35C64F111D1B4799541F92885CFF672B5073EE043399781345093EEDDC
                                                                                                                                                                                              SHA-512:031F02AABBFC0D788EF20B57D8DB904DD5198783CEE81FCF27FC819FBA27D07A30C33D13639A8859E6454C345D482D310B9C1745A7BEE0187D9FCD942FB8032E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\GaussianBlurSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2020
                                                                                                                                                                                              Entropy (8bit):4.662458007133559
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:M2aay6E+iCshvSdGvVny9tm05LRLyxaHynyz:Laa8qdOnKFLRLyQZz
                                                                                                                                                                                              MD5:AD44E0EC4C218ABD61C33BFB38BEA5EA
                                                                                                                                                                                              SHA1:58F89631C7DCF421C578A0C13DA5A04589721E14
                                                                                                                                                                                              SHA-256:1CB5D97801323B9DF01F0980D78CBDECCEDB898761FBBAD6C62CF637BC736626
                                                                                                                                                                                              SHA-512:9F8C3BD1B35C7EAEFB3BCBAB73B376B1164862285A27B6E504D895169A9CDF69483F23EA1E7E3A8356242193D08082793BE21CB4052B6725E5407FDC801A3EB4
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\GaussianBlurSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1530
                                                                                                                                                                                              Entropy (8bit):4.800517581970065
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7IXy:M2aay6E+iCshvSdGvVny9tm05LIi
                                                                                                                                                                                              MD5:6F44C45F9BAECCD62FD40F651743C07D
                                                                                                                                                                                              SHA1:10A395D18AE2C419F1F2222BCB1438FAD19FF420
                                                                                                                                                                                              SHA-256:08EB05CFA7CA4C280E8585253FDFCEBA3237B6114BAD2AC3396667114560C1E1
                                                                                                                                                                                              SHA-512:7576C186B33C8283735ABB9BA415D3E99FB5CB1E88309A2E00008DD9C5D95C79BF1D9A3EFE9A6B4D31373CE332AFBD35625361FB383ABFEE8B6181EE446C2A58
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\HDRBloomTonemapSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4425
                                                                                                                                                                                              Entropy (8bit):4.180012906218248
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:M2aay6E+iCshvSdGvVny9tm05LqLjaHPWaHquaHyn9WJaHuo/aHuk3aHuMz:Laa8qdOnKFLqL2P9q18tl6/S/z
                                                                                                                                                                                              MD5:6130D832345113287828800AA23749A0
                                                                                                                                                                                              SHA1:C4827F1A0CF1022B4DAF60F01A8436DEFD15FB74
                                                                                                                                                                                              SHA-256:5CDA2C2985CE3CDDDB8ADBB4F8694483E90FE55A0E60B2525C0F43CB92584C06
                                                                                                                                                                                              SHA-512:B9330C37C91A778A3507078E439601433CE17F9AD26A5591F2D7FA79D9E790C02F89A15C2EB52438F7330806CEFDED1884627D682A6C270E84B5FEA5C5770E4A
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\HDRBloomTonemapSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1533
                                                                                                                                                                                              Entropy (8bit):4.811364401959752
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X77Xy:M2aay6E+iCshvSdGvVny9tm05L7i
                                                                                                                                                                                              MD5:885D6AF7C00858154B1B3FBC66FE0D85
                                                                                                                                                                                              SHA1:B14D881F0D94AF10B72DBD00B566FF032A50C095
                                                                                                                                                                                              SHA-256:BFD09DBE509B5DC978529EDB1E622603F1CF6D3AB50B37A61A9A3BFC8576E25B
                                                                                                                                                                                              SHA-512:AD35ECD41B9815A05AA07A53E990A3B87FB733F90D497C875BDD69CB894A23B70EBEA522718826EBB81677DB00E56D1E106B4557D8B915BF79F0D15FA44CCDA9
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\IdComboBox.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4199
                                                                                                                                                                                              Entropy (8bit):4.852032840427181
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:Laa8qdOnqeEHUudpvCGFX31wdTyV5aCKy:La7q3eEHBdpKGFX31wdGV5aC3
                                                                                                                                                                                              MD5:A75D8AEC7049D08E9CF5CEC2B914B3AA
                                                                                                                                                                                              SHA1:E619CCB766E6E8C69AE8B3D034B94BC5AA08A994
                                                                                                                                                                                              SHA-256:1BCC0CDE97EDFC72B8B70666A7A9D73FDFE071DBCC35DCD5C717C047CB08CDD8
                                                                                                                                                                                              SHA-512:C74E7FBF65D011C6887B1F0324EBFA8FDD63A7F5F15C45F4B86EA18A032C244896E16135A9273D818A71D6DA4EA889A5CE1CF044E33AB2D37616928F01EF412F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\MotionBlurSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2559
                                                                                                                                                                                              Entropy (8bit):4.513942438311344
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:M2aay6E+iCshvSdGvVny9tm05LRLeqaHuN8aHXz:Laa8qdOnKFLRLeJ+HXz
                                                                                                                                                                                              MD5:23FFCB6E0046733CAFD61353423B0E3E
                                                                                                                                                                                              SHA1:10C9FE75441DACBF7732F8E5C3F8396D55B3CEFA
                                                                                                                                                                                              SHA-256:080D6BB77C242750E06D0704F82B10DAAD3EAC6E635FC9F00AA7D36500BBFB28
                                                                                                                                                                                              SHA-512:104B95F0EF263B0CE87B99A54E76ACCB693D0A3DA43A4AFC5E688D5E4EE9BB234AD0C7A8A9EB08A91E0D6622B7A14B563B060730068D7CD9EF658FEB144DE2B0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\MotionBlurSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1528
                                                                                                                                                                                              Entropy (8bit):4.801944450687001
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7nXy:M2aay6E+iCshvSdGvVny9tm05Lni
                                                                                                                                                                                              MD5:77E1A15FD3CE3EFFC123BAFA19345F26
                                                                                                                                                                                              SHA1:56A33CBEC1F64E9AC2798D2ED5C042EE9F505A32
                                                                                                                                                                                              SHA-256:D614FB0EA64DADF18B28C2D748DA52502D0DA607B797C1516EAB24573E7A2048
                                                                                                                                                                                              SHA-512:D664E845DC75E6548419D3DB0760E2129EF27534460C69A0B3C5967ACDC9439BB86C28E47299FCAFADFBF879827CBCCB6E983FCD11E8C92415EF43A431EAE317
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\SCurveTonemapSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):6483
                                                                                                                                                                                              Entropy (8bit):4.02021052149046
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:Laa8qdOnKFL3L/yCjWjuCZjeMdLQQAvdiAhrICt8Ahz:La7qvgCjW6WjRF2hh8AHhz
                                                                                                                                                                                              MD5:9EB41837424820725271649B98F1D508
                                                                                                                                                                                              SHA1:AD1E17A0A4EE38D5181906F54399C69F0FFC0278
                                                                                                                                                                                              SHA-256:7CE2EC1603700D94E0462ACB612D284B33D489632102E41996E3E370EB7FF0A9
                                                                                                                                                                                              SHA-512:1042D0087AFA5C5547A0663FDF98EEE0D8F3ECC59E4C5715585367A4CE42F056B462653FF45163BDD3B5B2EAB541F97FA66F81117E1ADF22D3661038FD006112
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\SCurveTonemapSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1531
                                                                                                                                                                                              Entropy (8bit):4.801836764017511
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7GXy:M2aay6E+iCshvSdGvVny9tm05LGi
                                                                                                                                                                                              MD5:C8D4DEBD9694E39063E99453801165AC
                                                                                                                                                                                              SHA1:DEF786A007C50B2236C63F163F3EF175BB264A7C
                                                                                                                                                                                              SHA-256:EA6C0B8867DE3009D21E89624FA43A43BA014E56FF94704401D0C3A2DE1FFCA8
                                                                                                                                                                                              SHA-512:CFF6648A8956555841A13EDBCEFD151F983631AE2FFE1A54804E394DB5E6AEF1F7382FEAC862B283167F001EEF0CF5E663763FE592C21C9759232FCDED96632D
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\ScatterSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3506
                                                                                                                                                                                              Entropy (8bit):4.4038796070839155
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:M2aay6E+iCshvSdGvVny9tm05LyLZspDDf6LTaH1PyRaHvqmC3Nz:Laa8qdOnKFLyLSp6Lm0wrcNz
                                                                                                                                                                                              MD5:F5EB46F48824E87ABFE2DBD27152EB03
                                                                                                                                                                                              SHA1:B238FCEC3253E3EFB8B94DE5EECB970B5E336180
                                                                                                                                                                                              SHA-256:158EA43775ECD856F039FCB3DF351DAA61C590FDBCFE70F27DBAB80F04848310
                                                                                                                                                                                              SHA-512:593B88EF3D40CCE86CFADCB937D26961406BC345D177337F63437386FABE0E5F78BCEDB46A0452BED056202661D7A5B07012A0C0E7388A806AD024B2C19F920B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\ScatterSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1525
                                                                                                                                                                                              Entropy (8bit):4.794533743973527
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X76Xy:M2aay6E+iCshvSdGvVny9tm05L6i
                                                                                                                                                                                              MD5:97C32B1B63F3312136C67A43EF8B0314
                                                                                                                                                                                              SHA1:103023C3E6E00D07809D583FE056AB2C95880E4B
                                                                                                                                                                                              SHA-256:FF3D840784B995FBC1ABAFFF6370CE34BF602D075094C3A8D3FA7FEC720EA460
                                                                                                                                                                                              SHA-512:5CE0745CDAA986000A0E79A58C033D465A141E2C0853E77BD0791DB31145A4CF0F8D2ED74E08AD21CB696E92B08CFDD5D39432C21C2975B6B68B105ED0891CAE
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\TiltShiftSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3827
                                                                                                                                                                                              Entropy (8bit):4.295638047758827
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:M2aay6E+iCshvSdGvVny9tm05LjLfaHunkqOkaHunX+aHynnkpla4SrFnJz:Laa8qdOnKFLjLaRq2kFwkplFSrxJz
                                                                                                                                                                                              MD5:DE412A0F2E97054924E933DEF5B77022
                                                                                                                                                                                              SHA1:D510D4DF6F1C7AD7B03A6192A657BB9C8A099FE8
                                                                                                                                                                                              SHA-256:BE050EDAD2F59ACC87D04E94FEEB805AF73F249DF25B05C2C000BE1EE9C79534
                                                                                                                                                                                              SHA-512:2E409DE325D6C24D060FFD9371B47E5463A5AB1E34982E6BD39678D3735C25CDE1CC4456572857FB9567F7660E25FA119E33943CFE1A1E30CB81A59E5F69F7BA
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\TiltShiftSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1527
                                                                                                                                                                                              Entropy (8bit):4.798028377851742
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7ltXy:M2aay6E+iCshvSdGvVny9tm05LLi
                                                                                                                                                                                              MD5:2674E1C3FE2280E11BA4306A65ECEBA1
                                                                                                                                                                                              SHA1:C9CC0AD3F5C12D403EB4D4636FBBF3FB3B854578
                                                                                                                                                                                              SHA-256:AD11E1EFDAA70100DCDB8EFE77B64E735DB83A84CEC65F13C34C68A3CF2FE94A
                                                                                                                                                                                              SHA-512:7772F04D14DD7B1018A4F7FC66BB0F2985912E77AF5EE24575491C73F8258E67D8276F68485D3F66D763A5492812F5E20F3FE1D0D9394452900DE14AF43D6905
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\VignetteSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2840
                                                                                                                                                                                              Entropy (8bit):4.500635452028733
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:M2aay6E+iCshvSdGvVny9tm05LOLVaHrPtczaHajZGfOvkCBf:Laa8qdOnKFLOLMJcGEU+Bf
                                                                                                                                                                                              MD5:B3D8D466EBC3FCFB3B11D1087F8E1622
                                                                                                                                                                                              SHA1:204B98B280FF257286B39B53AEF1F6D1E943A9D4
                                                                                                                                                                                              SHA-256:FA4D85CB8455C1DE699673A48184E11CCB5E950E3F90A0524F48896FC9EE8C3C
                                                                                                                                                                                              SHA-512:355F7E1AF42D4B9C94E1A53C01A94D2A04AC8BCAAF9086155CDCAD5071FD449A028DFFE2E58BB6EE5757EE701115E7BED4D526E321920536B3C183942211B9C1
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\VignetteSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1526
                                                                                                                                                                                              Entropy (8bit):4.796712198062553
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7o9tXy:M2aay6E+iCshvSdGvVny9tm05Lo9ti
                                                                                                                                                                                              MD5:01D8E0F2C4B6CA5ECCA82939CB16C075
                                                                                                                                                                                              SHA1:9E362446D78F3E11AF7DD697D0880097EDB61C99
                                                                                                                                                                                              SHA-256:88772D6229BC2BB164FA28F392F07E1B63F65A604CCC1EF6CC6A9B060DC1C1BD
                                                                                                                                                                                              SHA-512:C98F849CA1956EF2B1DB18D019E8A6D88708A2BC82817D280FE091BDDDC7C1394F09B86EF3ACFADB65FB2367F74EF901C6D4B2DC38F2BE86C3E082CF37F48DC2
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\effectlib.metainfo

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):12027
                                                                                                                                                                                              Entropy (8bit):4.261599945977872
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:aFzWFkWCFkAPiFpxyFFDF+jFWaFNzFgTF4LFkYFxkFRBFoj3FciFdcFhPFSPFail:YYguTz
                                                                                                                                                                                              MD5:1A48C5F05BFB8EA1615B8A19D0CAD943
                                                                                                                                                                                              SHA1:C041BA1B37BEB4F717B9717FD6BC09CF3D1FD72F
                                                                                                                                                                                              SHA-256:3BA0EC8A7995C116B5E7D01C87487D9B85F856E9CD6DC9BF6394883D35905F3B
                                                                                                                                                                                              SHA-512:BEEADD5D7224153C4A6E83B796485D0261C7B468F50A119B4D9163E5CDA6C4FC53C63B3E2B84B5AE67B9736F2B28189BB5195862AC8B4F6B8D781A1E14F72872
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:MetaInfo {.. Type {.. name: "QtQuick3D.Effects.AdditiveColorGradient".. icon: "images/effect16.png".... Hints {.. visibleInNavigator: true.. canBeDroppedInNavigator: true.. canBeDroppedInFormEditor: false.. canBeDroppedInView3D: false.. }.... ItemLibraryEntry {.. name: "Additive Color Gradient".. category: "Qt Quick 3D Effects".. libraryIcon: "images/effect.png".. version: "1.15".. requiredImport: "QtQuick3D.Effects".. }.. }.. Type {.. name: "QtQuick3D.Effects.Blur".. icon: "images/effect16.png".... Hints {.. visibleInNavigator: true.. canBeDroppedInNavigator: true.. canBeDroppedInFormEditor: false.. canBeDroppedInView3D: false.. }.... ItemLibraryEntry {.. name: "Blur".. category: "Qt Quick 3D Effects".. libraryIcon: "images/eff

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\images\effect.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):411
                                                                                                                                                                                              Entropy (8bit):7.361274443968583
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12:6v/70RyjxPLMMSrUr74R/OZC4bnknpEmvKg:ajxgTnOR4nJvKg
                                                                                                                                                                                              MD5:7FBA4D41DCD6617804794CAF8F48B5B1
                                                                                                                                                                                              SHA1:F55A6B261DC9221BFDF775425CF961DCFD96A8E4
                                                                                                                                                                                              SHA-256:740F9DD817E0C14999B016FECE76C99DF4B28065ACB78CE819552BC6EC576773
                                                                                                                                                                                              SHA-512:73A04A768411A6B9DB3AB94C2EF24DF94EED05D7AC34D185F7F485B7E8767EB8D375E5C90E0CB21D2F1EDB8867CBD865BAA2AB29F79D5D4F15C704BE3AEC841F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR..............w=....bIDATH...+.Q.....jJl|......L.......)....B.n.=......,..vR.R..,D.n...;.;oF).S..{>...{.}i...&@U...`...Z.#".Y........@s.o.^r.*.F...X...O..7..r.u.9.J.vE..?!'."U-g.+.."..&..|E..K..V../..j.p...e...Z..n...}..".....r......a.G...D.&.U.%.j....'..v...i.r..HE.+z....{Hp....@d......v.M......QN...l...5=....a{N.*0.Bv.....G...W...H...o..bx...M.6Y.....W...X.R2./.9....IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\images\effect16.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 16 x 16, 8-bit colormap, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):321
                                                                                                                                                                                              Entropy (8bit):6.017807623875118
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:6v/lhPfIoPrPTkZQXqgobf8CO5PHtJbDmLDiPl7yAfjaVxrkS9t0JNSRjp:6v/7njPTkoqLORfo+PNkfPt0JNE
                                                                                                                                                                                              MD5:BF3DCE26D01E552B5E1F76807D88A653
                                                                                                                                                                                              SHA1:8CD7B8DCAAE9D7C54B2032E33E389EDB91EA2652
                                                                                                                                                                                              SHA-256:B33107A111E79A9F74993D8BD843EF3F55C132BDBB4038053D4321EA995E8DB1
                                                                                                                                                                                              SHA-512:1250A201A46E61EC41C647B29E44AAAC7A53DF22F4F88ED766A703CB9F8487DE8C21AE2A25783AAC0F113850A02E82B9DF6A3A643A1977AFFBE1F17C260C08D5
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR.............(-.S...rPLTE...................................................................................................................@....%tRNS.........!*-\j.........................J....YIDAT....G..0...5.{....q..E.\rf........?2/.Sr.'dL6!z.c......v.,I..a..9..n........d.?<0.....^.v{$....IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\images\effect@2x.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):714
                                                                                                                                                                                              Entropy (8bit):7.611357968879619
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12:6v/7wrjuzsKMkVTE+H5Ou+8SDmMbCaJlqznFZIoVV7I3A6nCErZTGop7F0Nw9NdR:Wzsxk1JO192+kzDVVV7MfnjGl69Nn
                                                                                                                                                                                              MD5:00AB7A733A18F58D1044A316BA4C6BBF
                                                                                                                                                                                              SHA1:6921D9B6F27678994D7411E22DC1A145CEC65ECA
                                                                                                                                                                                              SHA-256:7C48754241A74A3AE698FD219293ADC84FC7EB5EFE8F81B218D776D4342BB26D
                                                                                                                                                                                              SHA-512:0AA176C36753ED6BDE240A53CFD97FDC8CF87BA9E4D9B21C72EB0E3A3CF7F8A7956687C77AB6FB49AEB1DE2DEE209EF8679B0D4D509351B2E04A89FBC0E1CB5A
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR...0...0.....W.......IDATh..M.NQ....;......"...|..4.B..66J6R..(J.. ...)%.X.QBY."...b.Bg.....{.}..f1.y.9....=.y/.......2S:..i5......z....`....3.T...Vu..5..`k...R..-.=`.....Zv..P..'.x...v..&@K%...>.t...;.. ....<...?.b.+......H.4p..~.-.J.y..v[<...s._.x*..xR..4.4.n".z.....(..f6...|.....7df...u>...H..r%"~.8...m.......t.8..~....7Y.K...`...x..p...D....Y...."..E..-.dO.c..S..;........d}Q...R?)%...sB..l.3&.~..lK\....)..-r..]...;z.x.0.R.S..z.... 3....J-...T..I..w.#.S..lVA.UI3S5.j@...m.+......;...f.r....6Z. ...'.9."..x.Izef.).u......x......'%....f.3/....qba{...3ytj.W..u...} .#|....m.ctb |..w...~l.7.o...`.$..W....at..hf..l..-..[....Cpg.,...khhhhh...~............IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\designer\source\effect_template.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1673
                                                                                                                                                                                              Entropy (8bit):4.792243274345849
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9lz3US+:M2aay6E+iCshvSdGvVny9lzkD
                                                                                                                                                                                              MD5:CF14B03F7F42A2E102089EA52BA6335F
                                                                                                                                                                                              SHA1:7EC315112F7D7875C1DAB92BEDBCC8A8C5F53D39
                                                                                                                                                                                              SHA-256:DDA37F8FC8319D5D0A6994A343C755A957B43E50B2D7CDE5F40EB49A5798A97D
                                                                                                                                                                                              SHA-512:4BCBD5C303BEE13E9A202C26126C3DA88E3122B20B166B60B1EB6FF59A0CF1A451172FDA2CFFAC8CAE36F5084F88C35D9935F1215BBB58E1B5F5381A02DB61D1
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\maps\brushnoise.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):61885
                                                                                                                                                                                              Entropy (8bit):7.983175872515517
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:1536:hovsWhU2CV6bBiGQlCaPDkBbkbw7oiCV2yRhJwbe:hovxUib+4abkybw1sRDue
                                                                                                                                                                                              MD5:D177390FA903DF824572D81272BEDC5F
                                                                                                                                                                                              SHA1:A9A6E727BDC5F2DA71F5AE1E4FB2FB0F3567869E
                                                                                                                                                                                              SHA-256:FD1EF60A194D77CD8E3D32171BE2A4682D9232206008BB6B78B09763A0309E5B
                                                                                                                                                                                              SHA-512:84401EDC45174475C15051A7715EC8B892FD37582379756AF468B67AAB8DDAEB944D149EBFED77662D4332812F303F2E048E2F44B833C9802E5845EFF2E463D0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR.............\r.f....bKGD..............pHYs.................tIME.....'1A..... .IDATx..Ko$Y.&....h...t'.dDFD>.....]=5..4#h$@. @.....rvB..^i-h7.J..N.$h.~VwUgVWvUfFddF..$..t...x.Z.s.{.......p8.N..]...|.....w..!..@. ...0.O..>..Y..5Z.Y..Q......c.D@8...#........>........D..c....2...{.O.#>c.e..K.\..K.........).....5..(r.;..-.....[...X...u......{...wF....|C..(...[.|...q..8..S.zK.s%.....0...}..@8...>c..T..]..X../......9W.3....C...C.d.zF.7..K.dO|.~.....j}...H......_.Tk.~...r...|i..[.....?P.sJ.U...o.1.h......s..k.<.{1....N....<.=...{..{....n....G.....U.!....A........x..s.yxS.%.w...........J..}..{..V.qF/.B.+.<.#..)...{..G...B....ic...3q.R.|XEP.....?t..|E._X./O..@..kU........WB.\......]W=....@.XE....@pm./.r.C.....Z4m.c.-.........@.......X...;..VV..SR.RfRw.X...<.%.Z..5P.w.......%..Bk*q......a........?%.?....H...k..j.........../../........~.,...^..,Z.g............}%.._.8..9...6.I:..@.%).....N....K.9....X.!.../..P.......,..*.hj..Y.o...P..@..O.L.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\maps\white.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 64 x 64, 8-bit/color RGB, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):155
                                                                                                                                                                                              Entropy (8bit):4.472613674909626
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:yionv//thPlt/ttLwt042/uDlhlpPo7PWYM4yX/1111111111111111111111110:6v/lhPb/6TPQ7PWYMRSXFljp
                                                                                                                                                                                              MD5:D158C7B9897B4ED4D6A5401A1C9199B8
                                                                                                                                                                                              SHA1:C312B25D1AB1714729A7EEB35FEEA0D159DE3E8F
                                                                                                                                                                                              SHA-256:D10A5214E4D4F6EC4DC6ED09ECC7F79FB346F281F8D6BB223B71FB7780571F6C
                                                                                                                                                                                              SHA-512:64FF74173DDD27CA2D98175ADA78B89B99766A3785BBBE8F61375D573804FC280DD2157565326FDBD1CB82F435C2B5E2AFCABB8F82E6FF9B80D6DAB86FFB10C3
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR...@...@.....%......pHYs................MIDATh...A..... ...3..7h@'...................................................r..}^.c.....IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\plugins.qmltypes

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):740
                                                                                                                                                                                              Entropy (8bit):4.865312897162837
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12:I8VFJtx+L7Ix9+hULe/AW/GmZsG65x+FKCbkXOvNMcZE/3eNJWjt1e:I8VF9M7InuULe//Gkx6EbkXOvKcZkq6S
                                                                                                                                                                                              MD5:58886DD6CB1625A0A213A10268465969
                                                                                                                                                                                              SHA1:21AB5932BD94F915A73BD46861F824935CB59954
                                                                                                                                                                                              SHA-256:0B27D20B42476C48AAA2E285EF1050E52D3CA462EE9C698A29D6FE5CF14C9C6C
                                                                                                                                                                                              SHA-512:88E1E8C6930E149502D8BD86C7337673DB539CC210357235A1379FD046782280489C9EA6415931E6A99E090D63FA7837FC0DAE51A8AE7C1850A57BE427A2929D
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:import QtQuick.tooling 1.2....// This file describes the plugin-supplied types contained in the library...// It is used for QML tooling purposes only...//..// This file was auto-generated by:..// 'qmlplugindump -nonrelocatable QtQuick3D.Effects 1.15'....Module {.. dependencies: [.. "QtQuick 2.15",.. "QtQuick.Window 2.1",.. "QtQuick3D 1.15",.. "QtQuick3D.Materials 1.15".. ].. Component {.. name: "QQuick3DEffect".. defaultProperty: "data".. prototype: "QQuick3DObject".. exports: ["QtQuick3D.Effects/Effect 1.15"].. exportMetaObjectRevisions: [0].. Property { name: "passes"; type: "QQuick3DShaderUtilsRenderPass"; isList: true; isReadonly: true }.. }..}..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\qmldir

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):873
                                                                                                                                                                                              Entropy (8bit):4.994552163067894
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:7Q7dEuLKqqASADBYG/MOUQ/MOuG2AQ2Q5GFQ+M3GzyfGV2kFsAP:76LBz9V/uQ/92AQ27FQl2GOhP
                                                                                                                                                                                              MD5:C37716D7BF5BFBCC325FE049260BF76F
                                                                                                                                                                                              SHA1:FD2C88CAC9FDCDABA21BC8B7FA7F42DA801455E1
                                                                                                                                                                                              SHA-256:41066C0AD97EC920AE8473389BF64818F09409804B8FDFD20CB446FD3E7455EB
                                                                                                                                                                                              SHA-512:F5DBF83EAEDCE8A3BB29AC38D5F64A93FE863DF66F605ECE095BC731A014542B9A11525AC0E277EC5DFF66D179736DC47A43F86CF3DD2A5D92672504139F59A6
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:module QtQuick3D.Effects..plugin qtquick3deffectplugin..classname QtQuick3DEffectPlugin..AdditiveColorGradient 1.0 AdditiveColorGradient.qml..Blur 1.0 Blur.qml..BrushStrokes 1.0 BrushStrokes.qml..ChromaticAberration 1.0 ChromaticAberration.qml..ColorMaster 1.0 ColorMaster.qml..DepthOfFieldHQBlur 1.0 DepthOfFieldHQBlur.qml..Desaturate 1.0 Desaturate.qml..DistortionRipple 1.0 DistortionRipple.qml..DistortionSphere 1.0 DistortionSphere.qml..DistortionSpiral 1.0 DistortionSpiral.qml..EdgeDetect 1.0 EdgeDetect.qml..Emboss 1.0 Emboss.qml..Flip 1.0 Flip.qml..Fxaa 1.0 Fxaa.qml..GaussianBlur 1.0 GaussianBlur.qml..HDRBloomTonemap 1.0 HDRBloomTonemap.qml..MotionBlur 1.0 MotionBlur.qml..Scatter 1.0 Scatter.qml..SCurveTonemap 1.0 SCurveTonemap.qml..TiltShift 1.0 TiltShift.qml..Vignette 1.0 Vignette.qml..designersupported..depends QtQuick3D 1.15..depends QtQuick.Window 2.1..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Effects\qtquick3deffectplugin.dll

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):113136
                                                                                                                                                                                              Entropy (8bit):7.441224738227249
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3072:l/BDrvjbVlju5r3qzb+ovxUib+4abkybw1sRDu1Yx5sW+:xBDrvPVlju5r3qzb+ovpbTakUw1sRDuP
                                                                                                                                                                                              MD5:2DE9BF63EA00CFA6CA5A59B14320F616
                                                                                                                                                                                              SHA1:0A60858C6C056EBE2B0E8076F461680EBE86D3E2
                                                                                                                                                                                              SHA-256:3F0501377423938D24CA321CC39149B3FD858FD050D07649D73E501F9D6E5E32
                                                                                                                                                                                              SHA-512:C03509C31308FD2C81EB126671D0773AAFDF6B54163C287EBC19095215348A2C8983ADED64EF5485CA11C576B2839D6F31BBA379DC68529D633F48472D057F10
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......[.....@...@...@......@...A...@...A...@...E...@...D...@...C...@...A...@...A.C.@...E...@...@...@.......@...B...@.Rich..@.................PE..d...1.._.........." .........~.......!....................................................`................................................T...........`............................|..T....................~..(...P}..0............0...............................text............................... ..`.rdata..xl...0...n... ..............@..@.data...............................@....pdata..............................@..@.qtmetado...........................@..P.rsrc...`...........................@..@.reloc..............................@..B................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Helpers\AxisHelper.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3597
                                                                                                                                                                                              Entropy (8bit):4.766731003512274
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:naa8qdOnLBb2xtm0+zE0ZZ6W0R5u240a40IM40Iu:na7qI92xtm0+zE0P6W0R5u240a40IM42
                                                                                                                                                                                              MD5:EEF60FF946F1748F1F6320D5AB21FE25
                                                                                                                                                                                              SHA1:631EF9C246B42B300724F35260035337C5B15B71
                                                                                                                                                                                              SHA-256:8CEE5F308F65017ED8CEFDFAE07C57AC880D727813D94F6FB0A8C52A160ABF3E
                                                                                                                                                                                              SHA-512:218AA2BC3618B78416E82F03B21C9FAE9DD22FAA72DBBCA1380264E5F714F703D0A53BD51BD4952E22565225B12C60B8B79B47DAA8527818DEB6687E3DEDA36B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2019 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Helpers\DebugView.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2313
                                                                                                                                                                                              Entropy (8bit):4.778127010208359
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MGaay6E+iCshvSdGvVny9l3HswnGKvPHl4PTP5:naa8qdOnuHj1/irh
                                                                                                                                                                                              MD5:10E0A192DAE18CDF644C48C4F7C5FA05
                                                                                                                                                                                              SHA1:C3ABA50C2086984BB757280091C839366EF56DBD
                                                                                                                                                                                              SHA-256:AB0653E06CE98D11653F25286ED2F5BA5653AFCE49FFC368B156F1FC5F723A7A
                                                                                                                                                                                              SHA-512:EABDF37A96C79DEBA32BB867F901B62B88E78BB455358EF06B4D334F806A4933FC8DC6889A513C76B2A2B7323AB426E425A7CC8EFA464C4090DD64B40A800B05
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2019 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Helpers\WasdController.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):9374
                                                                                                                                                                                              Entropy (8bit):4.429284472555955
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:ea7qqYB9L/mzEtGww4NwwKO1wZuywjdKwfitwvfyTxyXWS0lbVpyV0Ay+WZ00bE0:Avl0yXWS0lbVpyV0Ay+WZ00bEp5VLoTP
                                                                                                                                                                                              MD5:FB763196737A807F4E9F6C7A169980E9
                                                                                                                                                                                              SHA1:148616887E37ACD7A83C32DDB7DD9CD3F47C44D9
                                                                                                                                                                                              SHA-256:17AA89F6D27B9B15FCF4ACB791C3E21CA3CDB2DB1EA2788C47BBAEB89E5C37F8
                                                                                                                                                                                              SHA-512:F76EC136D60803552A9693BB469F33E2F3F40354EC721B29951F15B1C8A2BC7BE6F46EF9FD078A5C69B36A72F8D2E2DA19B7C3C6AE69906EEB92FB86E05F5EF3
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:./****************************************************************************..**..** Copyright (C) 2019 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Helpers\meshes\axisGrid.mesh

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):128684
                                                                                                                                                                                              Entropy (8bit):4.134580870152193
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:768:MQQZ0kwd8tGKvQgscg8+eFxUXY0FPTTV+6V:MQQZ0/uQgdiTTVb
                                                                                                                                                                                              MD5:A33615DE0947E838DFEC2D94FDF549FB
                                                                                                                                                                                              SHA1:1677C67C73D0FCA758B28118B41ACBCE1EDCB3BA
                                                                                                                                                                                              SHA-256:B5A6BB5880C2863A7F28890EFCBA82D4B0606409AB68C44631B2212E98989A31
                                                                                                                                                                                              SHA-512:547E16E94E71C5FCA68F73DB0BEDEC9B7F04023AC9316FD7F8D1176B6B79E56B8F7E2A3396469EB2F7CFF5BD18E8D8A4DBE9D005F44ABFD516E3961A76A5E7B9
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:M.......................8...............@8..@.......x.....................................................attr_pos........attr_norm.....HB..;......?..........HB.....;...?..........HB.........?..........HB..;..;...........?..H......;...........?..HB.....;...........?..H...;..;..............H.....................H......;..............H...;.................HB....................H.....................H......;..............HB....................HB.....;..............HB..;..;.......?......H...;..........?......H...;..;.......?......HB..;R.~?...?..........HB.....?...?..........HB...R.~?...?..........HB..;..?...........?..H......?...........?..HB.....?...........?..H...;..?..............H....R.~?..............H......?..............H...;R.~?..............HB...R.~?..............H....R.~?..............H......?..............HB...R.~?..............HB.....?..............HB..;..?.......?......H...;R.~?.......?......H...;..?.......?....

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Helpers\plugins.qmltypes

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2448
                                                                                                                                                                                              Entropy (8bit):4.420886564469418
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:I8VF9M7Inke//Gkx6sUAOkXl0k/BjBRRHMnHKnpkX7RJpkoC7GC7fJAvUe/:I8VFmGkWGCTBjBRRHSHEMl6G6fJ2U+
                                                                                                                                                                                              MD5:52F354C6E857282CCC26296FE6D9FBA0
                                                                                                                                                                                              SHA1:87F687AF6F9B424148DA2302F277941AC9CC7EE5
                                                                                                                                                                                              SHA-256:48A5087CC086377520A5E74A5444AC938F4ADDCED55A2C6582242FC83C2B9A86
                                                                                                                                                                                              SHA-512:6E0C24317C40E18194687110D5B6FB446AE7C59154E1FD8E22F777E4467C435B278B9369C15A23455B0DDF5F6ED2E86FEE69011E2D5A495271808FF86F7A4878
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:import QtQuick.tooling 1.2....// This file describes the plugin-supplied types contained in the library...// It is used for QML tooling purposes only...//..// This file was auto-generated by:..// 'qmlplugindump -nonrelocatable QtQuick3D.Helpers 1.15'....Module {.. dependencies: [.. "QtQuick 2.15",.. "QtQuick.Window 2.1",.. "QtQuick3D 1.15",.. "QtQuick3D.Effects 1.15",.. "QtQuick3D.Materials 1.15".. ].. Component {.. name: "GridGeometry".. defaultProperty: "data".. prototype: "QQuick3DGeometry".. exports: ["QtQuick3D.Helpers/GridGeometry 1.14"].. exportMetaObjectRevisions: [0].. Property { name: "horizontalLines"; type: "int" }.. Property { name: "verticalLines"; type: "int" }.. Property { name: "horizontalStep"; type: "float" }.. Property { name: "verticalStep"; type: "float" }.. Method {.. name: "setHorizontalLines".. Parameter { name: "count"; type:

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Helpers\qmldir

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):232
                                                                                                                                                                                              Entropy (8bit):4.833981904451233
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:xOv7eU+ea8o1GUijvVWtsA3zBSEV/eSXYlAhowy:xMeNh1IjNWtsA3zBnUZA7y
                                                                                                                                                                                              MD5:85643A878A58B485193416C55B459A42
                                                                                                                                                                                              SHA1:8EC0A784826170D3BC60EF775E7B1891921E0435
                                                                                                                                                                                              SHA-256:E9BD514F51BF172143A8191C6FE84B5D62A341EAB604EEE9B3BCF77E1A56C95C
                                                                                                                                                                                              SHA-512:09EC60E84FD0BC6CCBCB5457AC4A123FD52D87C4C644662F9EC696B7EA5DF01B316B861DB6BA07E847C830B2ECC31730381196D71C023C94E9B30F5E78376142
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:module QtQuick3D.Helpers..plugin qtquick3dhelpersplugin..classname QtQuick3DHelpersPlugin..AxisHelper 1.0 AxisHelper.qml..DebugView 1.0 DebugView.qml..WasdController 1.0 WasdController.qml..designersupported..depends QtQuick3D 1.0..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Helpers\qtquick3dhelpersplugin.dll

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):39920
                                                                                                                                                                                              Entropy (8bit):5.864942725482162
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:768:3JTE9CKowg01TKCcxyF5hrpLRddDGcUeUf2hGh:NEHowgaTNhrpLRd3Uf3h
                                                                                                                                                                                              MD5:0A5676FA84E7812A5E2D995E8FF9E03B
                                                                                                                                                                                              SHA1:9F76C530AFF3358C9AFD9405DE554B1658BDCA11
                                                                                                                                                                                              SHA-256:ED224DB3355FDC8FC293342A22A6AAE96A71D41B4ADB13663C41506BC515BDCE
                                                                                                                                                                                              SHA-512:F20FD17878351AE6150BCE038DC6CC9D6DA444D5B5E7AC447DE779C2495BC081748ED3F657666FAE3E2CAF5395A3CA52CE8B37BED48C53104A93488E933117C4
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........H.nG).=G).=G).=NQ!=C).=.F.<E).=SB.<E).=.F.<T).=.F.<O).=.F.<D).=.Y.<N).=G).=3).=.Y.<C).=.Y.<F).=.YM=F).=.Y.<F).=RichG).=................PE..d...).._.........." .....0...T......T6....................................................`......................................... c.......c..........`.......................H....P..T....................Q..(...`P..0............@...............................text..../.......0.................. ..`.rdata..F9...@...:...4..............@..@.data...H............n..............@....pdata...............r..............@..@.qtmetadp............x..............@..P.rsrc...`............z..............@..@.reloc..H............~..............@..B................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\AluminumAnodizedEmissiveMaterial.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3608
                                                                                                                                                                                              Entropy (8bit):4.674963464484424
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MGaay6E+iCshvSdGvVny9lzptwmnw0XZNwRnndBNEmVVRarQnZEmVVNaWMEHD7at:naa8qdOnCtwmnwckRdBCm6m3HcxADQ
                                                                                                                                                                                              MD5:E7CE67AE37EEA8CB09318CE51DA99248
                                                                                                                                                                                              SHA1:BEAC6669359861BA5711D37CA35F72643E4F81E2
                                                                                                                                                                                              SHA-256:C71C9B34B45603C69C06C0D43F14230C900EDF13C99EC820BE70D9A564F5DF2D
                                                                                                                                                                                              SHA-512:E8ECF38152041BDC3838B679856C6C5CCF37B074137894BCDDFBFA0EA6E77A2D95F6984E25A1FC01F7B791970B435F9469A3FC7C73B7C96DB23C94D428C578A3
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2019 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\AluminumAnodizedMaterial.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2742
                                                                                                                                                                                              Entropy (8bit):4.770150522174078
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MGaay6E+iCshvSdGvVny9lzpswmnw0XGRRMEHD7axH4oADPEaJve:naa8qdOnCswmnwcGRZHcxADK
                                                                                                                                                                                              MD5:0A00F1DA2217BFE37B2DDC9F8953D4D9
                                                                                                                                                                                              SHA1:6BBDC054885A0FCC230EFD22CBBE50E1E7FC0DCB
                                                                                                                                                                                              SHA-256:A3D3223A6BCE38C8DD0A143F893FB8D0634BF899ABE7E7984E1263FE39964269
                                                                                                                                                                                              SHA-512:5F4CD9A156810C89068AA2BE016A89F9B3CD40F7734850097B8F6EC31F67CB35090DB687CF042F4A77915934B175EDD664C54AF26FE97D4D1687054A7CF9FA10
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2019 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\AluminumBrushedMaterial.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with very long lines (321), with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4902
                                                                                                                                                                                              Entropy (8bit):4.66159962187494
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:naa8qdOnCswmnwi9UU7CRmHcxADUmY1mqmr2QmWR:na7qMb9v6wj9NSWR
                                                                                                                                                                                              MD5:AD46673B9F2204EF497CD9226370C36B
                                                                                                                                                                                              SHA1:20470EE00FFE342C12B77D34F7D74FB08D6FCC3D
                                                                                                                                                                                              SHA-256:DA3B91E11F599C1F781551A9D66B0FF3F2BD3B8CB23DFD946AF8E97C96F2D316
                                                                                                                                                                                              SHA-512:81C6A21B1B1AC457C0353EF62A372B31350F5ED80C49925DF50C514A25D680526244F5841C6425D59CC78C8D4341B4B47084BE1AA8E2B02B506F44CA254A112F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2019 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\AluminumEmissiveMaterial.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4874
                                                                                                                                                                                              Entropy (8bit):4.588407370044763
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:naa8qdOnCswmnwxRZHcxADJm2mPBCm6mB2QmG:na7qMlwsxJVdEG
                                                                                                                                                                                              MD5:B248246A2B57231B0F367E21C77A193C
                                                                                                                                                                                              SHA1:EB83E94D1E7712D22A255ECCA82AABF98AB6DFA8
                                                                                                                                                                                              SHA-256:82717C37BAB191ED910765D7D1C186E71B1157F37C375D726F65999C557A7644
                                                                                                                                                                                              SHA-512:55C96E330B5438ED639FBA5F1728BC275AC3EEAFCBF7E34329ED45686D670EF6FFF7CE1F061CF8F6E0C45E63EFD6042BA37C6619C005C057BCE907E735791416
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2019 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\AluminumMaterial.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3950
                                                                                                                                                                                              Entropy (8bit):4.642557343523896
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:naa8qdOnCTwmnwzzRZHcxADGmXm82Qmxh:na7qtUwwBW5X
                                                                                                                                                                                              MD5:CC7CF7EE1F0AECFB199CFECDDDE0EFB3
                                                                                                                                                                                              SHA1:6FEEAE1950C88E9680D11AFB736547C379ADBE24
                                                                                                                                                                                              SHA-256:E749032C10089A9026948EB47CEE6BB5F8ACA5903BCCDCF32607D87B2A26E166
                                                                                                                                                                                              SHA-512:6CA5D5F226627C46132AF43BD2EDBAA7DDBEFB31551166B4A4B154C155677BC0B5946BE1941BF5266B9C8F896F99BF91FC91067699E80884F579B6519B0F6167
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2019 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\CopperMaterial.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2544
                                                                                                                                                                                              Entropy (8bit):4.792376699071377
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MGaay6E+iCshvSdGvVny9lzpDKlwXw0XskivzRRoHDGH4oADPf6iKLj:naa8qdOnCD4wXwcAzRKHyxADyi4j
                                                                                                                                                                                              MD5:E679A897D277A8A813B4F7F9F99BAD2F
                                                                                                                                                                                              SHA1:67C2B98FB3443C14D9EDC22F5B3DDE32FC7FDE4B
                                                                                                                                                                                              SHA-256:B44DC4CB404A50B70D3F5344EAF4CF8B8608304465FDB07E11B4077663F7D6D2
                                                                                                                                                                                              SHA-512:3F3A4F3302AEEBF91B6AB3AD3B8A5637D011B0C36901FF96CD49891E7FDC564201EC59CADB7F3FED1BAFE5551D04358F8F14B1C59915F0EFA80CA7DF9EE083AE
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2019 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\FrostedGlassMaterial.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):7751
                                                                                                                                                                                              Entropy (8bit):4.555720598240865
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:na7qU4dtJHdFZ+jwF0JUq1ZUq1V4sq1x4sq1p4sq4d:pNtJ9BF02q1Gq1xq1dq1Fq4d
                                                                                                                                                                                              MD5:68A81DBC8F38E5106CDD766CF223B15B
                                                                                                                                                                                              SHA1:51F684E7623004E4CB0E8AB439EC3E3457EF3A5F
                                                                                                                                                                                              SHA-256:642C88CC6AD13FE92F108606D4C520293C5F316A22D33BAD517B08D363AF31E8
                                                                                                                                                                                              SHA-512:46E206EA7AF2BC6DE6D505562EAEAC93BBDC527033B9D8F0FD494BAD4DD5DF83F5ED30079697C0734A0BC814D67363ACBA1A3AE118D96D8FDEA0EBEF15079103
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2019 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\FrostedGlassSinglePassMaterial.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4634
                                                                                                                                                                                              Entropy (8bit):4.686040165928471
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MGaay6E+iCshvSdGvVny9lzpKXsWcwmnwjNRNn5uy0RHoHDGH4oADPsnaYWnad3N:naa8qdOnCi+wmnwp+RIHyxADoMUqqd
                                                                                                                                                                                              MD5:0223DC6D0C4925A28A09B6F6D5065600
                                                                                                                                                                                              SHA1:A1668B205FD1DB8DDBE8A32411CB117B37E73A50
                                                                                                                                                                                              SHA-256:26E91835DAEF4701DFE881218C7003BA790D482CB84E555BD1513E5E417FA1A2
                                                                                                                                                                                              SHA-512:4B40008C9CEC5663B0A1CC34860344BBE704B4128F2E24B0E3518AAF72078BDA35A1580ECB554A972626A82CFFDD7513D132C8DC529F7F64B9E75F82FEE25BAF
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2019 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\GlassMaterial.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2906
                                                                                                                                                                                              Entropy (8bit):4.763466296171963
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MGaay6E+iCshvSdGvVny9lzpDKlwXwjN4URsoHDGH4oADPPyiZXgsiO:naa8qdOnCD4wXwuURNHyxADPyHs3
                                                                                                                                                                                              MD5:EC4CCB542EDE9971D9049F516489290C
                                                                                                                                                                                              SHA1:E72A3A021664CA58DA7AA690A2497157635C2E68
                                                                                                                                                                                              SHA-256:0D020EAF4AACB630098FA1B128720E115E5CE16B630198DEB3A9A9B182CC22D0
                                                                                                                                                                                              SHA-512:0D4D96946062278914D56DD6C0E8623498894FBDB0EFE65A66F8BAF1EA2D000DFDEFAAB1C54EF6C0A187C74D0B0A76E03EC02BB7DF300FD5BB63E0D7B27ADE8A
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2019 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\GlassRefractiveMaterial.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3414
                                                                                                                                                                                              Entropy (8bit):4.715684291245738
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:naa8qdOnCD4wmnwFhRIHyxADPyIMUqn7d:na7qYyRwPyIMUqn7d
                                                                                                                                                                                              MD5:5182D5402E8C2E44932D944C8B039B8B
                                                                                                                                                                                              SHA1:86D2E9D85E2937186E8F70940A277B3625C08EF7
                                                                                                                                                                                              SHA-256:BDFE7AA4C48A338C90FFDC20B9C09E278F1EE9BF72A242CA68202C33C72FA3BE
                                                                                                                                                                                              SHA-512:B630174C9CD4F9F717EEC6AC646F0BB66BCC372C886797B2D96F05D62D7668AA621491D039651E2ED427637065C6E9E1C1662164ADB8D8026623D954CEA83D52
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2019 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\PaperArtisticMaterial.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3616
                                                                                                                                                                                              Entropy (8bit):4.739770224410175
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:naa8qdOnCD4wXw2nRiHyxADVmz2gmvFS7mvTU/:na7qVwAaNNy
                                                                                                                                                                                              MD5:E5BB7D3665F78AD028D10429292BDA1D
                                                                                                                                                                                              SHA1:E306C2AC9A4E6EA71ABBBAF79AB5D7D4CCD0FDE8
                                                                                                                                                                                              SHA-256:F8B5742B40956C51C38177E8C7FA38391F32A5EE639C5CDAA75BED5C8A18845B
                                                                                                                                                                                              SHA-512:4B808EBFCFE4DA37B07943BBDFF0729A0C989E76EE7A6E577B541A1EDBED660554992AA16F3D8391915BBA4663DFD9A1900C7728EA2743B954903BCB9B001339
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2019 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\PaperOfficeMaterial.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3369
                                                                                                                                                                                              Entropy (8bit):4.79081691104861
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MGaay6E+iCshvSdGvVny9lzpDK+wRQciretRRER4oADPU4mF36M2P4mF3614mF35:naa8qdOnCDJw28R4ADVmz2gm7m7
                                                                                                                                                                                              MD5:E2B68B13B530B0152FDA227B216606D4
                                                                                                                                                                                              SHA1:CDB79BD0155A107889719F50762CD081473EF8E1
                                                                                                                                                                                              SHA-256:782AECF81C2C419C4837291C3F4F66B7EE8DE2C6FA3DD6D2FE76D51BB74C78EE
                                                                                                                                                                                              SHA-512:0564D8DD696F8FA50CE7B48D01A77842837DC566E02152462246A29A07E191E9967C68459319F7F47C286BFE95866DF85DC3C1A456DD42DF0C2C44F28E575B0B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2019 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\PlasticStructuredRedEmissiveMaterial.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4636
                                                                                                                                                                                              Entropy (8bit):4.6537211625366535
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:naa8qdOnCD4wmnwcJLgRRHyxADvBCmVmf:na7qYLZxwpVAf
                                                                                                                                                                                              MD5:8C77CF09C05CD60444909C55EDE47774
                                                                                                                                                                                              SHA1:FB94FE262BD0CB9DF32808972397883E0CEE7F80
                                                                                                                                                                                              SHA-256:FDD607E17A445976E8E6180EECFD98E9A00E0A7643F9F8B35939AFAE630D3297
                                                                                                                                                                                              SHA-512:8ECED304B12FE7E580FCAF181E2CCB14B18ACEE8257F0435616883BF3D86ED06F4FB10EFB84E7B5F7A45AC6FEAEA375A2638FA6C441EEC7F1D9373BCA1A08B01
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2019 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\PlasticStructuredRedMaterial.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3808
                                                                                                                                                                                              Entropy (8bit):4.724648759744231
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MGaay6E+iCshvSdGvVny9lzpDKlwmnw0XwNSLjzRXooHDGH4oADPsnaYWnad336h:naa8qdOnCD4wmnwcJLjzRRHyxADb
                                                                                                                                                                                              MD5:749FCC8826A1BC72B5468A9C1A523564
                                                                                                                                                                                              SHA1:4E81C913B66D0EDB9993BC8387AC5DC49D8DAF5C
                                                                                                                                                                                              SHA-256:09793050E9DA7AA4FB9A9A6A1539AA6C9D6B7C98101BF5CC6CE9D0DA1B2CBBC9
                                                                                                                                                                                              SHA-512:2C27E65AF3040A6604BCC94865BEA3741C663E24D195B4BCCCF8404971C1820ECE271593BED53F28E2153A5072EDA895A6C329165F03C8A61C47092DBD8265A7
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2019 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\SteelMilledConcentricMaterial.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3493
                                                                                                                                                                                              Entropy (8bit):4.656701936861943
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:naa8qdOnCswmnwQ5OjzRZHcxADjmc/wm01RI:na7qMDywwacP0rI
                                                                                                                                                                                              MD5:C5C2F8F93B51D50AC04D8074F20F05A1
                                                                                                                                                                                              SHA1:92A9F2726088AAE71F730C612210457EF01D4292
                                                                                                                                                                                              SHA-256:4E91AAF5D03C295A406F4CE054CF6617F739D9565F0193EA154B23C5B8B7EE12
                                                                                                                                                                                              SHA-512:D41CE300F341573CE24A7C2B3DF7DEBAB0DD51DD2706DDBFFA262528955A99502EA0E34DD9022B062D2F8B38D0AD4214A2BBD775A37E83C01B3BF30A93A12EE2
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2019 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\AluminumAnodizedEmissiveMaterialSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):6347
                                                                                                                                                                                              Entropy (8bit):4.258794436496769
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:Laa8qdOnKFLDLYXPj+oQCL6X4jloyvsLEoIOtLknxBzFBhtokz:La7qvQ+o3lojEoVqB5Btz
                                                                                                                                                                                              MD5:162B915C93253785DACD6950B7440E90
                                                                                                                                                                                              SHA1:43910428F6412358135511C53123AF7C1D5B4F33
                                                                                                                                                                                              SHA-256:D3577E73CE583BEDAC8CB8BE0F38F64E7C860D29491D52B2A12984AD02D133A7
                                                                                                                                                                                              SHA-512:25CE6BCB36717573CC23ED7F5AABD65DEE0B648928D587DBF95694B745701BBC2B472A7F38F6EFAD00D0664C5A8AB6376941B538A0338C82CAE16955B8209096
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\AluminumAnodizedEmissiveMaterialSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1550
                                                                                                                                                                                              Entropy (8bit):4.813809594254932
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7tWXy:M2aay6E+iCshvSdGvVny9tm05L0i
                                                                                                                                                                                              MD5:0D9B5F25BA9F52F4684E470432C83538
                                                                                                                                                                                              SHA1:A2DEEBBCD709FCEB342B1468FFC4AD855B73C42F
                                                                                                                                                                                              SHA-256:F52EAA44F522BC3F5D38E55F7EE550093EF56C6C01F14A8FBB39D950D0BD3716
                                                                                                                                                                                              SHA-512:C8A1553A84338B89C908AB595F9956C65394A86A4B7E8AE187342B872FF33BC4A69D8B17D72E047F2A11FEF4FC21D1C9062B310A3FD8E40F79C0D2199A08F8B8
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\AluminumAnodizedMaterialSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4471
                                                                                                                                                                                              Entropy (8bit):4.388399756813341
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:Laa8qdOnKFLDLYXPj+oQCL6X4jloyaFBhtokz:La7qvQ+o3lovBtz
                                                                                                                                                                                              MD5:58828D52F0618799D1F62C0F7AD3E9BF
                                                                                                                                                                                              SHA1:39C0DCDCF64397B348D8E32F8FE837ADD305F2E2
                                                                                                                                                                                              SHA-256:2B45F4B204F58E2012C209D729710A52547A743CA1A99F060DEEF6A166337E7F
                                                                                                                                                                                              SHA-512:1DF2225B3DC07375C1C5D7114DAECE36A735885432EF36DED1EB45FC868A3461BAE000C4D8BDACC2DABECDEDFFA7DC8E5EB59864F5519003C928585EBA59EDEA
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\AluminumAnodizedMaterialSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1542
                                                                                                                                                                                              Entropy (8bit):4.811022317656783
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7tLXy:M2aay6E+iCshvSdGvVny9tm05LFi
                                                                                                                                                                                              MD5:7AC182C0A4175E3CA3D65C68911BDCDD
                                                                                                                                                                                              SHA1:4DD6EE6B1E3C1DC6C90436744E86A7FA4689AE61
                                                                                                                                                                                              SHA-256:C3B9A0D829E99F5AFF52AE072A7E5D1A0118EC5518BF35B6A09B8F074FDE8991
                                                                                                                                                                                              SHA-512:305AB25FFD53F7B3FA6510D35429218C994F70C678AB5E707515DB92DCE2F6911F32F1108124AB410EBE4751C73D20DADA13EB35FB2F8DA70B05E247D3408339
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\AluminumBrushedMaterialSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):10710
                                                                                                                                                                                              Entropy (8bit):3.972858218518859
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:Laa8qdOnKZLdmfLYXPj+oQCL6X4jloy4vBRtoj2ocWLq3VocgLnUenQnle7U83ne:La7qvXmS+o3lotBLoSo2Vo7Q2UWKXhoY
                                                                                                                                                                                              MD5:38C19B80AEAF4386DDD27BED4551ABF5
                                                                                                                                                                                              SHA1:D3C9647A9066310F78208DBA4F187C9D1048D25D
                                                                                                                                                                                              SHA-256:5E4A4DE40AB7FF724A795CE8A7EFE00E304B44912816C075B8418C98092EA8BC
                                                                                                                                                                                              SHA-512:460B0801323F81740231976B5E197E677F4941192BE6AC846692F450F9D1655F78EC311D63572665611641D4152D35338C73B577E46E33DAFAA4B40BA18D8DFF
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\AluminumBrushedMaterialSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1541
                                                                                                                                                                                              Entropy (8bit):4.808124557098839
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7t8FXy:M2aay6E+iCshvSdGvVny9tm05LuFi
                                                                                                                                                                                              MD5:9D38D0EBF6E304601FB18C6C9D5C3920
                                                                                                                                                                                              SHA1:FCD040272062341D990CA88334E6C23BFB9BEA49
                                                                                                                                                                                              SHA-256:6E774CFEE84FFFE811F78C9059880CFAE6EF5D650DDC7DA4CD64597547DAEAF2
                                                                                                                                                                                              SHA-512:5AA4027F831A30DEB23C541CAECA49F8189C6F26A3E97545C86751E73729A55850DFCBBC1B75A64701C4ACCAF4D82053037D6875250E152238F7BA0F0F837A7D
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\AluminumEmissiveMaterialSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):15432
                                                                                                                                                                                              Entropy (8bit):3.8833114291153357
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:La7qvXmS+o3lo0EoVxIE1T8BLBaVhoGmkovGEW60hoY:Vue
                                                                                                                                                                                              MD5:2CBB87E6CC289114479B0C075B0B58C4
                                                                                                                                                                                              SHA1:8A05EC6C65C496B031673203C29915517912BFC4
                                                                                                                                                                                              SHA-256:29B7CD81995634456BF3719F848DEFE573B21E4745C174A342DF4A477ED968C9
                                                                                                                                                                                              SHA-512:90F47FA2676961A56FB082950807DA0446C281E299B35903B3DE6EECEBC8BE21D64EEEEE9C5D80711564A4ED0062344911A3B67FEBCB6E66D1236AAA8E0FC418
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\AluminumEmissiveMaterialSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1542
                                                                                                                                                                                              Entropy (8bit):4.806250050072142
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7toXy:M2aay6E+iCshvSdGvVny9tm05LSi
                                                                                                                                                                                              MD5:9F6613D8453163332900C74943064667
                                                                                                                                                                                              SHA1:EEEFA031722B78E819C0099C9B0AEA92FFDF13F9
                                                                                                                                                                                              SHA-256:547554F59FAECDC1F8662A2BC12531C05E8C6B37B45DF1E14604D83DE9222139
                                                                                                                                                                                              SHA-512:B1AF31214D9A49C29DA28BF90CF8C10ADA7260D345B82F54DFCB2BA1D8AC3F9169A594951333C6EE97924B5CDBC0808A8FBDBD162943F8A447BFEF80FB55C549
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\AluminumMaterialSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):10859
                                                                                                                                                                                              Entropy (8bit):3.982770070222841
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:Laa8qdOnKZLdmfLYXPj+oQCL6X4jloy4vBRUbgQho3WLnaQEVkoO/cV+LE8n3qLG:La7qvXmS+o3lotBaVhoGmkovGEW60hoY
                                                                                                                                                                                              MD5:ED1019878B08F6EE176647230945A976
                                                                                                                                                                                              SHA1:D3E17D526B59FA43B936F4F59D0947D3A308C062
                                                                                                                                                                                              SHA-256:AAE68C32FC05E338722EB38C74286822635969C43010ECE210E9A0B1B8E26664
                                                                                                                                                                                              SHA-512:6E5EDEA97313BE78B3F600C65D122C6C4CA3057E8C91F2BD1CAD98F37FE2C023C7B00A73F0F226F4CA02C44862D209822942981BFADCEB38014F62BD5E717DD5
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\AluminumMaterialSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1534
                                                                                                                                                                                              Entropy (8bit):4.803417408508112
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7t5Xy:M2aay6E+iCshvSdGvVny9tm05LXi
                                                                                                                                                                                              MD5:D86A6D2B7F4FDA6BB364DEED5A434053
                                                                                                                                                                                              SHA1:A92AA8F8F7576917A8EA0A120969469FDA455C2D
                                                                                                                                                                                              SHA-256:B501AFEDB2B0499C120050E1D8BFC1041DF90CE741A1FBA22D9C40636C43332F
                                                                                                                                                                                              SHA-512:D52AEFD16D88F1476AE6569EDB9826B0B68708680EA787A8FAD09B382024228781DB5D23D76D532492ECE8A850D5463480E4268D8F240D17676855ADB279148E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\CopperMaterialSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4474
                                                                                                                                                                                              Entropy (8bit):4.388275349372152
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:Laa8qdOnKFLDLYXPj+oQCL6X4jloy4vBhtokz:La7qvQ+o3lotBtz
                                                                                                                                                                                              MD5:5AA15292648D6FDEB1258E84BC2963B2
                                                                                                                                                                                              SHA1:2543E1B44F5B7B02D74938C3F55D8948EF28F638
                                                                                                                                                                                              SHA-256:16C370D0FBF93D0B9675AAED7B4D36F14BD54353A589CF3C59BE83F625F1F424
                                                                                                                                                                                              SHA-512:5C36BD93274BCFB05C7FF9FA307E4C47931A6BA5F8083B8B310CD2AB101A5EB4E1136453E22037292826AABA0BC6A772493746546D26AF51B34F651DFC367C14
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\CopperMaterialSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1532
                                                                                                                                                                                              Entropy (8bit):4.799817192333862
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7mXy:M2aay6E+iCshvSdGvVny9tm05Lmi
                                                                                                                                                                                              MD5:D0C37E9205648611BCC6AC5059207ACF
                                                                                                                                                                                              SHA1:E4D08EC8CB61F08BBCB3BEDB6C4FE63D36550E96
                                                                                                                                                                                              SHA-256:03B0A9D52FCB87F100FBA269796CD25CEFBD01843DD3DAB4CAC517389BF3A1CF
                                                                                                                                                                                              SHA-512:02427E238C0D0D8ECAA44D66E2056192E55C520B4C3CD967D661B794FC85A852B15ADAEDD843EF496D9E75A9298FFA9184224BC4800406A437D4F9090837BA02
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\CustomMaterialSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):6158
                                                                                                                                                                                              Entropy (8bit):4.321379851435472
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:Laa8qdOnKFLQtLpsPvJMwNfr5B2prtL8cQAqKmjnE0:La7qvHPBMYf9B2pKcXqK0E0
                                                                                                                                                                                              MD5:41B3341365F9D4ACBD332329DC3F571A
                                                                                                                                                                                              SHA1:A6D4E1670C86980DF996874EBE4824BCECE38D66
                                                                                                                                                                                              SHA-256:08E37DF5D0479F3AC4B927600BDA431BBF2E1ABC1B06A07F9A15E39FB4EF9DC2
                                                                                                                                                                                              SHA-512:F85A8B41E244A6BDB344814B1C7845361E675A5DD4A164FD2A862D92255AC58EA4EC1AAC368DBE1ED686B5B51CEAF11756FDA779DBAF90C5B0EFD61C1FC8AAAA
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\CustomMaterialSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1532
                                                                                                                                                                                              Entropy (8bit):4.800107323368606
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7boXy:M2aay6E+iCshvSdGvVny9tm05Lboi
                                                                                                                                                                                              MD5:D8147E00462697DDA8A112F7D8811631
                                                                                                                                                                                              SHA1:266AA70C818DFA496DD5B08ACF5319C68097F018
                                                                                                                                                                                              SHA-256:358CAE5502C83D9DA35B3E0A0A87C5C2574078B30FB1143B588D2F4169A7E752
                                                                                                                                                                                              SHA-512:BEB8697DBF8C43B8877C21EE3C187EB6FF35F4C832415AFBA369001EFF7F9DD518BB06A71CE18A71EF26C2EF98842CEE2A38A8E27D9881AE8EF287DBC45DAEA0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\FrostedGlassMaterialSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):18232
                                                                                                                                                                                              Entropy (8bit):3.8258275913837956
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:La7qvXmS+o3loxBhBFCE6hohEDJ0rZKr87LicBCcJx7WJu6Gz:VuHjl
                                                                                                                                                                                              MD5:874FC80B0951EB41DB37E5FE95027B31
                                                                                                                                                                                              SHA1:937BD0584EABBCACB85C5F3CDD98F77FAF621AA7
                                                                                                                                                                                              SHA-256:25A974F8743AE14E555D3A7D58AF4E09F984D0B086828140291F76974C919C70
                                                                                                                                                                                              SHA-512:729ED8084A66EA4245477081F48CCFF35F6918AD88EA83B24D44187BA04A81C8039C3A2D30E05AE7666E78126CF98C8650E7D2B2F4C7B2AB9B7F4BA8BF6083E2
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\FrostedGlassMaterialSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1538
                                                                                                                                                                                              Entropy (8bit):4.801330468326808
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7KXy:M2aay6E+iCshvSdGvVny9tm05LKi
                                                                                                                                                                                              MD5:296799BBCFE3192B2A9C2A8FF02C437A
                                                                                                                                                                                              SHA1:711615236D72C3AB946DD60CAAA4E1D3A902E5B5
                                                                                                                                                                                              SHA-256:40430616EB1D458DDF19AFDAFD75E1025D0DDA5A319A4635CC5FBDCC391FFF2B
                                                                                                                                                                                              SHA-512:3673C34D20D9150F2DFBD87CC245CE7CFB41C4FF707FDB409ADB419F8095BF03CDDBE6F9C5450E9924E352BE93C758F954FC8C5A1725CC1B6C93403FDAECF7CB
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\FrostedGlassSinglePassMaterialSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):15685
                                                                                                                                                                                              Entropy (8bit):3.8673470410538484
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:La7qvXmS+o3loxBFC3EDJ0rZr87A2EZxtJu6Gz:VuG0
                                                                                                                                                                                              MD5:D3C7FB1ACDB39543897A9A10FA1F912C
                                                                                                                                                                                              SHA1:B8C2645DC4037E989700371461EEAFF48CA135DA
                                                                                                                                                                                              SHA-256:514C4ABE2E2EB4E6F4ECBEF1D5F4FDB96A9C817F4511ED4521C1FFDDD79FA710
                                                                                                                                                                                              SHA-512:57A902934282E1CE739BF4143676FFB10B60D3705DFECE52149D12E90A9C43DB9A603A08CD077EC50B5101E67F8E6C0D492BAE02935C4BB0B6E17C2130FF9EA5
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\FrostedGlassSinglePassMaterialSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1548
                                                                                                                                                                                              Entropy (8bit):4.80567277101769
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7/FXy:M2aay6E+iCshvSdGvVny9tm05L9i
                                                                                                                                                                                              MD5:5AFB85F7087AED37C3348968B3284F37
                                                                                                                                                                                              SHA1:891E0F575AF7504237E7E5D4E94A086D197C7735
                                                                                                                                                                                              SHA-256:86F655D6BE10C45F83647FE8BE3C2065227568D3EBF2423C20797A109AC84D9A
                                                                                                                                                                                              SHA-512:0787F231E05A6D974E0FE480FE95043C94912FA33DECB46CB624F84A4FBE8DD43E8F9E58F21BE9D92EA92C62635186243EC26A09AA4B1BA724AF6491BAB3A3CC
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\GlassMaterialSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):6116
                                                                                                                                                                                              Entropy (8bit):4.246051490261466
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:Laa8qdOnKkLdmfLYXPj+oQCL6X4jloyCFBhtGoAIY52Iz:La7qvemS+o3loxB5p87z
                                                                                                                                                                                              MD5:45377D7D623AA68D672D16D7FFDA4723
                                                                                                                                                                                              SHA1:E59DA9462CA7E7D86089814F534A667918B395D3
                                                                                                                                                                                              SHA-256:ED6E4E27192E1509C0694763AD7C618FDF18F8E60B11111DD19ADEBCCE2B6782
                                                                                                                                                                                              SHA-512:B490BE862961BFC144EC1CCB8CCA634782645E0851E76604BEAD460231DEB9458BB3AB3279CBBF714EB43067E5DE47B227232368457B0674D8BD98798CD0F975
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\GlassMaterialSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1531
                                                                                                                                                                                              Entropy (8bit):4.799655616369686
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X73Xy:M2aay6E+iCshvSdGvVny9tm05L3i
                                                                                                                                                                                              MD5:E5D7CDE7B022B60C2099CC2146AE9840
                                                                                                                                                                                              SHA1:3B052C0810A93B2BB1DCD2C9E63E0630FCF1DAED
                                                                                                                                                                                              SHA-256:77BD3BCCD5779E96AABB4DA1CA09767B03784C5AC017901E3B01A1ED581EE519
                                                                                                                                                                                              SHA-512:876EA22890A476820105D0CCE105B698C970F368A3125E514D4BEED3C60629358F13AE119F9E83E7582D865F8904E3F78D8F47B8153D0C1E9261AF5FD8BE7FDE
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\GlassRefractiveMaterialSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):6102
                                                                                                                                                                                              Entropy (8bit):4.242206044252857
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:Laa8qdOnKkLdmfLYXPj+oQCL6X4jloyCFBhtGoYkY52Iz:La7qvemS+o3loxB5N87z
                                                                                                                                                                                              MD5:C38F15B096000699C9DC5DDEE1327296
                                                                                                                                                                                              SHA1:E90C759EC4CC28EFA770302A8830B1807073733C
                                                                                                                                                                                              SHA-256:AC1E27EED215EA1CB72558B123DADDF3C53FFD68EDE670792B1BD396B77D5E96
                                                                                                                                                                                              SHA-512:B25D635947EFF1227134F77CFD75573AED9585E4C34430B59EA3757FE9856096E4C7B8D07DA1424F766818657853A680DB8EA90FEAF83D4F6B6E456D04851895
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\GlassRefractiveMaterialSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1541
                                                                                                                                                                                              Entropy (8bit):4.805414547233772
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:M2ktaeT3QXf8WYwid0szM68qDrSdWBkbNSYiZJy9tm05X7GXy:M2aay6E+iCshvSdGvVny9tm05LGi
                                                                                                                                                                                              MD5:DD1BBEBCF29164ABE35DAF91734B17CC
                                                                                                                                                                                              SHA1:C70134EBBD679BA2D34E6CF89BFE93A0A6C08573
                                                                                                                                                                                              SHA-256:D270125AFC439341DB83755477D5E80B37630C06994A2030E82CF170C06832AD
                                                                                                                                                                                              SHA-512:53DC875E8D88AA59A5D98F3E1426DDEBA0819243047600B49C928EF0426A8576078F7EA7AA5E46DD330853F098F49C0EA4F853D2075CF43AC4C5DB7D6B66E840
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick3D\Materials\designer\IdComboBox.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4199
                                                                                                                                                                                              Entropy (8bit):4.852032840427181
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:Laa8qdOnqeEHUudpvCGFX31wdTyV5aCKy:La7q3eEHBdpKGFX31wdGV5aC3
                                                                                                                                                                                              MD5:A75D8AEC7049D08E9CF5CEC2B914B3AA
                                                                                                                                                                                              SHA1:E619CCB766E6E8C69AE8B3D034B94BC5AA08A994
                                                                                                                                                                                              SHA-256:1BCC0CDE97EDFC72B8B70666A7A9D73FDFE071DBCC35DCD5C717C047CB08CDD8
                                                                                                                                                                                              SHA-512:C74E7FBF65D011C6887B1F0324EBFA8FDD63A7F5F15C45F4B86EA18A032C244896E16135A9273D818A71D6DA4EA889A5CE1CF044E33AB2D37616928F01EF412F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of Qt Quick 3D...**..** $QT_BEGIN_LICENSE:GPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU General Public License Usage..** Alternatively, this file may be used under the terms of the GNU..** General Public License version 3 or (at your option) any later version..** approved by the KDE Free Qt Foundation. The licenses are as published by..** the Free Software Foundation and

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\Dialog.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4358
                                                                                                                                                                                              Entropy (8bit):4.812079921863784
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:nd5CB7fdpFGLDLpZ3vn3L/p1jYnppjEnF5FyBP1:nd0BhpAvfbR1apxSFOP1
                                                                                                                                                                                              MD5:2548CFF063C7BE6F57B8D4F81BA33A06
                                                                                                                                                                                              SHA1:C314CA356D2BC6E985BADD8E75F96A7B9A5C0C6D
                                                                                                                                                                                              SHA-256:0363B31324C9EF26FA2BB540334774DA0A6545951DD06A149E6B832A6BF6C7EC
                                                                                                                                                                                              SHA-512:870B3687579C10781A7B110FF885964D0D91D6ECD5A68A41C4CF3F5B09421AD2302014EAE2889E38A00B6538B84E2721F0F056EFA2209383283F333F62F26E90
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\DialogButtonBox.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3207
                                                                                                                                                                                              Entropy (8bit):4.869069840142379
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhgGDgGp3Q3JFw0Xk6s9H9YMweiWt0D/6x:nd5CB7fdpFGLDLpg3v506sDYMHiW1x
                                                                                                                                                                                              MD5:06C06A6C5FE0705DE484D089C6E803F4
                                                                                                                                                                                              SHA1:C3C742F65EFE8DDFB72922C98C265E1E6A6A76C9
                                                                                                                                                                                              SHA-256:8A0C771BAD8EA0DE60C8B5595C3ADDF6A6E7785426CACB7D57F30D7921524045
                                                                                                                                                                                              SHA-512:2FF884A5929EE2E3C576AA9BE594E0CDEE5C52B2C4F288CF4AE9BFDD4737CA412FADA63442C245FD34425640AC19FE53CB56863BAF6BD09802B7BFDC2FAAB49A
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\Drawer.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3867
                                                                                                                                                                                              Entropy (8bit):4.862301490461931
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9GDgGpPQBJFw0MyAxyhnMQxWQfgUqRh7/k/J:nd5CB7fdpF+DLpYBv51EgT4hK
                                                                                                                                                                                              MD5:13FDABAD8449B607D5365D681CCE3015
                                                                                                                                                                                              SHA1:7BECB74EBCFD5AFA4ED27ED41DA1828496033F2C
                                                                                                                                                                                              SHA-256:5F37513A7BDD0DADCFDC435882DB4199A224114EC41DF8C9250AA1483F9428C4
                                                                                                                                                                                              SHA-512:79013303748C61FE97F2E759AE1778157B2C88451F564315BA642180A6E5C5903171E3E6BB600354924B37A24A3D29168FB1C196195222EFDBAC863D0E66FB71
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\ElevationEffect.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):10030
                                                                                                                                                                                              Entropy (8bit):4.806138037085718
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:nd5CB7fdpFQDLpKr5EuujsA1GqHVyPDwQHHoxOoumQ91H24L8M5nNG2oLk+WPwub:nd0BhpKvUr5EpjsA1F1hQHHRodU5oQ
                                                                                                                                                                                              MD5:EF49589B6DDF274E2EF2E77ECD689BD9
                                                                                                                                                                                              SHA1:0C3DE37CD559D988B9F78A845B8A6D45D6FCA35A
                                                                                                                                                                                              SHA-256:4E223635E82795BB7A8909C15D1F2739EE7E607344187D30B929B5D8DDB09808
                                                                                                                                                                                              SHA-512:0A3FE282F8447E04565976791D66F1A177BA7F925AF1663D7DD4CE5D5D86CD14364E7C13E2ECC59BA25B52FF1B4CAFF93B584892673328F576F526167CE77B03
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\Frame.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2710
                                                                                                                                                                                              Entropy (8bit):4.838309188288612
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9GDgGpXQ3JFw0akHz4y5Fc6RW:nd5CB7fdpF+DLpA3v5L5FLW
                                                                                                                                                                                              MD5:6E05224A672A8F3683974C2BED54DB19
                                                                                                                                                                                              SHA1:C67BD494AA339A0F025A1DE7FE0A2C3F4E8D2ECE
                                                                                                                                                                                              SHA-256:54B7E9D18092BD8AE03E9336554F48CF5178C304457C70FF107F4A2FDAF810F0
                                                                                                                                                                                              SHA-512:FB38360AAD57AEC7202BA891F9EA4D7F8EE7C49A1C09C5AB924ED65A0D7C77191A9508A2D88006E6762544AB015C42084F04E56CEC3BC3A19ABB85E3884EF9D2
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\GroupBox.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3408
                                                                                                                                                                                              Entropy (8bit):4.812150701263161
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9GDgGpqQ3JFd0kHIvaHHtWnzMCUlQjxT4y5Fc6w:nd5CB7fdpF+DLpN3v6LvaYnxHjD5FLW
                                                                                                                                                                                              MD5:DF99BC50E44F0E6708A96BEE13C330D0
                                                                                                                                                                                              SHA1:D153FF903F1C7C2BC5692ABF41B91DADA12F2387
                                                                                                                                                                                              SHA-256:BDFBC86A651DB5FDF65A3FBCB7CBD91BBF295D845612BA369E317FC4A5DB3AB9
                                                                                                                                                                                              SHA-512:2F409347A4BA5F600D07BC38258C6451C0CD7C83F27D51C4B8EF38B584FE04245A0DB4200BAAE5A7FB800CFA4A628BBDC003567966304704C919F7E9E1549E51
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\HorizontalHeaderView.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2968
                                                                                                                                                                                              Entropy (8bit):4.8077641352008476
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:M25H6E+iCsAaKj7fOWIkFy9lv8GXGBQ399tqYVt2ykFbbUWlNzx:L5CB7fdpFgWa35qYDQbdV
                                                                                                                                                                                              MD5:A4DACE7AF6027943AD4B4513FD75EE40
                                                                                                                                                                                              SHA1:878BE0B95889815C17D3A97ED5D5F522AD2674AA
                                                                                                                                                                                              SHA-256:D8F333E3EC6E057BE364A043677A8E3A2762384C05FCFB2A5069184DDBFEEE99
                                                                                                                                                                                              SHA-512:850FF7CE8304F738D9114E988FB7B9720C5D0B8A3856BF5AF354E5C96062E62024E47E7DAB3653B3458D7F2542116FDA35BA5F452C03011D83047E2C2864A1C3
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\ItemDelegate.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3570
                                                                                                                                                                                              Entropy (8bit):4.797861913310862
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhgGDgGp+Q3JFbtoM2/EyZkXx2MXz1gmx:nd5CB7fdpFGLDLpB3vpoMCZZkXx2MXi6
                                                                                                                                                                                              MD5:48495866F8B6E452907F4E90F0B1AF19
                                                                                                                                                                                              SHA1:092CC0136EFE59B8389B7A521628FD05E59F7ADC
                                                                                                                                                                                              SHA-256:D4FF3080E64C091CAC96A7A4F6F7FE8F2F948F468D70DD39271AA48D02F6B306
                                                                                                                                                                                              SHA-512:1F9F95545374F75CA3E345737ABA1E86D652FB3E65B3F92FCC2118E6DC15CF6DF5461874AEABF1A1FBE0910CA8752AB6887FF1FC955AFB27B316FBF42901F3F6
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\Label.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2008
                                                                                                                                                                                              Entropy (8bit):4.82410778031169
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9GDdqQZEtV:nd5CB7fdpF+D/Zg
                                                                                                                                                                                              MD5:DEAEDB2DEBDF15BD087D382C28C34291
                                                                                                                                                                                              SHA1:72FD0FE26E38F816D8572DA1C9425365F64ED9A9
                                                                                                                                                                                              SHA-256:B82053C1628AB97B4FC2EC4B001E7368B8483B0305C15CCB5BA29B2F61E7AE0E
                                                                                                                                                                                              SHA-512:D4B2CF07A170F9F68C19E4A98E0FAD270BE2F748C883B988217BC9BD16E3198C06DDDA9BE600E3C66AA84CF1A93E4B6ED69DB0FF88A2AC3834E08F6F770F2F72
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\Menu.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4162
                                                                                                                                                                                              Entropy (8bit):4.869740301783965
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:nd5CB7fdpFTDLpuS1v5EtBjYnppjEn2vCccP5FF:nd0BhpdvgmEtBapxS2vbaB
                                                                                                                                                                                              MD5:365971BA24915164063E97690F7DAE9C
                                                                                                                                                                                              SHA1:2A55D6FCC0512A77960FCBF761A1910D5E461FC2
                                                                                                                                                                                              SHA-256:413199D8146BBF130A26A50753B3F8ECB8A26158A5D77C32D6B1EB22B57B3AC8
                                                                                                                                                                                              SHA-512:A911D0CEEEA33F52DA8E30D7C946BEB14E39E873658E3EF58DC383292997570C3673A2EBC22AE1159715D5F1DA0427A76133B17C2C3BBD1BB27DF6E89EBD728F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\MenuBar.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2604
                                                                                                                                                                                              Entropy (8bit):4.840411587708949
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhgGDgGpuQ3JFw07mXob:nd5CB7fdpFGLDLpx3v57v
                                                                                                                                                                                              MD5:68ECFF6B2C4A7B65B2D6CBE889DFBFEC
                                                                                                                                                                                              SHA1:D7DA0CA6412D9C4E81A567C22B1AF44B64C14FBD
                                                                                                                                                                                              SHA-256:C62DB07B4D429F9BD0CF88EAEF9B15AD8CDB58322C7656D55BE5936044EB1240
                                                                                                                                                                                              SHA-512:DA91A917EED9C3597D91FA12C4EB4FC620BCBB4E5588A011DDC924F88749CC3CD42B10AE8E654A6920BBC6720EB6B8FF42CE7277F52106F791A0F6708BB3BC4A
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\MenuBarItem.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3442
                                                                                                                                                                                              Entropy (8bit):4.770573402116531
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhgGDgGpBQ3JFbtoM2cEyZkXxmz0wwX/gvx:nd5CB7fdpFGLDLpa3vpoMzZZkXxmos5
                                                                                                                                                                                              MD5:9BEB46066F22FBBBE53106B5FFB6AEF3
                                                                                                                                                                                              SHA1:10E428EB0D85678230CD138F18536C0AA5CFC53C
                                                                                                                                                                                              SHA-256:F3A31AE3CEEFEAAE4FDA9A173FD3EDB0DD817D692236120572D874F7FD2838F3
                                                                                                                                                                                              SHA-512:B7A647B35E2BD15CB5BD43C0CFF81FAB42BF54033E4EB2FFF88A59B0D64C0D2B230AB1907D92F392A71B53C6DF0A6A0D5E1B806A6C4FAA00742AED06A6742F20
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\MenuItem.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4788
                                                                                                                                                                                              Entropy (8bit):4.767659902718251
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:nd5CB7fdpFGLDLpJ3vpoMWZ4xy0FQskXxmooe5:nd0BhpAvdJg4x+xR
                                                                                                                                                                                              MD5:10972CD75BE888A0F031B6C6D2FA0E16
                                                                                                                                                                                              SHA1:354218F2EBE99D987B7AFD2DE04BB7D7A7763E5D
                                                                                                                                                                                              SHA-256:A7E1B2398C5CBFF591FE34270FC800E2DEBAEC810689744D58BAAA149558A619
                                                                                                                                                                                              SHA-512:55CF2C2265A5D3604305B29D5998A0D9F2E10709893133A19709C2328F742E065F2F3A60D79C3C10A2C165233A225DEC899D4F60B0AD2A6FF8852F4C7EACE73F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\MenuSeparator.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2400
                                                                                                                                                                                              Entropy (8bit):4.831926312624564
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9GDcDQ3JFbtPTslb:nd5CB7fdpF+DT3vpro
                                                                                                                                                                                              MD5:5F7E2FA195063A499F450D38AC067AD2
                                                                                                                                                                                              SHA1:FC02285B676D836409B46B57EE2D798EB256402B
                                                                                                                                                                                              SHA-256:8CFD1C4238B721C2FFC6ABB4132F5670E45A6768AD5CBAC7413FDC5BBFB4D92F
                                                                                                                                                                                              SHA-512:2186361D3C9A1C889C311508C2D92EA20C428B528946DCED53CFDCF312E643BB4783235691BE1EBF0644C2DC52ADB85796D6CD172FA627B1EC4CF6FBCD27E497
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\Page.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2588
                                                                                                                                                                                              Entropy (8bit):4.772227959654226
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9GDlQ3JFm0QuLYup+b:nd5CB7fdpF+De3vn3L/p+
                                                                                                                                                                                              MD5:CBB179BD9C4898ECC26A6EC3C82A41C3
                                                                                                                                                                                              SHA1:61B2FC2C285F19D0037B825229BDBC9E2BB318B2
                                                                                                                                                                                              SHA-256:DEFAA9EB6822493956BCA3942ABFFD8C41EC10D40653EBE48147A00C321A4BB7
                                                                                                                                                                                              SHA-512:4FF25C655307C36C6077EF936AB27C0FD47D8A64BAD5D761BC4E582764524B67E4127E7EAB6CE8A70ADFB6A74EA52579D51123DD1FD22FFA8089CB28A7CDECA4
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\PageIndicator.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2795
                                                                                                                                                                                              Entropy (8bit):4.828338932063428
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9GD6DQ3JFbth60+jzyZZZ:nd5CB7fdpF+DZ3vph60+jGZz
                                                                                                                                                                                              MD5:EB291290659332B4760637A4A13C9BB2
                                                                                                                                                                                              SHA1:8C8B529B020F7F58C911B37587E065197ECE76B3
                                                                                                                                                                                              SHA-256:F7A71B592744EA1A88843238B5576B4DCD93BC923D79585D3BE0C54F749C1A96
                                                                                                                                                                                              SHA-512:9E5BB4EC6E40617094C05C10734298A0D60F027EE19FB2C4E383BFA6A7197867350626C024E9BFBA9B2D250A65171DCDE90D5F952EEB9B43C82BF9B86FF051D3
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\Pane.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2594
                                                                                                                                                                                              Entropy (8bit):4.8344449556473075
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9GDgGpUQ3JFw0o+MFc6RW:nd5CB7fdpF+DLpH3v5eFLW
                                                                                                                                                                                              MD5:E5FDD28B572D970E35544C60FD8BA0FF
                                                                                                                                                                                              SHA1:177441A046688D225AB8B60F67D1D8755239535D
                                                                                                                                                                                              SHA-256:158D1F2A7C116DA47489FF7D022314A79198A9C10784FB04B777B19A9906A284
                                                                                                                                                                                              SHA-512:F84CF4159FD462FD33AA3E4464F0662FE362D812813A5A688C6809847D906C029BD3471CB8F5F5B3E74471D08C593FCC3037BDD858E62B5DFAF1E501CE2BE603
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\Popup.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3464
                                                                                                                                                                                              Entropy (8bit):4.898820195124723
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9GDgGpwQjJFw0FQiYnpetijEnIy5y6RC/k/J:nd5CB7fdpF+DLpDjv5FjYnppjEnF5FF
                                                                                                                                                                                              MD5:7046F5FF3A70AFCA04B39F430AB475B7
                                                                                                                                                                                              SHA1:DC7DC60B93B54C6E11CD696927FFC11F3D1E28ED
                                                                                                                                                                                              SHA-256:B25507E5FEFD22BAD1CE21C0CF7910C448789EEA5DDBB74D7B17BDB4059CE6FF
                                                                                                                                                                                              SHA-512:A58099AE5E66317A1C8B14DEC37896DF1F535327933FA27060FF82BD16062F3166AE78CF7F8D966A83C10CA95960743AB16198E6932DAC4409146603CFA75B7B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\ProgressBar.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2820
                                                                                                                                                                                              Entropy (8bit):4.837609805236169
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9GDgGpiQ3JFbt8zgLozak8sBS:nd5CB7fdpF+DLpl3vp+7zanX
                                                                                                                                                                                              MD5:D1C0A356DE670765571C5E8E4F0F8209
                                                                                                                                                                                              SHA1:15B8228E3AECEDC6F904A311838589B03B47BE05
                                                                                                                                                                                              SHA-256:9AC78116B02C1BCB4DCDE91170B10B8DD7BF532F0B800E81BD3C948F5CDA956C
                                                                                                                                                                                              SHA-512:ECB8EF343476916484F60A840D2F6D80E85C96C221B175A69747FD8186C927D6EDC82839752E2ED66B2960EDC2009DC2B205D184E547299162EB682D8D4855F5
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\RadioButton.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3654
                                                                                                                                                                                              Entropy (8bit):4.7911429859967205
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9GDgGpFQ3JFbtoMXe10J4Z6/E0xeskxgzMCUlN:nd5CB7fdpF+DLp+3vpoMtqgWgxs
                                                                                                                                                                                              MD5:565BF9F71B56FA741400574DACEB11DF
                                                                                                                                                                                              SHA1:1390677D50F5C32E920FE1C79FDA5C410C4FA922
                                                                                                                                                                                              SHA-256:A9DAEB562FCEE84DA8E896456C5E8FECDE4E49842EDDBDB87BB45F9E0038CB99
                                                                                                                                                                                              SHA-512:4FE1BC10B616BFDE5CFCB534F5CC4D7504EF593C4FD68F986130F4B3A5A33202EE1A29A553A215C055CE4FB05D533ADB0979CF6AB075F7C95C8907F857D355EC
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\RadioDelegate.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4065
                                                                                                                                                                                              Entropy (8bit):4.792295622948737
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:nd5CB7fdpFGLDLpt3vpoMCZLSickXx2MXi6:nd0BhpAvNJEL5xvN
                                                                                                                                                                                              MD5:85BD4CF930049F7FAD1A1157CF56E2B9
                                                                                                                                                                                              SHA1:6B96630AE511416426C53F3CC9B311AFB3B8B8D8
                                                                                                                                                                                              SHA-256:01CEC46769B7E16A3FFC84123CBBED009A5D565F3D455364C79ED1C0A0006D0F
                                                                                                                                                                                              SHA-512:67D74C13F5707F94D159E8F9A7352B5A0D21B6F258A98C6C18B8C777B26772CFEAC3D434AF09EA6F9136BF3B8671A37511DEEF5B18CE31ED81B4D7CE172223F2
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\RadioIndicator.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2519
                                                                                                                                                                                              Entropy (8bit):4.827600648510387
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OGDgGpfSiK+T8ocf67:nd5CB7fdpFQDLpf2vNC7
                                                                                                                                                                                              MD5:3C3E1ECD5F2D9B1C8B8ADF7941BFEE71
                                                                                                                                                                                              SHA1:EB1EF91F402F7FDE38B6DFE79BAE0022CEE5BAE7
                                                                                                                                                                                              SHA-256:302175E3FAF2093C879B338872688F9193579CA681B5EE4287807CC487A56DD6
                                                                                                                                                                                              SHA-512:D753CE1817DE8FDBBCC672FBEAF1740FF993B9573764C1903C893539B04858BE3CA66B8F734CE9A282A3B00692D0A52E32B28952F717C1D2BE8651EFC4D785F2
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\RangeSlider.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4757
                                                                                                                                                                                              Entropy (8bit):4.795633305434376
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:nd5CB7fdpFJLDLpF3vqSs1Z/6Hzt6/1nLdBPuh6mj:nd0Bhpjv2Ss1V6Hzt6t5BPu/
                                                                                                                                                                                              MD5:517BC83A0059AB0501D89E95B479A244
                                                                                                                                                                                              SHA1:84BD154840AA09E0349550B466C9A662E53DF8C9
                                                                                                                                                                                              SHA-256:9119C70F03475B4D5AF2579302986B0694AB4FA6CEB4937B311E7B00A5611C4F
                                                                                                                                                                                              SHA-512:6E08F72783689DF48BC3A604DBC25FA69B03DFDA1B8C3AEB48AE8F6847B9CEB59BA2FA614A1C8C94B873C61561A392FB02317FE5D3D45682602BB14E6D4DD9BE
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\RectangularGlow.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):8309
                                                                                                                                                                                              Entropy (8bit):4.498428163270163
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy99io5JAS44kH1KWRmoAAJ/H0SAAd449lM688YAAdC:nd5CB7fdpFWJA/RmEZRMTmtnWwbQ9VI
                                                                                                                                                                                              MD5:F98E2EAE330AEE1FC832A15FC395AE4D
                                                                                                                                                                                              SHA1:BB91C3051A65832000DB517913F8A4B122C10F5C
                                                                                                                                                                                              SHA-256:E4ADE2E5C1600BEFE2AE31221035B5BEEE33ACBB9395DB6911C32B117C10A300
                                                                                                                                                                                              SHA-512:C263A0A3AE0AF2C665A079C4D77E931322FF4A6F062B3AA54D9D96540D53A1CB9D761E2901DA39F869528F3B4F2867DBCB65540D8BF42E876E643C64DE95F944
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\RoundButton.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4702
                                                                                                                                                                                              Entropy (8bit):4.724663373079018
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:nd5CB7fdpFGLDLpF3vpCQ2kXxYTxUbYbZ2FYW:nd0BhpAvJXxuNY
                                                                                                                                                                                              MD5:3A77FFFE5EEBC0606072577F2995448A
                                                                                                                                                                                              SHA1:1A2EF46A74648931CE7A4B2318D62C1AEC0E8E8F
                                                                                                                                                                                              SHA-256:6BA91BDE18BF2CAE35DE1815F2A1B8C8CF86765900C16B3599CD9650F7F6DF74
                                                                                                                                                                                              SHA-512:E1E2F0CFE991518AD4D1DFA05AA44018F1EFF79AD1589B44DF816F89104CB01E9634CF4374377FB942117472582D576C4198206CE4AC7694DAFD2EC916F75338
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\ScrollBar.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3771
                                                                                                                                                                                              Entropy (8bit):4.840999626567917
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9GDsQ3JFbtySQkc2fEZHHkDPxEXiHoPxZ:nd5CB7fdpF+Df3vpy1kCFKPaiHoPb
                                                                                                                                                                                              MD5:9B79FE506F854CB5E7615A2C241E3755
                                                                                                                                                                                              SHA1:BCFB14A7B8AC3DED6B1554DF75A02D6B8A65A208
                                                                                                                                                                                              SHA-256:AE326BD04FD07A2417F5583F2B06BFB68EE166938D1C651F33198F6E4665CB91
                                                                                                                                                                                              SHA-512:736C108E7F9C524AA68DA52AB22403E068BC347FAC9AF02A77E2B1A1133D5956CBB13B782B9C0C195405685C6FFF0C597DC514D12DBC29D7BCE3B5609C1979ED
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\ScrollIndicator.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2967
                                                                                                                                                                                              Entropy (8bit):4.755864058965555
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9GDsDQ3JFbtnRBNxAF/k+isH:nd5CB7fdpF+DD3vpnEJxia
                                                                                                                                                                                              MD5:435FCB5EAE11DAD6B2411D5BC0787216
                                                                                                                                                                                              SHA1:CEE1645E5D603A95363D99B72A250500BE9308D1
                                                                                                                                                                                              SHA-256:A66BA3C2CEB4766CA959A6C94971E4FB3FB2B33FC6157EC89E22F9DEC6B8B5CD
                                                                                                                                                                                              SHA-512:0836172997069DAC8287ED2D7A07E67DE8C659360D13A8AC6C50921D9F8338FB8BA1AFD4C1205DE09D6447F654D387009E4E1C34D9311E1A0F8A516BD34AD2A6
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\Slider.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3963
                                                                                                                                                                                              Entropy (8bit):4.829478647325663
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:nd5CB7fdpFJLDLpo3vj896/P3nLdBPtF9m2:nd0BhpjvY896/v5BPjV
                                                                                                                                                                                              MD5:46D343D4FC318CB86E1676A789915BA1
                                                                                                                                                                                              SHA1:5218BADEBC40B2E50449A545A7843988D859A016
                                                                                                                                                                                              SHA-256:BEF54AC22986A64AB8539D90568FC1A017FE0ECCCD1931F56A1910E429D0B922
                                                                                                                                                                                              SHA-512:E611F7959AAACAD4527E2EDC1EF3D0C49EB015FEE1C25C135657D04910C32380BE8080D6E2FCA34506F4AB742D05911E7FA711DD5BDE4CF79EEF06C60D3F3890
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\SliderHandle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2932
                                                                                                                                                                                              Entropy (8bit):4.78290740051343
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OGDgGpWnX+9o37M+fHMyzBADYfNsYNvb:nd5CB7fdpFQDLpWO9o37M+fHBzKMltj
                                                                                                                                                                                              MD5:D647A5CD428C2DD080AEE1D246CAACB3
                                                                                                                                                                                              SHA1:A5F9D762FC50421B78D55FFD60FDBAE57D75F69B
                                                                                                                                                                                              SHA-256:BE6421A3B9D158DE3A94B9F737DE8538432414BC3D2AB94977D31CE1FAE755EE
                                                                                                                                                                                              SHA-512:8DE0E39E5CF2721BADDB2A63AEE00A8BF07107E95FDA57F38E417B7EB3EBEB70193372285CDE17B6CF0760585BA49E755D50A5F8676833FF2B1BEFE9C1A48BA4
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\SpinBox.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):6225
                                                                                                                                                                                              Entropy (8bit):4.618752935327141
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:nd5CB7fdpF+DLph63vURkq3KjKbnuzjBUg/HLvWLTFuzjBUg/7ATw4VfsT:nd0BhpsvUhfxD
                                                                                                                                                                                              MD5:1F3CF71216E54DFBD0A6A352907A95C6
                                                                                                                                                                                              SHA1:AADC4946FDDD3BE151AB78AB64BC69356A3110FA
                                                                                                                                                                                              SHA-256:563CA893E4477876ED5DB6DA9F981D0E6D60662378C7D4B77053B1226317C409
                                                                                                                                                                                              SHA-512:2EE5821C9FDB31B2230F2919C8BFC894B656E5CB32F01F26291E9BC1F15BF8473535F678220BE4F90FA87385A1F9BE63ED7A666A142FC0BC5D1DC520EEB449C5
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\SplitView.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3315
                                                                                                                                                                                              Entropy (8bit):4.790674071189243
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:M55H6E+iCsAaKj7fOWIkFy9LixvGmQqJFbtyz6f9JfDZFt:U5CB7fdpFOpqvpy2jZz
                                                                                                                                                                                              MD5:E46181340B2D9E90775F686AFFF9C2AE
                                                                                                                                                                                              SHA1:73BAC5091904762063E7D9AB1DFA1D49C3570A5E
                                                                                                                                                                                              SHA-256:4248D6703D05D41480FFAF12ABEFC63F020B204221684D73D64957ADDC3A8B4F
                                                                                                                                                                                              SHA-512:34CE77D44809A969247B76DB66F03EAA20FC9B94413B2E49FF9647B7E2841F32B1B271197E510B73FB45BC22F4EA70EDE14D6E8F5C4F24C93A800D8D58526442
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2018 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\StackView.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3885
                                                                                                                                                                                              Entropy (8bit):4.951612981046042
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:nd5CB7fdpF+DsV7p82+ij+spJOP8u+spk0OPO:nd0Bhpsa7pQiispkP81spklPO
                                                                                                                                                                                              MD5:10E28FBB58B8A780C527A32A59114312
                                                                                                                                                                                              SHA1:EB9CC1B8847B3AE2882926429014B1B257E87C1E
                                                                                                                                                                                              SHA-256:09C499DE9CB6DF74464FD5A66C9A58AF16E34FFDE3E0C67AC12D0E0C81ACFAD6
                                                                                                                                                                                              SHA-512:F6571C71E912B1850CD6F2211030AF6D9BC96CD32A5AB6D5801EA8FF0ECA679AF72620060A5F22A6D44EE3116013FA20346A4003A00AC1357957E14A9A067611
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\SwipeDelegate.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3887
                                                                                                                                                                                              Entropy (8bit):4.773238807520014
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:nd5CB7fdpFGLDLpQ3vpoMCZ8kXx2MXfUbK/Ec:nd0BhpAv2JExxvvAc
                                                                                                                                                                                              MD5:C8A4636D811A78B52E3A333EF90AA494
                                                                                                                                                                                              SHA1:B1A3AA6D7250ED974AC7B21DF7598F6919A6D5AA
                                                                                                                                                                                              SHA-256:B19EB0EC5894590163F09F7B66A236CB30EA2C63E3E79846EABC4029A3792F13
                                                                                                                                                                                              SHA-512:520272046579D975FB9E32DDC330DB698CDF099214D7B95F9B6ACFE03AABB9D05E39501464076AB08827E68248A32AEF4F2220F460E5F5A62AFE5C653875B8AA
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\SwipeView.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2830
                                                                                                                                                                                              Entropy (8bit):4.839139747866962
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9GDdQ3JFw0IJeSaVzdSw4:nd5CB7fdpF+D23v5I3aG
                                                                                                                                                                                              MD5:55A2CB6F3D43441A3AB4D20CCCD8BC27
                                                                                                                                                                                              SHA1:BE8DB5E36F2333E68976D0A655DB9C047131A7DA
                                                                                                                                                                                              SHA-256:DF48A6406527FD52342CBD00D50D4F749D023086A01814EA8FC6C550A2FC53E3
                                                                                                                                                                                              SHA-512:FA05783EDBB4174458FFE860EA3F93740B386CA1BA48309BFA551A410D7267949D0AB652FA78B5DF9B32889A31A67C4A87D6B5FF031DE0A80958E68B62E76F3B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\Switch.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3612
                                                                                                                                                                                              Entropy (8bit):4.796786231360721
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OGDgGpg9Q3JFbtoMJA0J4ZWfsu8kE0xeskxgzMCs:nd5CB7fdpFQDLpr3vpoMFLfsu4gWgxs
                                                                                                                                                                                              MD5:EC5BF32BB60EDCDB2F1C1D07F05E1CDA
                                                                                                                                                                                              SHA1:D9CC82E6832EA93A2B87A136FF42463CDB27C14A
                                                                                                                                                                                              SHA-256:E65C894AE653242836BED8789B72E8A208A8D743F840A73E9B6BDDEDEDD11A31
                                                                                                                                                                                              SHA-512:F0D92BDCFD28CB0FA467F7FE8AF53F96022DF55B5AE81F12666742D3E46B421A443A953D57C3E7CE40E43AE6928E3076CDA14CE86B3465BA01B85217930F2538
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\SwitchDelegate.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4104
                                                                                                                                                                                              Entropy (8bit):4.794699611379986
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:nd5CB7fdpFGLDLpu3vpoMxZ+SickXx2MXi6:nd0BhpAv8Jv+5xvN
                                                                                                                                                                                              MD5:8760D7638C811958C997AC97746FDC96
                                                                                                                                                                                              SHA1:CB5D0324B0E2CF7C90C745F667102EB2B14722DE
                                                                                                                                                                                              SHA-256:C897DD480D12643F24A357B1969B78B91DA6B7E8A950DF2092856010AB8A8E07
                                                                                                                                                                                              SHA-512:56CF699B98F0EA9C97740CD5FC7770FEFBE90BA9A801FED5CEA855FED8C3EA53207FF45028FF2220D8EA1553FBF797ADFAD01AAC46D422EB9E82781DC7B880F6
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\SwitchIndicator.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3330
                                                                                                                                                                                              Entropy (8bit):4.752119040809457
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OGDgGp5Qq7rgI67BA/X//bXv6VZy/Gly6Ra:nd5CB7fdpFQDLp5/7ULEXbCVo/mFa
                                                                                                                                                                                              MD5:2EC9174D585AA4F418A831EDB97C0B9C
                                                                                                                                                                                              SHA1:E2C3ECBE6E7BC4FFA8DD5CEF3767BA3438F76C3E
                                                                                                                                                                                              SHA-256:F01406646BB316E79AFCF276DDC59BC70BA46DE58562B1173A6ADF33728DC7F4
                                                                                                                                                                                              SHA-512:00D834A26C0506C183E37A5ED077067684B63BFCE40D3662596C6E31F19B6CF3E3C743B575C3D6A764C1D8B925C9B65055838618842F6BF345CE48411EBE4FFB
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\TabBar.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3437
                                                                                                                                                                                              Entropy (8bit):4.785298813653595
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9GDgGpmQ3JFw0cwlc8L8Nd2JB54xocy5y6Rsf:nd5CB7fdpF+DLpp3v5cNz2r5ws5Fsf
                                                                                                                                                                                              MD5:E0C9C5E2BFC89B835932400D5F5FC80F
                                                                                                                                                                                              SHA1:063643A8DEF7A64BFACB373F2B1E6EA9291F3EEF
                                                                                                                                                                                              SHA-256:DF91849DA352EB0A6FA50AD30188014BC8EE8927676EF2108B7DDF55A3BA97B8
                                                                                                                                                                                              SHA-512:93E21896F9F31F2E02D7B36E7C52AF63862C6E62422591250219F3A680527B42FEF4D107A89DC33D33E919F40188982AFC88346864E054FAC5331C2CFD3CABDD
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\TabButton.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3208
                                                                                                                                                                                              Entropy (8bit):4.826535254116028
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhgGDgGp5Q3JFbt+kXxOqgb:nd5CB7fdpFGLDLpS3vp+kXxOqw
                                                                                                                                                                                              MD5:22F5EF66ACA2F5F123545E57DA4B9995
                                                                                                                                                                                              SHA1:E27C692FDC8EC203F3A331481166237A6E15BF27
                                                                                                                                                                                              SHA-256:6D87E0C63D2A080B7C6728A3E3DFBF8F792032034EA770710202592F1BD532B1
                                                                                                                                                                                              SHA-512:3627C4ADCE5B6EF2EE4E62280C4394026273DC745301BE6AD463CEB4FB13B0B71EA76BFE4C1121FCF81BCA1044CEBC5C302983541E1227F456823BD6B1274963
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\TextArea.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3727
                                                                                                                                                                                              Entropy (8bit):4.830699947184764
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhgGDgGp4Q3JgZLzAjPERh1FjygPi/PCdWFob:nd5CB7fdpFGLDLpr3ONmPMndWa
                                                                                                                                                                                              MD5:07D5EB3B82FE60F2E43ACD5D2C11C147
                                                                                                                                                                                              SHA1:73CFA3E99F861EBFC64751BF43535661BBB898FE
                                                                                                                                                                                              SHA-256:CD31510A2D8460FC131E5A94D753D0B923F50626E575131DEC9C94CB7EE540C6
                                                                                                                                                                                              SHA-512:2B169294E7F9F281E51BA6254AD43398E0DF5E1586C4B520B432AD3045A0041D8D8316E3C3AC4432D094438C44A95380BA81E56D33460CA64A9E9CE5DCEAE027
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\TextField.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3820
                                                                                                                                                                                              Entropy (8bit):4.8410761106012945
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhgGDgGpzQ3Tw/nP0p9PERh1SijygPi/PCk1pM:nd5CB7fdpFGLDLp83TcszP0nknI/
                                                                                                                                                                                              MD5:81914053CF4C8B51173BCFDAB127BE2E
                                                                                                                                                                                              SHA1:1222B9204AC958072ECAA1E28F7D80C987B71685
                                                                                                                                                                                              SHA-256:09A990D8A73091DA451FE46D518175A4D794B9E955FF45920D0E9D8F4063458E
                                                                                                                                                                                              SHA-512:35F16E4E063FBBA6A54844E387DBA874B65AB9BBB8BC9E5F281F43F397F85D915090B3A186C68916B172CE0D4FD040EFD65F4E70A9E9500843822901E17ED55E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\ToolBar.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2656
                                                                                                                                                                                              Entropy (8bit):4.830282251562865
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9GDgGpVQhJFw0myjy5y6Rsf:nd5CB7fdpF+DLpOhv5H25Fsf
                                                                                                                                                                                              MD5:CECCF52B0AEC6FBB914633703AF7A1FA
                                                                                                                                                                                              SHA1:299363C51B8BB0898E3300A8A5451F3CA85BDA04
                                                                                                                                                                                              SHA-256:69EF1C4BF0329EB9FE2E6DDEC7E584A3E38430250CA3D9EDCC38181D6E44E636
                                                                                                                                                                                              SHA-512:8C1968A391708A7F9726D058C831C930D83C613BD33764BE1B6F759ACAB536090F42D2996F1CEC063210A24C794D8F3DEE7D1A2AB8B4D9700EDD9D4F0CD4B49D
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\ToolButton.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3602
                                                                                                                                                                                              Entropy (8bit):4.812649874502562
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhgGDgGpAQ3JFbtBkXxSWrj7cMb:nd5CB7fdpFGLDLpT3vpBkXxSWTcc
                                                                                                                                                                                              MD5:42B68708A8B18C126569C42844D844CA
                                                                                                                                                                                              SHA1:E1DB4E42E6609532AC4731A8CB66866229C85FE2
                                                                                                                                                                                              SHA-256:8D3AFD8D199595659F42212168ABCF55B7D1AC212A6616573BC083F73CCA1B21
                                                                                                                                                                                              SHA-512:F48C3575E793E631915BC719FEFFDAD673517AFDD9EBDE93168DF4E4B7306A5C3ECD5669572CAA1A091A044503EE0E3537314AFB65C41FC613EA023EC7E03344
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\ToolSeparator.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2489
                                                                                                                                                                                              Entropy (8bit):4.847822761591629
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9GDDDQ3JFbtM0QHb:nd5CB7fdpF+Dw3vpvQ7
                                                                                                                                                                                              MD5:AF500ECFBBD1A4792B16FA5C373D9FA4
                                                                                                                                                                                              SHA1:7FB693155D9DE76B81BC5505BA33A91A7F5F0A36
                                                                                                                                                                                              SHA-256:595E7895E532F29F9CA2DA32501522B8C8360664238DC82C7793C73AEBCC3D1F
                                                                                                                                                                                              SHA-512:10E9227C90ED7CD4D52C5D5CA196F1D28F59736A874988FFB46A7BBB18640D6176C33E19E86B00AA8651E877484450E64733EDF6830940F347871FBB57312292
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\ToolTip.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3206
                                                                                                                                                                                              Entropy (8bit):4.885163038662627
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9GDlQ3o/JFw0jYWspetiF8ebpt:nd5CB7fdpF+De32v5jY/ppF8ebb
                                                                                                                                                                                              MD5:CB7A270AC99A4F764986C3731EC6A906
                                                                                                                                                                                              SHA1:AA9245F722DB3C96084E42F4AB3515D79E0ECC93
                                                                                                                                                                                              SHA-256:6085F068214BFB06C453F1B671576AC585072A02638D871E212B7FFCBFCEB3E2
                                                                                                                                                                                              SHA-512:14AC48489D020D7DC406499A4192372D2D344537A9252860DC914D70CE3D85E7476BD4FD6220E6CD335F9AE644B05018F3A6DAEC7E13E1DA896D1BDEC7321F97
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\Tumbler.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3317
                                                                                                                                                                                              Entropy (8bit):4.826698729490084
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhg9GDtQ3JFI4CtfXKeGlZusHPwLA:nd5CB7fdpF01DG3vIvyrwE
                                                                                                                                                                                              MD5:2D0F59B773A845F7F6105A2E6A6CA9AA
                                                                                                                                                                                              SHA1:686126D568A0B636F4652EB820B6F94433575BCB
                                                                                                                                                                                              SHA-256:1EF694FF3D76110423D945F9ED5948BA86587DBD130BBB953C1B88F3F7C08729
                                                                                                                                                                                              SHA-512:06648257FAD90471945F4D56A47C1A0D93E65E1DF957A6A817B91D569CBE4A9EFA7826CECE30202EEF4E9BAE91AC2A8A55BDCA6EBBC2179A8C17C248862D5AED
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\VerticalHeaderView.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2965
                                                                                                                                                                                              Entropy (8bit):4.806250208072157
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:M25H6E+iCsAaKj7fOWIkFy9lv8GXG3Q3rNqYJfykFbbUWlNzx:L5CB7fdpFgWg3BqY8QbdV
                                                                                                                                                                                              MD5:67CC5584067185FD2979461ED17C75E3
                                                                                                                                                                                              SHA1:0824D45DAC32996C1F4ABC9294D5E77A8BEDBFC6
                                                                                                                                                                                              SHA-256:B58DEADECF19234D92FCC035C0B773271B4CFDCCF24CD06E300F7C81903CA433
                                                                                                                                                                                              SHA-512:C96E7782C9033D28279F5572AEB4910420A52CB72D6DC3D017C240FF50205B6D94D1C8FEFE9065E2F80644E9E38E1B37B5F7D76C0D1951E58D341FC16556B5C4
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\plugins.qmltypes

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):19745
                                                                                                                                                                                              Entropy (8bit):4.398954459962296
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:0OEsWJxl7IC1CoZT5zkTmOG8pHBhk99bry4:0OEsWJxl7ICMoZT5zkTmOG8pHBhArj
                                                                                                                                                                                              MD5:9DF4F4EC635616DEBA44BECF1D4B1289
                                                                                                                                                                                              SHA1:550EAD9AF422A5CCABB4EBACDD53A23F3A4FFC39
                                                                                                                                                                                              SHA-256:65CEA887FC78F250BAC61E4E4B6BC9F21C9443F74CA16C6461B808574C5BFD98
                                                                                                                                                                                              SHA-512:92107583FC0A94EC5F6665100036099293B02995BA32384DE61BE1172B1E51F75D7644DD4B262627A7B00B58B9D0D19F6067292BE259285F56D77F0EB1A4AE40
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:import QtQuick.tooling 1.2....// This file describes the plugin-supplied types contained in the library...// It is used for QML tooling purposes only...//..// This file was auto-generated by:..// 'qmlplugindump -nonrelocatable -dependencies dependencies.json QtQuick.Controls.Material 2.15'....Module {.. dependencies: ["QtQuick.Controls 2.0"].. Component { name: "QQuickAttachedObject"; prototype: "QObject" }.. Component {.. name: "QQuickItem".. defaultProperty: "data".. prototype: "QObject".. Enum {.. name: "Flags".. values: {.. "ItemClipsChildrenToShape": 1,.. "ItemAcceptsInputMethod": 2,.. "ItemIsFocusScope": 4,.. "ItemHasContents": 8,.. "ItemAcceptsDrops": 16.. }.. }.. Enum {.. name: "TransformOrigin".. values: {.. "TopLeft": 0,.. "Top": 1,.. "TopRight": 2,..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\qmldir

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):155
                                                                                                                                                                                              Entropy (8bit):4.5598280105456475
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:3BV9NKfNDyVMURCNajJW4whvyWmopCxKD4yMg2cakyxRS9NKSvn:xVfONDGMUj1tw58oI04oG5Cfpvn
                                                                                                                                                                                              MD5:087236C6EB9A82D9BB57278A08D5D039
                                                                                                                                                                                              SHA1:B31AC662CE411E2DE7F87973B1A213E3AC620D0C
                                                                                                                                                                                              SHA-256:BD78A9455635EAC335F2FD294323939B70B5906DC3C26C83441920413157E533
                                                                                                                                                                                              SHA-512:705FE9B9C21E525E83E66C2594EABF01D42EFE66D7F44CF61A0C8539D7FDE08D75DF5C83E056F49100C901E2073BB9DCAC0457214D5DF32C7FED815F1C0ED9DE
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:module QtQuick.Controls.Material..plugin qtquickcontrols2materialstyleplugin..classname QtQuickControls2MaterialStylePlugin..depends QtQuick.Controls 2.5..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Material\qtquickcontrols2materialstyleplugin.dll

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):746480
                                                                                                                                                                                              Entropy (8bit):4.656573871864589
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12288:6+pIreBgpxprwppphpVphp/pnp/pNp6pQpQpxpVpApB3p/p4pWpcpgpCpopipmp+:5geUJ
                                                                                                                                                                                              MD5:B7D862F5F15E86B73C670913684FA8E4
                                                                                                                                                                                              SHA1:8266952E8E14D04B5E710563935791D1DD90A2AE
                                                                                                                                                                                              SHA-256:2EABB8E5F3B57E42C6F29DB645EDC4BAC17910B1AC0D8D0083C66B152F8878B8
                                                                                                                                                                                              SHA-512:E68E6298F557CB92EB2AAA9D334621EB1B29AB1186A4F25E22F28667B5EBC4732639827C5CE136360525F0EE300FF37ED424DD311626AF3FD5C36710FBF0FF23
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........E..............z.....n...............n.......n.......n.......#...............#......#.......#.......#.......Rich............................PE..d...9.._.........." ......................................................................`.........................................P................p..x....P.......H..................T.......................(...P...0............................................text...]........................... ..`.rdata...M.......N..................@..@.data....6.......0..................@....pdata.......P.......0..............@..@.qtmetad.....`.......<..............@..P.rsrc...x....p.......>..............@..@.reloc...............B..............@..B........................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Menu.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3132
                                                                                                                                                                                              Entropy (8bit):4.814273270880492
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhg915Q3JFw0cw/NtPCccswXO:nd5CB7fdpF0US3v5l/vCccW
                                                                                                                                                                                              MD5:C17D3D7BFB6888203D88C2C8E5391B7B
                                                                                                                                                                                              SHA1:9A3F9E3E37F513AE66BA4B6C012B2B7FA3906890
                                                                                                                                                                                              SHA-256:071F5C638437BBCB3C6992FFA69F4A459F148D060C342F1D0F5E6C122201E743
                                                                                                                                                                                              SHA-512:707414AA1ECA3B3B8C4CBAF1E39632FE495E60BC9E8D602AEE89A7289F71EB81466E7E1411A929AB50BB924636820109EF2801EB92D2A790CBE8C1A4A7DCF988
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\MenuBar.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2515
                                                                                                                                                                                              Entropy (8bit):4.821005781824648
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhuQ3JFw07mX5:nd5CB7fdpFGx3v57q
                                                                                                                                                                                              MD5:D71025F7D7E9ED4129595A7A0168BC8D
                                                                                                                                                                                              SHA1:A2EF2D3D093BE18BE7FBC220EE742477C1326222
                                                                                                                                                                                              SHA-256:E84583C39B610DBC2E89B9D284E6850D4DC80FD7C2151BA3A55D4BEA9926262A
                                                                                                                                                                                              SHA-512:09BEE1B070EC4B7CF3235F65FD4294816778D3BD263C6CD3EC42A6C31A33ECC5A2B4CAB6A7D03DB276AA6D7110DC2D304B2460205B064C1399E4442E948469D2
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\MenuBarItem.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2994
                                                                                                                                                                                              Entropy (8bit):4.804111096356225
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhBQ3JFbtoMokXxtwwX68:nd5CB7fdpFGa3vpoMokXxtz
                                                                                                                                                                                              MD5:8ECD638D4ED2FF8B1803D1D5196C1556
                                                                                                                                                                                              SHA1:5595E12AD1A6FCED601F2A2F4D0FF911F8F0FE58
                                                                                                                                                                                              SHA-256:25267737CF4A0430631BC80B509647B605B903D9C2BB39A7D0FA05DF3939F5B2
                                                                                                                                                                                              SHA-512:D81E449DDAD983AB9B89B4C5F8B28A7713D7FA511C0FE23A917E87E4F62992B49D3E24B0C14C50B3E392E6F974ED92B0DD08316752D4DF18EBB86E6982D4113E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\MenuItem.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4379
                                                                                                                                                                                              Entropy (8bit):4.80556368692418
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhgFQ3JFbtoM9Zxe/xecakXxntM44QY4jX8swX/:nd5CB7fdpF0X3vpoMtQskXxKLyM3
                                                                                                                                                                                              MD5:B05869D66C6D02AEA7FEB9CA883D8946
                                                                                                                                                                                              SHA1:8ECA11E561E4C52DA3D3E6C8EC32A8D640382E30
                                                                                                                                                                                              SHA-256:2AD146A44A773E8105BBA1A9A1A2552D4F64C0990C7EC48E3A98D59044398BC4
                                                                                                                                                                                              SHA-512:C55D6326A1E0C68D36DA8272C3BFDB5B1060088617E78BD76B4257C71DF02EE3C4C927268E5FBBD46740FC68BE41C3A95B50E1B4B77048581C2D679470636D12
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\MenuSeparator.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2442
                                                                                                                                                                                              Entropy (8bit):4.839225593423535
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhg5DQ3JFbtrjyA:nd5CB7fdpF0V3vpP/
                                                                                                                                                                                              MD5:B5F15E86F80B2304F2AE672FADB3EE96
                                                                                                                                                                                              SHA1:76A5C6EF45C9A05B5EBA7A7907588D69462181B8
                                                                                                                                                                                              SHA-256:58A848C945814A0E233E775DC308F719FAB3790026687790D66B7974408C5F6C
                                                                                                                                                                                              SHA-512:9D4B8B45B03D2B41AA44A256BB2A02BC993988E8FF4C52128895C27EACAB1E16A0FACB519132578EEA67395ECA27F2473D8C4A46BF1AD4814C56C91D04E27B50
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Page.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2604
                                                                                                                                                                                              Entropy (8bit):4.774696392771712
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhgOQ3JFm0QuLYupz:nd5CB7fdpF083vn3L/pz
                                                                                                                                                                                              MD5:761015C43D3CB38D4A0E8A0694CA39F3
                                                                                                                                                                                              SHA1:245BB0B79F994960BBDDB609CD0D143B905EEEB9
                                                                                                                                                                                              SHA-256:4D4AC1104FD58E70DF514B2AB5D46B037BA489CB96C64505A3D672ADA6CC9884
                                                                                                                                                                                              SHA-512:E3B37BF9AFAEBDF05B9F4A47810FE0440560E521CFB91FF5B31B4723704339AC5533C04A7AE845760F4968AB53CFD0CD8E0C4597D41A1C31254812ED07C6F259
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\PageIndicator.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2763
                                                                                                                                                                                              Entropy (8bit):4.829470306877085
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhg3DQ3JFbth60+FZZ:nd5CB7fdpF073vph60+Fz
                                                                                                                                                                                              MD5:29A933813837994A869AE9839B1C3D26
                                                                                                                                                                                              SHA1:C29B1149A39BCFD5194510A6679B01826C8C82CA
                                                                                                                                                                                              SHA-256:43433AF6C1F53A570C8CFCFDCCDFA41D8806CBFC9F1BB962CA12EA46CF4C0A6D
                                                                                                                                                                                              SHA-512:1266AEBD949CA874EF9CD01E834F005F80B70451D3F83AB0812CD7E5D3C2DC993E9620D4762983D8A29145112C737AD9E98BB2E6D59C2D1DA6A9AE4B74466472
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Pane.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2331
                                                                                                                                                                                              Entropy (8bit):4.838692827239353
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhg/Q3JFw0F:nd5CB7fdpF0F3v5F
                                                                                                                                                                                              MD5:D55630888288DE076EA18EE14D8CFF45
                                                                                                                                                                                              SHA1:D598CDD2A146D976F577CE49885CE0FDB60462D2
                                                                                                                                                                                              SHA-256:B01825029C2139A4ECF9BC1CE3C1379D19F4A3D7F8635BDBC0A9DBC28B13C2DA
                                                                                                                                                                                              SHA-512:6C5C2D322F18385BB9706AED40921DD258E49E4B9B0DCED4C44D1097206118291F06FF4E4BAAACCB15101EE9ABF9BC90D70532856EEC9C404802350D05986A3B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Popup.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2592
                                                                                                                                                                                              Entropy (8bit):4.855929209866687
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhg1Q3JFw0S:nd5CB7fdpF093v5S
                                                                                                                                                                                              MD5:D03D6CF824C899D2FF247CD0A474D986
                                                                                                                                                                                              SHA1:DB54B862972C8D722C1DB47B3251975066B230AF
                                                                                                                                                                                              SHA-256:75C32398761D16E0E875E26E9584EF67CFCD1A1F4F2938F3C86A57E17334CF2C
                                                                                                                                                                                              SHA-512:065EB0674EB7BF0AA3C7CCC90E7FEDE654674B17E4074A9656C3B36CC37F6AB21C28CD30540360BDD7E497055F4D1C6A35E4874AD27F6B0DCD29C29D82DA0EF9
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\ProgressBar.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2735
                                                                                                                                                                                              Entropy (8bit):4.8163289625337455
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhiQ3JFbt8zexozakWsfKOZ:nd5CB7fdpFGl3vpOeeza3OZ
                                                                                                                                                                                              MD5:0BFA56149AFF7B45DED9F77C9CC85F6E
                                                                                                                                                                                              SHA1:66CF64F0A9994224CF85C3080B59A93B28B2E6CC
                                                                                                                                                                                              SHA-256:70000725A412BF884244F5E7A170A23BC2F4B96BE636C42F830067FA3F4FF728
                                                                                                                                                                                              SHA-512:9FD5537CEE85B45106C8604BDE0528868B7357A11B02A8EFBCD63FEA8E8206620F3AF6D3D3CAEB33B6F80D4AD49F13FB97FFF3B1AAC76404FE2D891C6FA097D1
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\RadioButton.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3713
                                                                                                                                                                                              Entropy (8bit):4.773769607411336
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhgUQ3JFbtoMbW0J4qkofqG0xeskxJy:nd5CB7fdpF0I3vpoMb5TsGgWo
                                                                                                                                                                                              MD5:8E2E42B0CB63F3B7F68F097CB97B0E71
                                                                                                                                                                                              SHA1:454F9AEE8A0396FDA827B445318FD320C11AB1C3
                                                                                                                                                                                              SHA-256:114FF5020E93592ED84368576EEC23AB3F999129D8C2BBB7FCAFAB3603FC28D9
                                                                                                                                                                                              SHA-512:498F75A42BED01A02503870A3DAA245E2886DDE219D5728D818C3D7A9BCE28072BC74E4FBB493EE42B83FFA05131C958D4525A6E28EA914AB815C2DA25355932
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\RadioDelegate.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4169
                                                                                                                                                                                              Entropy (8bit):4.758093410324449
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhg7Q3JFbtoMhxeszxqkXx2M7XY4qkofqvPwX86:nd5CB7fdpF0v3vpoMjLqkXx2M7ITsvyZ
                                                                                                                                                                                              MD5:2B788400464D9EA3E1B0A465FCC23958
                                                                                                                                                                                              SHA1:1D7368BA133BE85DA3D64E37F6986AD55864451C
                                                                                                                                                                                              SHA-256:B3DBBFC1472B5CA9F5C836AC14BC847E878155AFD875F81CB600A9EC769F148C
                                                                                                                                                                                              SHA-512:A66E39223AA6568C3BBE597A4FF93FF042EEA117E7B8A0AA6A0319F109D4E3D8D1B869311FBE0C78062E6F8BAAA98F5FA0C3EB548568391234496813D2410562
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\RangeSlider.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5005
                                                                                                                                                                                              Entropy (8bit):4.758902637937423
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:nd5CB7fdpF033vqSEJmzpFmzhbngPdgcH8:nd0Bhp3SEWM0gV
                                                                                                                                                                                              MD5:7E419F94FB2F5B1B4C956D66FE04F313
                                                                                                                                                                                              SHA1:A6A337439BDD2233D727BC8C55FD85966259A01C
                                                                                                                                                                                              SHA-256:81A2A87DF4D44A5023170189DFCE8076FE8C420B8D6912FEC23249D56A8D6D0E
                                                                                                                                                                                              SHA-512:595B430F0CB3CD8256A9156C859E48CE38FC85EA73EE60E2F1F32A00B53F965B14520637ACC723C50F06775142977641782DA4B3A27AF430106FCE6CED85F7A4
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\RoundButton.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3633
                                                                                                                                                                                              Entropy (8bit):4.778438090721813
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhgHQ3JFbtb3kXxEzwwXBpcWr:nd5CB7fdpF0L3vpbkXxIdWW
                                                                                                                                                                                              MD5:42A33AD9B25996DA051E4A496628F25C
                                                                                                                                                                                              SHA1:7F49BD32C739ED2378C246104C1A71434C5A2842
                                                                                                                                                                                              SHA-256:3F06E0F1CC2222D5AC39949DD6AA50C5BCB88BD9BFECB0330CA6ED62A46C53F4
                                                                                                                                                                                              SHA-512:9BFE3C9AB1D671974078811121D1DC37F69810AFCB58BF95BFBCD19CE4CD257B262C3A3BCECAC69BB9636F4A0B34A58D85FCB0D3FF4E251F85517A24884C9724
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\ScrollBar.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3211
                                                                                                                                                                                              Entropy (8bit):4.8343887210632195
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhg1Q3JFbtfSQkBLIkF/3ys5:nd5CB7fdpF0d3vpf1kBXJ3yG
                                                                                                                                                                                              MD5:B851CCBD1786C616CD8C1B069DA5C640
                                                                                                                                                                                              SHA1:860B1A5338B05FA821EA4F168AC76D894B9C2130
                                                                                                                                                                                              SHA-256:ABE6BBAF5F31E5DEDA3086423EC8935BAE426F945A5532701982B3E1206857FA
                                                                                                                                                                                              SHA-512:45CAD29A8569C5F48679D5A447942C7565988E3C1515522256E9511B5265702DC2BA5BC441D848A8D25ED36A80C5BCB56CA59C0C9CD14BE195A5094BF5846698
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\ScrollIndicator.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2981
                                                                                                                                                                                              Entropy (8bit):4.75619578796289
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhgVDQ3JFbtnLSNxAF/k+isH:nd5CB7fdpF0p3vpnzJxia
                                                                                                                                                                                              MD5:9FA5611A631E0FABC7C35433CC09E93B
                                                                                                                                                                                              SHA1:689C9ED60D1F34DBB63C3B6549E471FF081D9601
                                                                                                                                                                                              SHA-256:4E33A27C70ED092B8FF5DB889A6F2ADFDFC780525AC462E249CE428804C9F2E0
                                                                                                                                                                                              SHA-512:3646644FE2A3FE69448986BA885899AFEC58772D5D54395DB0FA0B0E5E62F83B8C6B882D4FFF6B082E00E6B160EC1866DAEBFA119E11A62EF699EC77FA1E2D02
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\ScrollView.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2725
                                                                                                                                                                                              Entropy (8bit):4.818398008330529
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhgdQ3JFw0i54l1K+h:nd5CB7fdpF0v3v5iCl8e
                                                                                                                                                                                              MD5:4CD5AF2ABBA5A14956D162EEF759C371
                                                                                                                                                                                              SHA1:689777D7AC3CA08105F3BE4CEA92C655F236C9B9
                                                                                                                                                                                              SHA-256:E133806D109716F7B355F1D643A18FEE659A64ACC1D8E27089A568E82EB4D3B4
                                                                                                                                                                                              SHA-512:9FA50C54708C0C29638D69E96FC7372A1B687E6E678C6169A11AFEAD7EA561C69AA116AE0D9F05A40B7D5AE4BE4459F136C09BF3CAFEC67703F7AEA562A36FEF
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Slider.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3923
                                                                                                                                                                                              Entropy (8bit):4.794707446109668
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhgQQ3JFEIr86EAwNm8JOb6EAM/y24YOdh7q:nd5CB7fdpF0i3vj8Bm1DngPdh7q
                                                                                                                                                                                              MD5:B469B132AE469ACCA3F396C4BC1886A5
                                                                                                                                                                                              SHA1:98A9B96BC9BD4CFDAA84871813517524099C3474
                                                                                                                                                                                              SHA-256:2B435D4E44817A589654C2A41D7758795DD1E148FDDFD9E2E192D1279D354FD8
                                                                                                                                                                                              SHA-512:625762A0904D48BA78A662D94A03689DA7CC9287DB729FD036AA7A4D184E68B5AD78FBA2BD86DBA5102A9A146A94D8B3B7A5736756767AAD232E4997F96D6ED4
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\SpinBox.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5365
                                                                                                                                                                                              Entropy (8bit):4.629971532594098
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:nd5CB7fdpF0X63vARkq3NjK7+b5SnATMSWAlQ:nd0BhpLCM
                                                                                                                                                                                              MD5:70C54E305C8ED6278387D1605EC35B53
                                                                                                                                                                                              SHA1:C274B2B47C217AAAD29558E80AA91405F28D1599
                                                                                                                                                                                              SHA-256:7A8A219B1E85FDBDE2A49C168706CB29C41530720CB4E9D082492104A49F1A0F
                                                                                                                                                                                              SHA-512:0ABDA48253D43B0A9AC7FBCBE34D3D1459D6BED94A9C16DD0EABEC464536743E7CC70931F81DB3AF6EC50E2F2C0E8A5F343EE8F0869381E046AAE511A12C2C46
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\SplitView.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2605
                                                                                                                                                                                              Entropy (8bit):4.853125997394258
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:M55H6E+iCsAaKj7fOWIkFy9LixgQqJFbtyz6V2f:U5CB7fdpFzqvpy2g
                                                                                                                                                                                              MD5:A0671680A70476FE755E8B4E69A9084E
                                                                                                                                                                                              SHA1:D1CFB08DE1F3F4295C6A16C1532AAB70379032D3
                                                                                                                                                                                              SHA-256:FA338E11C1D5CA56D42BCB1952C307EFAED89FF9E62870A768C5CA40F3BC4875
                                                                                                                                                                                              SHA-512:349022AEB030E6275ED6162B29B3D80105F94554101C058C59F112BAD9205112D1F4442B587837AE8846296EE34D553F9029CCD1401EC019E7E7429EE96E835D
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2018 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\StackView.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2879
                                                                                                                                                                                              Entropy (8bit):4.918905834543331
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:MCdbFTT3QXf8WYwid0szM6RqeRGNfj9TNZlOWIQNydOtQ+y9OMmRQq8vSKSHzSQx:MCd5H6E+iCsAaKj7fOWIkFy9OMeQpAF
                                                                                                                                                                                              MD5:8A40D2C1EC0D67DF4B7380EE96157B2F
                                                                                                                                                                                              SHA1:2550BE9770EF8996F37AE469769321606E907AAF
                                                                                                                                                                                              SHA-256:CFAF9A1325B36060F9E7489E80A5462F11F9FA99E5F78E4DD6D6DD0B10222F09
                                                                                                                                                                                              SHA-512:44893E3226FEE75D6DAC97CA34C6526998B908DE24E9C6423BF1B5E42883B06DE1FA2689564EFEA07DE409D16FDE63A2FEE519006796B475BC49098DFDE415A6
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\SwipeDelegate.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3262
                                                                                                                                                                                              Entropy (8bit):4.81695114339966
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhgCQ3JFbtoMIkXx2M0PwXCrk:nd5CB7fdpF0C3vpoMIkXx2M0XI
                                                                                                                                                                                              MD5:869738000F1E92572EAA2CD8A9BC2AAF
                                                                                                                                                                                              SHA1:F531473E603BCB8DEB57DDC425CE2C03EFA47A7D
                                                                                                                                                                                              SHA-256:D46804EE223180A03C18B4525D9BBEA14E8C4A559908CFFB6924BFD2340BB83F
                                                                                                                                                                                              SHA-512:38DA3A172D40E99F4BAAA2876474FDF937A0400A4F1A3894E3F65C026D55D1BB2D211A36201F2D5092E490627F5E50BDFDB7D2D2854FCADEA99C58FF2C7F04AF
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\SwipeView.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2821
                                                                                                                                                                                              Entropy (8bit):4.8381484195048525
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OM8Q3JFw0IJeSaVzdSw4:nd5CB7fdpFu3v5I3aG
                                                                                                                                                                                              MD5:CEBDA1281CE7EC8EA1D962680730C66C
                                                                                                                                                                                              SHA1:965F242782FAE447EA9BA757E066132D1AC2B545
                                                                                                                                                                                              SHA-256:790F1CF3FA94FD7C7ED4741121EB8DAEF603FCDF07A9C43D1B9B3B147CBAAF6A
                                                                                                                                                                                              SHA-512:C0D666A10E5868B085CCA0AC5B7A0E0C6D93EC114EB5FDBE382FAB1284B8C50756A7373219F0A3150A3BBD201E595E6F17883A9D8983AA18C88E050E401E069A
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Switch.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3947
                                                                                                                                                                                              Entropy (8bit):4.757657645064246
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhiQ3JFbtoMSqq0J4FsAlQo/iRJzT0xeskxJy:nd5CB7fdpFGl3vpoMSI81i/TgWo
                                                                                                                                                                                              MD5:00631CFEE04C7AD041504DB617D36014
                                                                                                                                                                                              SHA1:46921019213C2B2AC33965FB6763EFCDBE19E2C7
                                                                                                                                                                                              SHA-256:D2696E10B1054C586A6264C20A4EA70920D947C2C03A1C0FB8EE1261978F701D
                                                                                                                                                                                              SHA-512:26F25C312555483AE6F54462E3ED9DE5BBF1226FA9B231EDF5FA2956E3611671E3B5000844FF2F7F8032A8E1C83B3C4E7DBEC7DA22B6368445FB524BA33F17AA
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\SwitchDelegate.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4489
                                                                                                                                                                                              Entropy (8bit):4.751534437214193
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:nd5CB7fdpFGu3vpoMcC81i/sLqkXx2M0yZ:nd0Bhp3Jx81lxv1
                                                                                                                                                                                              MD5:8C5871CE80D0FF65E57118453E21226A
                                                                                                                                                                                              SHA1:15B39A26A689B373C5AF907B34C691BDFB0A67AF
                                                                                                                                                                                              SHA-256:558C928F3C74474C829611AA29D54EED9C598E0213943FEE88A54692A81A7BDD
                                                                                                                                                                                              SHA-512:E05DA99F8436E1CDB892E6AA5BB4183C53348D312E7BAC827FC07141C31B4143D24A6715D3D229B4346006A4F3E9EC8A00C973BE1AC3D54F6097705F173C7F85
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\TabBar.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2773
                                                                                                                                                                                              Entropy (8bit):4.839153998426681
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O1Q3JFw0cwlcZiSH59:nd5CB7fdpFA3v5cNIy
                                                                                                                                                                                              MD5:A74E49BB19F90DF902A3EABD598A0A53
                                                                                                                                                                                              SHA1:C43A49685D43F3425FFE4BB409C9BB0DBE640654
                                                                                                                                                                                              SHA-256:54FA946D021F78B2E35B38F3769B036F5943259F86C28B4362E184FAFCB9AD01
                                                                                                                                                                                              SHA-512:8D47E4A041CAF6D758049158F1874E98D1C5923E9DC5C8150219B47A4B3F3548F5CFCF88CB3A03CDBE9D0237A9DE9C2788F41935461BF8F5EFDF3BA8DB864626
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\TabButton.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2987
                                                                                                                                                                                              Entropy (8bit):4.798051662963486
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhggQ3JFbtZckXxNKXCXi:nd5CB7fdpF0Y3vp2kXxLy
                                                                                                                                                                                              MD5:9C1CA9A17DA0491B998E87B62643E567
                                                                                                                                                                                              SHA1:75D4FEB4CAEF7F61657B6127B13C18B6B88F3E4C
                                                                                                                                                                                              SHA-256:777DC9EF7B8278285AF9844E0F465347D321D0F5B9425448E1891F78257A0085
                                                                                                                                                                                              SHA-512:D3FC772CB97A5A9B91C5D4878913150EFBB6E3AA96CFD5D2E056F90D35A862465F4965F2F6C692C9267D772E784E8451669D6AB52C952E49AC4002DB0459CC81
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\TextArea.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3313
                                                                                                                                                                                              Entropy (8bit):4.81341500049657
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhgPQ3JgZLzA9Uujygyi/5Ct:nd5CB7fdpF0p3ONsUu+t
                                                                                                                                                                                              MD5:7522606A7EA70E450F859848C41FC134
                                                                                                                                                                                              SHA1:130B6277CD65CBDDBEA007D22A9B40A7F3EAC14C
                                                                                                                                                                                              SHA-256:F912C4DF59C22B53F85F0BF0C5C7BE178DFC66CE2C328C86598FD6C931ADC1A8
                                                                                                                                                                                              SHA-512:7F205F9BE5189BE424E210AD461675C2A44C58A0DA1C1763A7FC4B141CBC10448172C4B59B3FF2A756CD8F9E860C28F010499256ADE1C392C3899AB198A4FBA6
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\TextField.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3571
                                                                                                                                                                                              Entropy (8bit):4.831582188655847
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhguQ3Tw/nP0p9Nj+jygyi/5CyswXZA:nd5CB7fdpF0G3TcszNi+yS
                                                                                                                                                                                              MD5:1DA0C6339D4E766DF8F478C718CC19FF
                                                                                                                                                                                              SHA1:C7A79E0772D9D97E86E614284638A89752EBF0B2
                                                                                                                                                                                              SHA-256:8F792EBEA56C72FB291DFCA0DB0C5D93A1782924781008E355504F5F14AB59DB
                                                                                                                                                                                              SHA-512:5A39FCD79913AB20D71D91FE400FFB535509E22993D3C6EB2B0B6BE32589FD61F4059FF16D35327377BB2E885FA4FCE7F3AD965A7CD13F684ADA7D1D25B579B2
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\ToolBar.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2343
                                                                                                                                                                                              Entropy (8bit):4.839387606601536
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhgwQ3JFw0YX5:nd5CB7fdpF0s3v5g
                                                                                                                                                                                              MD5:FB466EBB67A6A80E86D318EAEF23E359
                                                                                                                                                                                              SHA1:C83442D520026EC261BD31479FA80F6FF3EBED01
                                                                                                                                                                                              SHA-256:44EF02AD2FB1680D9C8F07E860F31F6559D317688211D6866A48A7D9F61779FC
                                                                                                                                                                                              SHA-512:C46F838DAE07269BA496F38C1B1119C5A9F9BCEA9DCF9B975519AEC350209F827623C74A2412FCB66188A11BF9A5F57A5512720BC8AA41790419848E12234DAF
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\ToolButton.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2998
                                                                                                                                                                                              Entropy (8bit):4.8220367527818055
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhgjQ3JFbtQkXx+ww3F2:nd5CB7fdpF0h3vpQkXx+L8
                                                                                                                                                                                              MD5:EF218CB8A8AD482B657573BD7BF1D11E
                                                                                                                                                                                              SHA1:0880EB6098F5E2FF13D5B4130CDD53CF10FBD0FC
                                                                                                                                                                                              SHA-256:CFFA07A4B74ED396E974854782CA8AF88EA8938A99D6A4CF00808133FD609F0F
                                                                                                                                                                                              SHA-512:2231A1AA47A497126AE67B89F76270C5EA2BAEFD4954BB90BB9D33B1DE6C4383678BB4CA9FA16969A057925B8F7F4204455920859CA2E814B75F32805E33C606
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\ToolSeparator.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2492
                                                                                                                                                                                              Entropy (8bit):4.8422185369621795
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhgmDQ3JFbtUiBuXA:nd5CB7fdpF0G3vpPIQ
                                                                                                                                                                                              MD5:632F3D71CA4A76906A199FC0C6CA735E
                                                                                                                                                                                              SHA1:AE225C531BA08EC3C7809093E3FCE347822916F9
                                                                                                                                                                                              SHA-256:7CB420E0DDE01C0B43B97FB0068CFDC4B48802201583098F5ABF129D369FDDAE
                                                                                                                                                                                              SHA-512:5C55398B8B5855D056E4F9AFCA4F687B2D8C4295F67E98AA2B029B99C94BA8A1D0BAD2E0768A7A3918E517CBA3589F89CDD48ECD10C38A3535E606CB761AF8F8
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\ToolTip.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2763
                                                                                                                                                                                              Entropy (8bit):4.861346233395539
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhgwQ3ohgJFw0JWO:nd5CB7fdpF0s3Fv5JB
                                                                                                                                                                                              MD5:A43B5FCFA6BDE733516CD4250DE39BA6
                                                                                                                                                                                              SHA1:40AB2E0C3EC63FE53EDF25100EE25AED14DC466C
                                                                                                                                                                                              SHA-256:9ECD0A2492D7E7CC41300688497A7F9EF312164173C3BFA59D619C513C36A843
                                                                                                                                                                                              SHA-512:E83780D602EC46E0A6E7D2BA65B3140F942625B2AB7098139FCEDACB829FD2C097B87F30DF61638C28A2BA1914F42C7B4630298BC237680F787BD9433FE4BA3A
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Tumbler.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3289
                                                                                                                                                                                              Entropy (8bit):4.813708726729087
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OMhgwQ3JFI4Ctf9KuGlZusHPwLA:nd5CB7fdpF0E3vI1UrwE
                                                                                                                                                                                              MD5:41B49164E4FEB96D77779D1430D3AF6D
                                                                                                                                                                                              SHA1:5FC6ACC09EFDB6354F676772C06871BD6CDA04A9
                                                                                                                                                                                              SHA-256:FA93702565F433661EC3CBF5B9A19A491F59FF92C6B3D45AE83C3FEF44FBA27E
                                                                                                                                                                                              SHA-512:327F66898AFA927E722F0494CDC68D4424F6A11307E2D47FBB67FA7A12E22252262FAF15C1E68397A836CA5B9AABC68166092F5D56F234B226544126C3DDF6C7
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\ApplicationWindow.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2442
                                                                                                                                                                                              Entropy (8bit):4.86493156112326
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OC9igaFk+BrvTd:nd5CB7fdpFxNF7d
                                                                                                                                                                                              MD5:30922D0121AB46D783CE0BAB31858914
                                                                                                                                                                                              SHA1:EA686E62CAA788CC849478521D6163F9F5FE7DDD
                                                                                                                                                                                              SHA-256:EE81D32E871BFD35E69F8D16D3FBB532B048B118CD36E86800198939DA8AEC29
                                                                                                                                                                                              SHA-512:23A191CA9AD0389DF183B12A1EFB54473975360EE0AC57C39CFF3D60CCAB8EB4119E69FA387CD80F3E0DBCF10EE5A833E8602ED4188488223DE6723B36E442C2
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\BusyIndicator.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2614
                                                                                                                                                                                              Entropy (8bit):4.866256211674586
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9igaADQ3JFbtlSIryy:nd5CB7fdpF6Nv3vplX
                                                                                                                                                                                              MD5:6AAC2170F96C64FC76DB9495FA8CC758
                                                                                                                                                                                              SHA1:1C1BB6B6348DE7F5ACFECC70A33E5E4D9CE29DB7
                                                                                                                                                                                              SHA-256:2BC48326FF3F96C9B45BDB9F40D58C4247F0A3FAED1B6162053E62900DB29681
                                                                                                                                                                                              SHA-512:7B01D6C7DEBFEE278C3E1798F068F6E677473969188CF6AF88FF6BB94D1D70429970D285322CCC9B98B1C1C0CB47AFA82FFC7BEEEEF3A24D8B9F265751E29032
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\Button.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3611
                                                                                                                                                                                              Entropy (8bit):4.7680902199349715
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhgiaQ3JFbtdCsuI/kXx5QwMyUbcAx:nd5CB7fdpFGn93vpXkXx5QQUbB
                                                                                                                                                                                              MD5:11876909BD8C572FCF9C68D861D81741
                                                                                                                                                                                              SHA1:344F99132458B884F2D194E24AA81A64D973C900
                                                                                                                                                                                              SHA-256:0BAD423B02C2011707A175A5A0419012D76CB347564E2B755D1556332CFEEA5E
                                                                                                                                                                                              SHA-512:429D31F52DD66D2FF6BA7AB0C57BB44FC49F98BCB1116278BFEA3428BFA0A321A48DBF294791590541E502B6C4DC31645F3CA80C4C364FAA1BD89E94EC5FE497
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\CheckBox.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3231
                                                                                                                                                                                              Entropy (8bit):4.833735206635413
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9iga6QQ3JFbtoMJ510J4i0xeskxICUlLQ:nd5CB7fdpF6N03vpoMYRgWpD
                                                                                                                                                                                              MD5:1E7B9504E295508689B5970DC46D0BCF
                                                                                                                                                                                              SHA1:165AF8EDCCC0BD2F1194B4C7ABC2AA01906CF23A
                                                                                                                                                                                              SHA-256:5D949874D613C39F067E6C8AEDCED87C89041D812C82C8C9C99A940FBBBE6DD0
                                                                                                                                                                                              SHA-512:E6E3129C374F0C2E52D2CA70F87B8109EBB949CE40B0F15125C92AC3CF77A419818543ECC3541ADBADD823A703B503481DC51794B7DCBC97EFBF5B4501742901
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\CheckDelegate.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4189
                                                                                                                                                                                              Entropy (8bit):4.819183062317373
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:nd5CB7fdpFGnNi3vpoM24SickXx2MIb+n:nd0BhpFJ245xvBn
                                                                                                                                                                                              MD5:EA2A891E3ABA55F35659D09FF6234EB3
                                                                                                                                                                                              SHA1:E6D71E1AF8A90B52C609395F55D3667C67EAFC63
                                                                                                                                                                                              SHA-256:CCA48AD0B22E517AC4487713563498EF4C742773E9523667FB89EA16CE1F5384
                                                                                                                                                                                              SHA-512:E46C4BDD6AA941751503D42484B1B55F5B96D6C907044E66A979633C0F632C925287B6147AD348379A13A0B3D2BCAB6A71D642B089B7F12D1AE3644CBF5E3488
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\CheckIndicator.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3964
                                                                                                                                                                                              Entropy (8bit):4.847429026644494
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhgifSv1aTHliQ1WQMaLb:nd5CB7fdpFGnfgoIQEu
                                                                                                                                                                                              MD5:61CDD8891A294B6B2494E99C618867AA
                                                                                                                                                                                              SHA1:2EFB0001159C56776B8990D4D8201AECF662C346
                                                                                                                                                                                              SHA-256:D1A8C5BB4368D063188614F256104D10B51D0AD1932B3B12E7E5F5022BE718E1
                                                                                                                                                                                              SHA-512:31D5D96F7FAFF791A61DBFFB58B61E9021B9B4A2CDD53C30BB367A3A940B4463675ACE7301B5317351BBEE763134E66A31DADD4E5F59BA46037FBE1BA6C1CFE5
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\ComboBox.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):7147
                                                                                                                                                                                              Entropy (8bit):4.739793868011712
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:nd5CB7fdpFG3vpoMktW0UpMbYRzH/Yru94+q6JQ:nd0Bhp4JkQlXhAuB8
                                                                                                                                                                                              MD5:A3776592653DAE5F62961D696BA09731
                                                                                                                                                                                              SHA1:1BBD4E1268B31E01AFB0FAEE96B04CC209C135F8
                                                                                                                                                                                              SHA-256:300F8A895A7691D353CC890F64BF2D09E84D77F1E1CFD4C6BB181AD8D963BDDC
                                                                                                                                                                                              SHA-512:FB39A5528F0A49626D176DA7E8E02749044810781E96237A6C703332637C2A1C4E370E19F73894661B0EEF8070B272A7644E7C50B32D89901F81E87DBED4A3A0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\DelayButton.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3597
                                                                                                                                                                                              Entropy (8bit):4.76073627095022
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9iNrQ3JFbtdCiwrE0TCEGlLLdvyAuKzbcAx:nd5CB7fdpF6NU3vpkr4vdaAdzbB
                                                                                                                                                                                              MD5:B980189F05C5741173E22F64617CB55D
                                                                                                                                                                                              SHA1:DECD107743FDC3EA0A3D6B7143FE5EAF2E32184D
                                                                                                                                                                                              SHA-256:06AB47615A79986D559A5CB7FA39B6D54D12DBE67C4AEC1265345B30459AFB27
                                                                                                                                                                                              SHA-512:B94A65E82A45CD2394C272405AA410020072C0992127E86AE2FEA37EF100C63BDA5AA40D2E72F24DF897FD54034588B166D8DFBCCBDD0EE32FDBC007C69ED4C8
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\Dial.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3648
                                                                                                                                                                                              Entropy (8bit):4.790213481862165
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9igQ3JFHCtLFPif51ca5f93ori52/9yiX3FJ:nd5CB7fdpF6z3vCB6f5V1si5G0inFJ
                                                                                                                                                                                              MD5:F86A18F068D4B114D1430152FEFA2152
                                                                                                                                                                                              SHA1:D585869C1E698B95EC300C979F23573C6693EA8D
                                                                                                                                                                                              SHA-256:CA78F83176C643CAAC68AA49DDFE09302B5ACBBA09CAED32804925AFB356C0F5
                                                                                                                                                                                              SHA-512:461843598BECFD9BE8196C3D84A9146733A47692AE1BB861DE378729DF25729C68426DCC53BAA79E4A97871D96C72E52C94AFB23A8F9590BA64470A16340C3B2
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\Dialog.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3544
                                                                                                                                                                                              Entropy (8bit):4.780414940069658
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MiWQ3JFm0QuLYupDDaSERbLXz5/15Uxb:nd5CB7fdpFLZ3vn3L/p90jW
                                                                                                                                                                                              MD5:983488B33F7B24FAEB8AD92D60CFF4D8
                                                                                                                                                                                              SHA1:11B29462C0EAB1AA5C854AC5D491656DCB69DC49
                                                                                                                                                                                              SHA-256:00740BC73B27262B9F14003A5C86854596F2606FD1F0E20941E007D6A64D678E
                                                                                                                                                                                              SHA-512:B9DAF80DB07128859815814D5D48963BB0A055503D2C7EB7724C439FBCC699635363A4AC78FE531A8587836AB9F689CD5BB31CD39E3FA969CEBEBD8EF207F56A
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\DialogButtonBox.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3141
                                                                                                                                                                                              Entropy (8bit):4.877469106235129
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9Mi3Q3JFQeGYtaC82GwRCwec8P:nd5CB7fdpFLg3vQeG0aC82G0CH9P
                                                                                                                                                                                              MD5:A01F36E0280CE5B1C7B45F5BA6DF6432
                                                                                                                                                                                              SHA1:B6CB5C6EB8ACB74E2F3280237E9E55FB6CE24028
                                                                                                                                                                                              SHA-256:E64EE9833E08D9E2C50AB44889748890B82DFB759A4B4D02599A7EF915F991DC
                                                                                                                                                                                              SHA-512:CC2DF4237ECB1A18B14C1EB52A07453D170475CB6AD56E95ED858F3FF27C8A82D600E63858CAC85DB6595940641C794EE0AED84FE5BD2F40A09316C357851954
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\Drawer.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3272
                                                                                                                                                                                              Entropy (8bit):4.855458889295017
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9iPQBJFw0t/hnMRxWQyxb:nd5CB7fdpF6YBv5Zh
                                                                                                                                                                                              MD5:F0FA93B831920358072547A9B83A20A8
                                                                                                                                                                                              SHA1:EC661FF54B0E1294E1E68760B5254B01C673AE01
                                                                                                                                                                                              SHA-256:27DB95473D7270B21036E7F7E5EEA66F63D606E134CD3C7A108DC398929670AD
                                                                                                                                                                                              SHA-512:B051476CC81C3D802DE182F2869878A367809106C3F0F64973C08D2D240B331BD110CF65A200FA3A2CB8726D303C60C0DF310058E830BE0C9FFDA8CABE34A263
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\Frame.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2362
                                                                                                                                                                                              Entropy (8bit):4.840196634832251
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9iXQ3JFw0Cb:nd5CB7fdpF6A3v5C
                                                                                                                                                                                              MD5:3CE69D346524C41D081C5471B672535F
                                                                                                                                                                                              SHA1:A6394A4198094D8E468C422CE3807EB3DA578F3F
                                                                                                                                                                                              SHA-256:7A4E835E35B97A4EE774042C45DBD1B1250D80141D351734243C2FD25F938EFF
                                                                                                                                                                                              SHA-512:FFB40E1A4059EA9517E710B2239E33799A54768BA7F72C981DA58B707B2D685F8D37459C9F32369B9B2109C5BFBF9220FC3397FF70EA9C211F9C9912B943CBBE
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\GroupBox.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3031
                                                                                                                                                                                              Entropy (8bit):4.815424548202451
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9iqQ3JFd0iva9WLCUlLjjxVb:nd5CB7fdpF6N3v6ivaIOKjn
                                                                                                                                                                                              MD5:28FA3B9968FC0E1369E0EC0E6F3962F3
                                                                                                                                                                                              SHA1:356A461F7A6F569A8B37FF8A1CA0D63616DB4A0A
                                                                                                                                                                                              SHA-256:F795B3BE2A6D4A5885D54CC00A1ECE95EBC707A11DDFBAE20546CF46673D07B2
                                                                                                                                                                                              SHA-512:3C30DBFEE33949D24B55184FB620F080A65069EE04B89958E4C04028C9526DE5FB6C5F97CAB7641CA66C4A43981A697C6FCB9F0ABB10E971E76FB1ACD7E54E25
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\HorizontalHeaderView.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2999
                                                                                                                                                                                              Entropy (8bit):4.823707297757387
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:M25H6E+iCsAaKj7fOWIkFy9lvx8cqQ399tqYVtXFbbUWlF:L5CB7fdpFY35qYBb1
                                                                                                                                                                                              MD5:057253DD05394B9B0BA19E242A7C03A7
                                                                                                                                                                                              SHA1:48C95205EA7D791680F624E93F220AA9D8A26498
                                                                                                                                                                                              SHA-256:7359789F86AE8789F63ACF3566662275CEEA14CD2F973CF4E9724C13408D7073
                                                                                                                                                                                              SHA-512:47A1D0E0BEBD6595F1BC07DA9417BEFF15F84EACF2EE3C3796447E341E3FC2005C269C20604802DCF16E5D0AE280EA53256125284ED122DE3A5A8C73888DCF8C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\ItemDelegate.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3649
                                                                                                                                                                                              Entropy (8bit):4.82315689006633
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9Mhgi+Q3JFbtoM2Lu8kXx2MDUb+n:nd5CB7fdpFGnB3vpoM2bkXx2MIb+n
                                                                                                                                                                                              MD5:41D103DFD6FBCDE9575E4ECC41C7AF56
                                                                                                                                                                                              SHA1:FE4453DCEC366E3895A1D59880B9A2079C4BA277
                                                                                                                                                                                              SHA-256:2BBE9E32EA491CAA7BBCE03064CB3E9329D660A01E107CD6BE2AD62BD4778FE2
                                                                                                                                                                                              SHA-512:0C83963D1B3D68C933A2C7DEE78E689EF4130ED6BD217E511D927AC7E2B045CFD58597708A97342D0C6A0C938EF5EAA471096B1617657975174CF50C3900B1A6
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\Label.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2013
                                                                                                                                                                                              Entropy (8bit):4.823214903186843
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:MCdbFTT3QXf8WYwid0szM6RqeRGNfj9TNZlOWIQNydOtQ+y9O9efFpdqQWyTQVNs:MCd5H6E+iCsAaKj7fOWIkFy9O9idqQ/1
                                                                                                                                                                                              MD5:68118E5701B958BDB5ED8FA8CD5938D6
                                                                                                                                                                                              SHA1:10CF3F2773B27BA97EAA4E9248FEE8E47C48652C
                                                                                                                                                                                              SHA-256:CC3264DE0EF9416C869D7736EE50A30310E267D6EC890F3DE741E56A6D3608E1
                                                                                                                                                                                              SHA-512:4BBE100386809F48671D50446059705A7C0B8D9ADE979ED0607627A5E79F78B69099648C6D8304CFCA96BE4088CDBA42A8F9225D11883979FAE368F1F3070851
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\Menu.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3188
                                                                                                                                                                                              Entropy (8bit):4.817952074436946
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OM9ig15Q3JFw0cw/NtPCccswXnaSE8xb:nd5CB7fdpFvuS3v5l/vCcc1B
                                                                                                                                                                                              MD5:BD84F0660D08F74C3F59CA06C3A720AB
                                                                                                                                                                                              SHA1:3FD62D094C83A1B6515F19174AE3D430490BD510
                                                                                                                                                                                              SHA-256:BA728FE4C754FCA8A6D9B1A08A114928FE28A0FEBF947DF3B9EEB46058ADD387
                                                                                                                                                                                              SHA-512:96CD5D78461F1BE5A5A69E738DD16E4C34C6D6B5E6A87DAA57BDBF61E4939F51D36AD74128766DD3A9A30249409E62FBCA225AFEF63801F7284E4977BAAA6C7B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\MenuBar.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2568
                                                                                                                                                                                              Entropy (8bit):4.835909043606398
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhgiuQ3JFw07mX3b:nd5CB7fdpFGnx3v57G
                                                                                                                                                                                              MD5:6505E480F2B9926D4D2C3E5FA891545A
                                                                                                                                                                                              SHA1:0653562C21BC00F36A09BA5E624508DB7E822F44
                                                                                                                                                                                              SHA-256:C76E6D27C2E549924D626F3035E50C6ACB5C80C1E27F6F2E563DC8B7AD07DC09
                                                                                                                                                                                              SHA-512:7A3A7854A0C687FEFCA9B2BF28E02BD530E0DBE6900BE6F0D1572FB719F2A954D74D8CFF81ECCE86697A8A383D0889A33CF05A62E9C82DF59E2EF53E4CCA1ACC
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\MenuBarItem.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3579
                                                                                                                                                                                              Entropy (8bit):4.788049528540249
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhgiBQ3JFbtoMruLyZkXxp0ww5Pa:nd5CB7fdpFGna3vpoMRZkXxaFPa
                                                                                                                                                                                              MD5:5156BFA9A79101C234B9104A3860ED35
                                                                                                                                                                                              SHA1:C67A1E5141B65C476E0DC3C6B3210BA943C8EF71
                                                                                                                                                                                              SHA-256:AC73F4E0DFBFB169BDD0EE604D3DA70A935C813262F49117E9D9EF7CEF9C460C
                                                                                                                                                                                              SHA-512:A738FA57A38E929943BC740F3A0FBA0FD4A6D7316DEA6DA64C0F80235390DA9C0CE4F02FF238F56AEFF74F423B08F48CF1AC6052B8834D49CA743D0C0803CDC8
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\MenuItem.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5073
                                                                                                                                                                                              Entropy (8bit):4.803398406819676
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:nd5CB7fdpFGnJ3vpoMRPQskXxZyas4SRPa:nd0BhpuJRsxZlspZa
                                                                                                                                                                                              MD5:E6B30F84CB41750DA47EB3EC0170E226
                                                                                                                                                                                              SHA1:63CC56C19796A4482471B6C7A48863F6AD754B6F
                                                                                                                                                                                              SHA-256:AD00BA11BEF803203B3B68D08C17D26B4848546847D3EDD7802D968A6ECC3723
                                                                                                                                                                                              SHA-512:AB06AB8090F4B50BB18BFF91D08B3C3741818F4F511CDB1A7B6B4AF58BDB0782AABE3AAA9157B9BB9FB1D9C3B25C143B66E87A7D513BA3C7B5123BDA2C688762
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\MenuSeparator.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2533
                                                                                                                                                                                              Entropy (8bit):4.846356002102557
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9icDQ3JFbtMu0b:nd5CB7fdpF6T3vpMF
                                                                                                                                                                                              MD5:6B0C18B69818DE385FF38137747AF21B
                                                                                                                                                                                              SHA1:DFCA99F3770E59D0338242859CB63D30DAF5DF8B
                                                                                                                                                                                              SHA-256:BE42D1BC196BA6E2849C0B536F5B8B9532CF9A212B8838E88C431E3135F040CB
                                                                                                                                                                                              SHA-512:E97817510C45709C990B9F2C75758658BDEEBE7CA88BFC47C2488B1975644E1FD60302997098061DA814EB53650217EB651C8B6E9C24FD1CDC01D48FB10DFA35
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\Page.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2585
                                                                                                                                                                                              Entropy (8bit):4.772316352792342
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9ilQ3JFm0QuLYup1:nd5CB7fdpF6e3vn3L/p1
                                                                                                                                                                                              MD5:38CCA49F231D57566EFFA74E188DBFA8
                                                                                                                                                                                              SHA1:AEBC934932605C2F6BF070DDFD38A766CF910E31
                                                                                                                                                                                              SHA-256:54E4BE75E5355BE1FE22E0B16C51FB81F974AF9FCA4C487D78E4AC4AD391B214
                                                                                                                                                                                              SHA-512:99F74FFE7F05FD29A2CC92542B6FD5D415CF373CF1CEED17FB2F33100AF75AF9099787A935504790F9E7F309AE59C1A55600D291F1BACF2DCA1C0D004FB377E7
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\PageIndicator.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2769
                                                                                                                                                                                              Entropy (8bit):4.791992195558291
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9i6DQ3JFbto6qEOFZZ:nd5CB7fdpF6Z3vpo6Tgz
                                                                                                                                                                                              MD5:D68B0EBE4F30F47A9FA2A8EBB8719044
                                                                                                                                                                                              SHA1:9A068AD807DAFD0D7C093296849322C26DDA5AD0
                                                                                                                                                                                              SHA-256:5B42D3E817DFFEF20F3328BBB73F89E11E52F32C5359DE999D898B09D7747FF6
                                                                                                                                                                                              SHA-512:E98B2A9D14809DDB7F91378541A9467B04F630F4FD604CCE3FDE9C71D9A45608600F17D38CABFAD66D37D095D4A9708A3271CE9CD59E7B4D68060118326D3809
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\Pane.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2312
                                                                                                                                                                                              Entropy (8bit):4.836628797705159
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9iUQ3JFw0j:nd5CB7fdpF6H3v5j
                                                                                                                                                                                              MD5:E2EB84D9C62821F21DCDD802F873CFE2
                                                                                                                                                                                              SHA1:DB2959EFD8F76317AB662513F8083C61F68977A7
                                                                                                                                                                                              SHA-256:09EACE0320CE3E20AD80D2FB3A9E7E6F1D42C0EB2F84C2EE569AF4345F1B28CB
                                                                                                                                                                                              SHA-512:62A6CEAB8F7BEBF75DF99EA9FA8CD859A2D0B800E5CD3FD2F58AA2C8499CCEEC9EB856D50575BF67E9C44627BA2453ABB592B8DB0A1BAF2B43F05B0A13EFBCF2
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\Popup.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2618
                                                                                                                                                                                              Entropy (8bit):4.852512229773011
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9iwQ3JFw0jaSE8xb:nd5CB7fdpF6D3v5ZB
                                                                                                                                                                                              MD5:96811F768438E70DEB8BE62112EB8571
                                                                                                                                                                                              SHA1:A9BF49AB45008EE53FA6A60061CEF11056E96F7F
                                                                                                                                                                                              SHA-256:FCD0CCF5FB6E7B20FFB06E7AA4A0F49C18BB6A5C832A5E3B5D0F72EB8FC857E8
                                                                                                                                                                                              SHA-512:ABD9ECD915221AA3FD1723D30C68C48BDA166ED0AE3E562367C9257B34481754EB7C8E07F6F3062BE8D234A065F97FA1035EA548419FD2A4628B389E826D8852
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\ProgressBar.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2783
                                                                                                                                                                                              Entropy (8bit):4.822722121007662
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9igaiQ3JFbt8z2rozak8PjfcxfkPb:nd5CB7fdpF6Nl3vp220zanbAf+
                                                                                                                                                                                              MD5:919BE776133310D6C9EFC17B64F7BF39
                                                                                                                                                                                              SHA1:3038245521C3059E1A092C54F327F3EF8D023E62
                                                                                                                                                                                              SHA-256:CABAD8F6559EF0A38D87A5C7BF8504C3448B8364FCBB8CA4810198D34E74FF94
                                                                                                                                                                                              SHA-512:66D0907A356535CB14CBE7171EF87F24DD81F5472CDEAA63F8D44639F1C0DFD134B05A227814842E2D419C84EF0FFA59B1814DEEAB703F5D4389E946C9CF2DC6
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\RadioButton.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3234
                                                                                                                                                                                              Entropy (8bit):4.831819684485204
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9igaFQ3JFbtoMJA10J4i0xeskxICUlLQ:nd5CB7fdpF6N+3vpoMNRgWpD
                                                                                                                                                                                              MD5:47B37B8CAFC071F3782645DEE264A0F0
                                                                                                                                                                                              SHA1:B7E8D3D5557BCA1095609CBB154F72E6123B2D7F
                                                                                                                                                                                              SHA-256:D045CAC3BB3EB18F555C1BA2E18DB8D29F0BA0618E1C031E430D4E0FEB3225C4
                                                                                                                                                                                              SHA-512:8F4C9D1FD7D5EDAC9463D1D6F2290DFD07DABAE1D91239F4391F9B94F559D6E43F891424C861E7BC135544FE32EE9FA01E4F73CFA443566DE94B2D593FA808BA
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\RadioDelegate.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4189
                                                                                                                                                                                              Entropy (8bit):4.818559974021103
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:nd5CB7fdpFGnNt3vpoM2VSickXx2MIb+n:nd0BhpkJ2V5xvBn
                                                                                                                                                                                              MD5:F04B8D57B0CF35179A39A63C3B498BF3
                                                                                                                                                                                              SHA1:5B013B2BECDFC98DD6DED7BB61E75E03389EA954
                                                                                                                                                                                              SHA-256:A8A0C6E167CA215BACCAD9E343D11A2F259909C88E3B1DC88ADC8B0629D5261B
                                                                                                                                                                                              SHA-512:ACF92D3FFB610B78839A0A7302761734630286A702CA98AAB32132CCEAD81268AB1595D52D73627DCC5D0024A9372F4AD44C316D600E879032F5EC58734475AC
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\RadioIndicator.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3462
                                                                                                                                                                                              Entropy (8bit):4.757964754620368
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9OifSiK3Iyrr8NL6uryAsLNb:nd5CB7fdpF4f2VrINz2As9
                                                                                                                                                                                              MD5:4E23BD6C4A28E57D4314EEC0C105BEBC
                                                                                                                                                                                              SHA1:5355E64D346609C314E6BC31991F920C72C5F160
                                                                                                                                                                                              SHA-256:E44305CC55790361E327EE9A4E03231070848B9D606F854E6A43638310AB91BF
                                                                                                                                                                                              SHA-512:161294AD1257FF277F72C328F4C75BB9B84518861B15C51FEA2490503D88F2DB965F9C46022B5BDAD30041283A4262D36B146359931A32523AEF7E132A091067
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\RangeSlider.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5735
                                                                                                                                                                                              Entropy (8bit):4.762434213586017
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:nd5CB7fdpF6F3vqStm7KqO6oLF9PxJrF9i69xttQ:nd0BhpLSEGAox9jR95Q
                                                                                                                                                                                              MD5:D0E7BD67863F9214FC91B2DD744F5C97
                                                                                                                                                                                              SHA1:08F3738040BD9886598E6E513CE9CBCEA5E4674F
                                                                                                                                                                                              SHA-256:C6EE80AA856F618C3FEB777EB96C329AE7B57D2C53D990BC34548B4CEAB68C98
                                                                                                                                                                                              SHA-512:1EE5EE2BCEDCD5431CFCF48E6396A1D317E69C0635ABED0FF43F1724659D42C4F94CFDD0E9404BE50A82C2910CA29762FB43FD734E34065D7EF92922E4C501F5
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\RoundButton.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3650
                                                                                                                                                                                              Entropy (8bit):4.756460909764809
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhgiCQ3JFbtBuI/kXx5gwMyUbMAx:nd5CB7fdpFGnF3vpdkXx5gQUbx
                                                                                                                                                                                              MD5:6A1A1A3594F7FCFFCA535F343C265D07
                                                                                                                                                                                              SHA1:A833CDCCE738182AC3F7ECF1D670BF51F7485E95
                                                                                                                                                                                              SHA-256:4830165063CEA46830FE37DDEF5695A1372F3ADCE5B40CD97A17753904E3D091
                                                                                                                                                                                              SHA-512:C068764410453E56A0B34CD4AE0EFEAE2CC1C20EC45E9A4EDBCC362545DC2AA305F14CB56078893D2FB8B3E9228FCE194604B76F4E080064A3E0E0E17A8C30FA
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\ScrollBar.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3798
                                                                                                                                                                                              Entropy (8bit):4.833929967744693
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9isQ3JFbtbSQuWfEJBNvjiykDPxEXi4PxZ:nd5CB7fdpF6f3vpb1uxlKPai4Pb
                                                                                                                                                                                              MD5:A3E3A50AB10788C00A13998D8B60084C
                                                                                                                                                                                              SHA1:C27B825B3144D8C9659F604EB4C54610029CF775
                                                                                                                                                                                              SHA-256:D3A2C52A2B4E31C545EABE98223ABB046A420B46FB933FFAC4785014D3BAF58D
                                                                                                                                                                                              SHA-512:174A1C30FCBD50DB8261C38FEF4846D02DEA363BFE69EC2D1C42AA1E35086BA4F30191BF3706B92997D6907A93A89598A88D1D45EF850AD85853ABA525FCDDED
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\ScrollIndicator.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3070
                                                                                                                                                                                              Entropy (8bit):4.707917185138538
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9isDQ3JFbtSTBNxickzXE8aXH:nd5CB7fdpF6D3vpS1KzaX
                                                                                                                                                                                              MD5:D80721F83A475CA172D3AB390278D683
                                                                                                                                                                                              SHA1:E8E32AEAA1EA069BB01CFD814A2EE10BC9FFAE00
                                                                                                                                                                                              SHA-256:31409DC791AB9690F9ACB1C5581C9EAA60187C12169A249030EC0A22D07ADD69
                                                                                                                                                                                              SHA-512:989ABBAC2BAFC6853408D6566DE2E6B83D3FDB0F3BAD5D974A4C36E06E03B590C611C8E9610935E1DFFA285D20C426E4C140EF9B07E299371D43C6049A3EC157
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\Slider.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4658
                                                                                                                                                                                              Entropy (8bit):4.799331765263338
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9ifQ3JFEITdd86EAwWKm6EAm2FLF9d6oAF9miwx:nd5CB7fdpF6o3vjZ2t6oLF9IXF9mi0
                                                                                                                                                                                              MD5:A483F67E851CFE81A3BB3288E11D6D77
                                                                                                                                                                                              SHA1:116ABD889A39EDF699A2C4B68CE6D4B88EBC003C
                                                                                                                                                                                              SHA-256:4E25E9C7BF52800675D934BB24B5F2BBC7BEE91F0B139CAE6F934D453E354EA7
                                                                                                                                                                                              SHA-512:DC7E84A05EC92731C78F807125D95314E73D535D9A0C114BFF6581C141CAD807B91C46AA4896CAC7E5F5580BA3B96FB0EBD48D57A378CADC0697151F6CFCCC96
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\SpinBox.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):6648
                                                                                                                                                                                              Entropy (8bit):4.72624143810639
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:nd5CB7fdpFGnh63v5MRkq3JCjKB+bCSQOQ/ra:nd0BhpXhQCQWa+
                                                                                                                                                                                              MD5:71AD2135502E88D66B0781143923CAC6
                                                                                                                                                                                              SHA1:99EEF2C55E9F4A6171605656D28EB390094E1497
                                                                                                                                                                                              SHA-256:44B096B4415E7CB19082F58086E0F5E1726694F206A4364872A3C360953D7052
                                                                                                                                                                                              SHA-512:FA45DB83E3DDEFC981B4380657B0C5709BC345D859449BC264F1DE9FF789029D82912BD5C6F69D0392A9A98000FD428508139D064EE2C3F44F33ED134098F296
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\SplitView.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2682
                                                                                                                                                                                              Entropy (8bit):4.878133413550622
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:M55H6E+iCsAaKj7fOWIkFy9LixvRQqJFbtyz6t1:U5CB7fdpFiqvpy23
                                                                                                                                                                                              MD5:3ACBE1D1CE8AB0CC2BD7823FDFA4A2FB
                                                                                                                                                                                              SHA1:4BAAD0103B2EFDAEF9FB1C2B7FD742A2E9DFFD32
                                                                                                                                                                                              SHA-256:B05DA2F982432D6BEE7604DD04E0E8FF5D5CD160E4156A71C27AB7F1D7FC619F
                                                                                                                                                                                              SHA-512:E3EBACBE12013E6A690E6E9DAFEB09E43F276F1C9648CD125F8A68552B84CEEAE47ED727AD16603178B0F7477B03236AFC96E811CC33B206EE114C46FA350BE7
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2018 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\StackView.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3388
                                                                                                                                                                                              Entropy (8bit):4.8990700467566635
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9ijQQLet9LGtDFLfCtP:nd5CB7fdpF6sQLet9LGtDFLfCtP
                                                                                                                                                                                              MD5:0845F8209BAC4A8AD3409DBDA985AE6B
                                                                                                                                                                                              SHA1:F143660B4B9FC3E107D798121A995038585ADBE2
                                                                                                                                                                                              SHA-256:1FB2C1779F30B431D2BFF35948DB799AB409528F39742F2325BF5601E5EDB7EC
                                                                                                                                                                                              SHA-512:01FD4E84AB2353936220F36F3A80A8A5323DD5D108F9F3985384B495CC9947A33875D2604ABD4406944FEFB1A8F0F3B43E9606DA25200F3D3BB13C506D5C85FF
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\SwipeDelegate.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3841
                                                                                                                                                                                              Entropy (8bit):4.788731261366922
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhginQ3JFbtoM2LuJkXx2MCblE7OG:nd5CB7fdpFGnQ3vpoM2ukXx2MCbW7OG
                                                                                                                                                                                              MD5:E2799AB66803065646838BF4B6059F9A
                                                                                                                                                                                              SHA1:E2B4F672B00CEB5F9A87056DED3308755AAB1C81
                                                                                                                                                                                              SHA-256:A1845B21F9FB5163E00DBE0C2EB6761930DC15CBD04D29C624FD0774849A81BE
                                                                                                                                                                                              SHA-512:6BCE7B2B1CBE8F4BDE8A68A88725091ABC713A32566112598B5ED2418F8CEFAEA4B20E0BAA8CB154D0CA31B14B336AB5027775E5ECAD483944D8E8A62589ABC7
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\Switch.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3230
                                                                                                                                                                                              Entropy (8bit):4.8302682043142635
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9igaiQ3JFbtoMwx10J4i0xeskxICUlLQ:nd5CB7fdpF6Nl3vpoM/RgWpD
                                                                                                                                                                                              MD5:415BC326337D27F9C84C6AF2FE9534A0
                                                                                                                                                                                              SHA1:906D3DCC493BA53667351492BFFFF80D88450884
                                                                                                                                                                                              SHA-256:41D3A1564F0DF044A541CBCF96CCE0404C6909B198C18B5F7A6B079E766EDBCB
                                                                                                                                                                                              SHA-512:61F8B564366EF1A123940BB529B606CBA093DB2C811BE4C2D141BECDACC1B7B1FB9AE00BB825B4CBAF6BA844F7C2B4746D041555DDB8547248E3528C7B4C33EF
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\SwitchDelegate.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4191
                                                                                                                                                                                              Entropy (8bit):4.818843049822159
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:nd5CB7fdpFGnNu3vpoM2ASickXx2MIb+n:nd0Bhp3J2A5xvBn
                                                                                                                                                                                              MD5:00A6BFFB5C8E7EF66140ECA140CF41FC
                                                                                                                                                                                              SHA1:6112AFF0672F25CC5261189241E1856206687F11
                                                                                                                                                                                              SHA-256:6183952A78E9513F90343244FF7FB94ED71FC24329533FBCF983F13A73805E0B
                                                                                                                                                                                              SHA-512:B5360F9C7C4647EE00A5EE660F98E04DB5F6EF889BA6E689F40DA77B412EED93D9B8FF213DBC2E4EBA1CD1F1B8A173A3B2D47F67BE137E3F912DD6D3A52D8289
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\SwitchIndicator.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3749
                                                                                                                                                                                              Entropy (8bit):4.773499896099176
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9i5b76uiN73cfWyTnTY:nd5CB7fdpF65b7EM/jTY
                                                                                                                                                                                              MD5:408ABDB483638C73F45F54B8DFB8750A
                                                                                                                                                                                              SHA1:EBEBA2A6A99A038B96B2559679D42757E9DEC6CF
                                                                                                                                                                                              SHA-256:B43EDACFBC91550236975CE77CE1EC7F0A611E4399C642284BBBC43419E24322
                                                                                                                                                                                              SHA-512:421D68BD795D2958A72E2DF19F9173C83D6657EE256DEC1DBC9B84558AF55A46E0C4695DD43CB91BA797E59A86F09A0086E4AD9A387A26BD8695577785132356
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\TabBar.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2859
                                                                                                                                                                                              Entropy (8bit):4.856566390652683
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9imQ3JFw0mwlc0jisC:nd5CB7fdpF6p3v5mNHP
                                                                                                                                                                                              MD5:92413583ABC598468E5A08F8743591EB
                                                                                                                                                                                              SHA1:DE75EB1671C40C4D6C1076F227E9D67CE9553062
                                                                                                                                                                                              SHA-256:2ED1060C8E0886E36EF63B9F3A401D75E97EF54C16F2A9F3B2DD8463D013A014
                                                                                                                                                                                              SHA-512:F4E5799F9B6CB00C8CD516BD5F6762784910C9DA5858BA17AECD21D964E0BE0EEEA6C5679889567E6612D7A39852736D859176431B00981A88824F2B2699F885
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\TabButton.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3082
                                                                                                                                                                                              Entropy (8bit):4.806664956509386
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9Mhgi5Q3JFbtPumkXxL:nd5CB7fdpFGnS3vplkXxL
                                                                                                                                                                                              MD5:F935656067114BEBE3FBB5E1B060CB36
                                                                                                                                                                                              SHA1:316C55985EE466FD2CD2E6AB1EE7A99BD4B58EC8
                                                                                                                                                                                              SHA-256:13C688005A1D38A943E4C971814067E388F5288F1EAF253244EE444E4456F967
                                                                                                                                                                                              SHA-512:673BFE928F2EDF0F0F7B1504E1CCF6B52CE120F17029FFDCB923A57439DE05D97DD39D87A8EE7C73EDAA48175B6877A9C68F9A4F6DF8A34566F299BF24C70EEE
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\TextArea.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4336
                                                                                                                                                                                              Entropy (8bit):4.801117075800774
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9Mhgi4Q3JgZLzA9Cd7ryljygyy/PCyQMYN6b:nd5CB7fdpFGnr3ONsyaluyQra
                                                                                                                                                                                              MD5:1E396B6F1AE7085E3C629914AE18CD21
                                                                                                                                                                                              SHA1:18039DD354BAE88FB0993F72BB1F4F61540BA30D
                                                                                                                                                                                              SHA-256:541E88FA989E7D56961E7969645E4DA4004BAB7342D9BE5A53452C716B05381A
                                                                                                                                                                                              SHA-512:D503732EE4CE3C9E72F3636D988B68A47DC33553B15F00EB87C49683A40F9F77F1346FBB30035585FC45389308BDDEA9EE24216550A34CA6134565F52A234E9B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\TextField.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4319
                                                                                                                                                                                              Entropy (8bit):4.824043771387485
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhgizQ3Tw/nP0p9Cd7rS+jygyy/PCyQMYN6b:nd5CB7fdpFGn83TcszyDuyQra
                                                                                                                                                                                              MD5:9B0751751CBDC555F47E3286BBB77953
                                                                                                                                                                                              SHA1:8CDFC51C00A7A8DAC5A636ACD0C409BC194CB337
                                                                                                                                                                                              SHA-256:BC9BE32033EC2EF5C9FF140D7F21D12B293557DF6FD285CF467E7AD895D20E53
                                                                                                                                                                                              SHA-512:2FA7A0DC1657F24081A34864A71041F5C4582D9B54A69601A0B9269A6DC0C45D84FD66A1FC62A37EC58BAECEF7D142CE970BBF42912970F1D93016352E034C65
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\ToolBar.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2359
                                                                                                                                                                                              Entropy (8bit):4.849036051905213
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9iVQ3JFw0nkH8Nb:nd5CB7fdpF6O3v5nbp
                                                                                                                                                                                              MD5:AE20FD05FA8EB6037E6FEEED24254E4B
                                                                                                                                                                                              SHA1:74D9C01353EA4B8A14FB93B16D1B2E7CB31BB4EE
                                                                                                                                                                                              SHA-256:31519E86E9522627C42B95685226213CED9EC312997A00D5529847009E0E6789
                                                                                                                                                                                              SHA-512:20275BE170D8B61383146C0CE15E0376736941178662D499AAA26EC97F58E8C488C6393A13F82BD15128DB32480363B4ED3C9096AF97FE7E4CAFF52163420F2F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\ToolButton.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3315
                                                                                                                                                                                              Entropy (8bit):4.835599944070907
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9MhgiAQ3JFbt7uI/kXx5ykHYwrbix:nd5CB7fdpFGnT3vpfkXx5yNgbO
                                                                                                                                                                                              MD5:77E3A69CA01C54E4424820D937D014DA
                                                                                                                                                                                              SHA1:FF23A5190097D083DEDFB5F8215A3DCE8FB7699A
                                                                                                                                                                                              SHA-256:EB353F7EFCB8C77E1ED23EA612FEC9F394D495D5DA4BE3A851CFF9B22072C239
                                                                                                                                                                                              SHA-512:1DCF1DE5A7A70B0519BA0E6F1B8631BDF5D1BC168703454AF9D0365ECF05527F9B3156420D471DC59233E5ED5E15AB863B594FBE29768CD39A1A44503F90925C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\ToolSeparator.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2564
                                                                                                                                                                                              Entropy (8bit):4.855878718510748
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9iDDQ3JFbtS6uSb:nd5CB7fdpF6w3vpSDS
                                                                                                                                                                                              MD5:96D4B0987608270E92965C2FCB1246D6
                                                                                                                                                                                              SHA1:0D889A38EB375B90F2DFAC4FCD41DC09F1FDA92B
                                                                                                                                                                                              SHA-256:42FB514CD92C9C87A80EDE4BD648758CF54F74CC05D3338AB76326FBC4D09A1F
                                                                                                                                                                                              SHA-512:39597673F408F531E4A6812A9E794D233A398206826B6B450C5E18977852AD35C548941D6671C56AD32EB7398A4863CF54A13B74CF90343A168A3EB3265F6A38
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\ToolTip.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2919
                                                                                                                                                                                              Entropy (8bit):4.873465289167498
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9ilQ3owJFw0jWrOaFD:nd5CB7fdpF6e35v5jq
                                                                                                                                                                                              MD5:6B7AFC1DB3A32DB1541023A199F64909
                                                                                                                                                                                              SHA1:F80875DD56C24CF6EEE538C0AEC0171BF08BC28C
                                                                                                                                                                                              SHA-256:8C3F4A1AD480B81934A91171C67D61651F39C87FDFFEF348045D492E6EAD32B6
                                                                                                                                                                                              SHA-512:92024C59DDE029A5B4F1707F0310638CFC6E110E05E8A13A2623D0933FB7E2797326129B22F9171500E804E3EBBECC1B8D7BDD3737E5C3DFDFDEB143549CDB94
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\Tumbler.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3319
                                                                                                                                                                                              Entropy (8bit):4.8279801671890015
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9O9igMhtQ3JFI4Ctf/KeGlZusHPwLA:nd5CB7fdpF6xG3vInyrwE
                                                                                                                                                                                              MD5:2A009241245A2ECF132569C737FFEC1F
                                                                                                                                                                                              SHA1:225D896E1FC4D7BE40B5E7C16AE7E6E8E095DF18
                                                                                                                                                                                              SHA-256:3B17958A4ADDBD57365B0EE41ADD4F3F80F1CEB35C9E8FF1268E706B7AEE6AD9
                                                                                                                                                                                              SHA-512:DE81361CB3C1C5713F2627CBD005AD38C1C543DA36716B6E27FE08A8C21FA8E7E2D68C94C991EFBFEFC0CBCF07C9EDCA604211F0D8543FD1E2EEDFFF6372FA2B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\VerticalHeaderView.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2996
                                                                                                                                                                                              Entropy (8bit):4.822220527499383
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:M25H6E+iCsAaKj7fOWIkFy9lvx8cIQ3rNqYJaFbbUWlF:L5CB7fdpFG3BqY8b1
                                                                                                                                                                                              MD5:B6908BB475283A82C04F52B8C3584B8A
                                                                                                                                                                                              SHA1:9DE2170C912B514B5ED1F7EC697EC141799FDEFA
                                                                                                                                                                                              SHA-256:FEBA09AC8F1B9CBDA59D0EAC4AB68446414C0720A6FEE19351FE1CA1A12612E0
                                                                                                                                                                                              SHA-512:E9FAA144238C42A583435D5B69DD9D1FBBF6578E0B4229B1312995183B8F0261435605793BFF3B41BBA423CF390116CA275F7FCBEBEDDAF62FFC066572EC8C80
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\plugins.qmltypes

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):13897
                                                                                                                                                                                              Entropy (8bit):4.371650370083731
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:X+f/XO0eXiqegTmSc4EhouBsDTl6tlK9jFoY3D3yEbfbiseVpTHD3aIq9EgJLeJo:nEssKhFv
                                                                                                                                                                                              MD5:1AD125081A90751A1B242718BC778618
                                                                                                                                                                                              SHA1:28A24F7233FCBC29E7C4F3101E617610AC099756
                                                                                                                                                                                              SHA-256:3422578EFD36D424686F0FEA58A6DB6E2BE606DEB4CA3584143ECD23D9399516
                                                                                                                                                                                              SHA-512:680D8C1254335434960EDADA3760D65DBFCB94F0F1815FB7C432CE0E757A89329A2BB4D0C21D8E66ECC184DA737433B73ECC2CED12E8B2CD3261EE44717CEF6F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:import QtQuick.tooling 1.2....// This file describes the plugin-supplied types contained in the library...// It is used for QML tooling purposes only...//..// This file was auto-generated by:..// 'qmlplugindump -nonrelocatable -dependencies dependencies.json QtQuick.Controls.Universal 2.15'....Module {.. dependencies: ["QtQuick.Controls 2.0"].. Component { name: "QQuickAttachedObject"; prototype: "QObject" }.. Component {.. name: "QQuickItem".. defaultProperty: "data".. prototype: "QObject".. Enum {.. name: "Flags".. values: {.. "ItemClipsChildrenToShape": 1,.. "ItemAcceptsInputMethod": 2,.. "ItemIsFocusScope": 4,.. "ItemHasContents": 8,.. "ItemAcceptsDrops": 16.. }.. }.. Enum {.. name: "TransformOrigin".. values: {.. "TopLeft": 0,.. "Top": 1,.. "TopRight": 2,..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\qmldir

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):158
                                                                                                                                                                                              Entropy (8bit):4.58971464637918
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:3BV9NKH4TAXDJoNMURCNC4MXWEJWiwhvyWmopCxKbbJ26akyxRS9NKSvn:xVfW4TAXVoNMU74MXWgWiw58oIst2J58
                                                                                                                                                                                              MD5:62CA2AD26A8B534945019A03A4C386F8
                                                                                                                                                                                              SHA1:FDD59AEF9ABE3682A09152FD8C0B5C7A7691E5FB
                                                                                                                                                                                              SHA-256:1150344EDEB157FAA029A8D93A79B6C6D80E97B492D67F1AB636EFB156E7B19D
                                                                                                                                                                                              SHA-512:04D4DFABC37079461913B845CE43CC6358E23CCF1A19AC97477143554179B05249C636584CB03CE2B5F5903E309D98E7C5CA3CA651FDBB369362ADA8393F4A3C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:module QtQuick.Controls.Universal..plugin qtquickcontrols2universalstyleplugin..classname QtQuickControls2UniversalStylePlugin..depends QtQuick.Controls 2.5..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\Universal\qtquickcontrols2universalstyleplugin.dll

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):606704
                                                                                                                                                                                              Entropy (8bit):4.6616816323493335
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12288:T+rqqpIpVpGp8pzpLpcpopGpxpYpLpupDpwpXp+pWpupBpIpipWpPpXp3p3pIpDY:T+r8Px
                                                                                                                                                                                              MD5:25A6B3F61EF00A8C25BDFB6D0E783428
                                                                                                                                                                                              SHA1:61F4CA9E542003C558A2EAAE65F0FB7977F67447
                                                                                                                                                                                              SHA-256:62CCB1E10473614B3794E2B74385F19944FF1B6CB2377ECF46EF307453C235D6
                                                                                                                                                                                              SHA-512:445C0137B6E211684E01DC147A4E2237FC8571EF89C3A9756B01BCB338EC34E6A47EBC6AF09D8DE6CB47C046857BA46637130E704A5D24C0E4A17575CC996DDC
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......E......Z...Z...Z...Z...Z..[...Z..[...Z..[...Z..[...Z..[...Z..[...Z...Z...Z..[@..Z..[...Z..jZ...Z..[...ZRich...Z........PE..d...F.._.........." .........................................................p............`......................................... ................P.......0.......&.......`..0.......T.......................(...p...0............................................text............................... ..`.rdata..N^.......`..................@..@.data...h1.......,..................@....pdata.......0......................@..@.qtmetad.....@......................@..P.rsrc........P......................@..@.reloc..0....`....... ..............@..B........................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\VerticalHeaderView.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2833
                                                                                                                                                                                              Entropy (8bit):4.809421054317256
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:M25H6E+iCsAaKj7fOWIkFy9lvAQ3rNqYJ3FbbUWlF:L5CB7fdpFk3BqYvb1
                                                                                                                                                                                              MD5:F5CD8AC746B6994ED71FF8301B42A56B
                                                                                                                                                                                              SHA1:BA037B256EE49D9FC2C30BD11CCB8A01993A38B5
                                                                                                                                                                                              SHA-256:1D4F3F1D0DBB8CAE0D392C2556889C9639A1A51B055E47BDAABEDBD33BD4A934
                                                                                                                                                                                              SHA-512:6B465228D5918FC4A1EB093A0896ABFBD11A57ABD2641A6F89581B063E6537F5BEC2B33084F873871026526C39741A10CE11C0F52BE80B35257EC86F7BD27E75
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\AbstractButtonSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4189
                                                                                                                                                                                              Entropy (8bit):4.590051340924354
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym0u7LZgzapSRSSP3+jg0cxca/edd3ExnAOY9:nd5CB7fdpFFC7La2u/+jg0Za/M3MnFY9
                                                                                                                                                                                              MD5:A63F43FAE673A9B791CEC4ED6BBCFD3F
                                                                                                                                                                                              SHA1:FB4E604269821F309AD5029C76027D1E0FD9B4EC
                                                                                                                                                                                              SHA-256:8185529D14235068BCD043ADF55880DFE504CEA3387049EBEACC53DC6B050947
                                                                                                                                                                                              SHA-512:DDD381FCD59BBEF6A90EE79F682264BB3C4E96977F7DF6AEC5A3E44E317FB97E6A5D91935E6C1D15C81A903A5B914CC374738CD2ACD98E2546CE11626821EA18
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\BusyIndicatorSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2627
                                                                                                                                                                                              Entropy (8bit):4.723364711234391
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05LuDIbtMjFLi:nd5CB7fdpFFFLuWtMjFLi
                                                                                                                                                                                              MD5:36277E316A15296D604D0A82E0FBFB0E
                                                                                                                                                                                              SHA1:7A2A8FF4A15037B945255612CBE461BD50E93F71
                                                                                                                                                                                              SHA-256:A6F736C2713B08F6AAA5CB51019FBB393AC6C57B75EF5E4005D29EFF48A92A98
                                                                                                                                                                                              SHA-512:3EAFE4467611E9FA4C89E950D77620FE4AB4801A657D8641C9E2E24C4696CD08681A8DC7952C2811FE09CE0C61EB73FCE7C2C7CDC41E3C063760D77976304E5F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\ButtonSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3105
                                                                                                                                                                                              Entropy (8bit):4.707682721934341
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym02AEBLJOYHtrDB39:nd5CB7fdpFF6AE0YNr939
                                                                                                                                                                                              MD5:029323EE757A222E8DF48E7EBF04BD93
                                                                                                                                                                                              SHA1:035A38F873407E253C4AF63A11497B8CCDF3D478
                                                                                                                                                                                              SHA-256:1D571BABABB04CE5FE55B1D0F1DD362EACC304BDE7125DED0D218D9CE6DF03C4
                                                                                                                                                                                              SHA-512:683E786555E4039963765306EC6BBCB319207452E912148E29FE1BA9FEA2282AF474B1ACA2366CF28F9412E8BA538BFCB8CA99314719297D0F969E12043DBF1D
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\ButtonSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2192
                                                                                                                                                                                              Entropy (8bit):4.788553950637862
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05Lot5y3jFLi:nd5CB7fdpFFFLot5y3jFLi
                                                                                                                                                                                              MD5:920C6A6B84D14E1995291B8177A1141C
                                                                                                                                                                                              SHA1:C9AB88CC4C09EFBBBA25B63A70479D3159A837BE
                                                                                                                                                                                              SHA-256:9CD02378488E8DDC891CBC1E7718BE197088A628D07100ED2D676B958F57B81E
                                                                                                                                                                                              SHA-512:1FC8193CA7FBBFD005A4D8169535789086460F4F2272086FE44DA7C9E793F9E4B056A5F7D9BBB25BD818DC56A7FD96864F6EB8ABB244E5C27644FC8D9BA04C22
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\CheckBoxSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2226
                                                                                                                                                                                              Entropy (8bit):4.806035630450304
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05LYsiqy3jFLi:nd5CB7fdpFFFLYsVy3jFLi
                                                                                                                                                                                              MD5:E7BE5C88888A3B8CDD14788A9950EEAE
                                                                                                                                                                                              SHA1:04AFEB4DA0CD3801F0F3266C442A51C9045A15BD
                                                                                                                                                                                              SHA-256:39DC04660C2F4FC02971098B9E261A2F7123887C565F52582278DDB9B7771FBE
                                                                                                                                                                                              SHA-512:2624E6D94F8A43CB9E59FA90CDD7BB221C0494E5D3EF1CC5006F09181A97713DD86A2C9688E956A9487280A5366867E423ED39A9B40FA6D51AAF03E271150014
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\CheckDelegateSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2296
                                                                                                                                                                                              Entropy (8bit):4.795325715833799
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05LYsW5y3jFLi:nd5CB7fdpFFFLYsW5y3jFLi
                                                                                                                                                                                              MD5:F06ED234814DF3A8F4A2040A69CA258B
                                                                                                                                                                                              SHA1:4913E605AFC2DD5C97276140CCC8581983F9AC57
                                                                                                                                                                                              SHA-256:150FC7ADEAF4751CD91440C69E0D9671F141E5B4C439EF886DC863256241A898
                                                                                                                                                                                              SHA-512:1161A17C7038F1527787FACE844D211226D70E16BDA1607E1F58F0C77E290184885E2DD209EE6C46F5DB9BCFEA6060E636115C702297EEF6D573DD47213F1625
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\CheckSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2661
                                                                                                                                                                                              Entropy (8bit):4.738841008151935
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym0QoXrEub+HY5Yz9:nd5CB7fdpFF8uXq9
                                                                                                                                                                                              MD5:0BA3D106DE56655688B8C59D7C1A1A16
                                                                                                                                                                                              SHA1:919D19801E710EC9222DCC79C59AF36B1B81B0A0
                                                                                                                                                                                              SHA-256:70A6DFF9A723B4E2F312ED48F5BA8E3EC7C64252FAF4DD565359294D26A89678
                                                                                                                                                                                              SHA-512:FCE134B09BF86FAD943230B173547AC9A029E60B60E43FFF95DD5358C2D80424131A5F1029264DFEDE432E7BC0D84A8B23195E23E06109FCC527392BC97A7777
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\ComboBoxSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4090
                                                                                                                                                                                              Entropy (8bit):4.509515420842468
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05LuUE4DeaHjp2bU9ygOtrWp/LweMjFLi:nd5CB7fdpFFFLu6Dlj8bFgwrULDMjFLi
                                                                                                                                                                                              MD5:CC5D05E0AE46BE8C3CD68C05B0D90A9C
                                                                                                                                                                                              SHA1:CAC3FF7D53A5C59D60E58E2A6468A32B8BB435F6
                                                                                                                                                                                              SHA-256:7B4A6BA8F165CEAD72123F9BC3EC1A52CACBABFC87066BF352CF2330AC54FA37
                                                                                                                                                                                              SHA-512:BA61CADB7E22AC5C77DB201CBF71DC9F2A2FBCF47568DC4B54247A00F1B3109EE95839B80FACFA732568F7C142FE8007EF79B1D63E0697575FDA88D396851570
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\ContainerSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2336
                                                                                                                                                                                              Entropy (8bit):4.7901862758502345
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym0ZqHTJmr9:nd5CB7fdpFF8Tsr9
                                                                                                                                                                                              MD5:9780B490F860F1A42730957553F0E005
                                                                                                                                                                                              SHA1:E7E9F3F698B9E5D6693DEF15A4AD8C15CE6591F2
                                                                                                                                                                                              SHA-256:FD19D8ED1D61F83D67FC363C2E28A76372CDD4D88CF9A90EBB2F74D5E5FD09A2
                                                                                                                                                                                              SHA-512:69178CAC56FC5F7A407B87A0455506AC8F331903B36864AC085F02EF5E2349261F69EEFEE634EFFB0F3BA1E4A63139195A6B90F41D5DCC8CBEB725EB6CFB5B01
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\ControlSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3881
                                                                                                                                                                                              Entropy (8bit):4.629995264959266
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym0IzBv3TsX2abpOx3beJYTqHTJea7xW3wT9:nd5CB7fdpFFOvfkpQ3beJTTMa7YM9
                                                                                                                                                                                              MD5:E3DDB0BD2362D7AD8D3F6757836FD249
                                                                                                                                                                                              SHA1:B82289C6046C7E33B601A3BDE048E5D5A8FF30A1
                                                                                                                                                                                              SHA-256:FA79F68EB091D8A7312B9F26246561FD8558E891951A7A34178F708E3F40083C
                                                                                                                                                                                              SHA-512:DAA91EDCAE35B9B2543B0B8C5CD43793DB20BCAD9EF9D1BDE740C8B31950005CEC8A1CDE04A8B00A355369A6C5E4C78DE46489804EF84036255F4BECFC269D52
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\ControlSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2066
                                                                                                                                                                                              Entropy (8bit):4.797894120379283
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05L3jFLi:nd5CB7fdpFFFL3jFLi
                                                                                                                                                                                              MD5:B450EBA19443A3DF0571977CEAF495D8
                                                                                                                                                                                              SHA1:B35B0C22629222F33BDA33156C178AF505808906
                                                                                                                                                                                              SHA-256:34F14E5B36DE01740DC8A7C571FF8CE65BCEB7FC4C26F906E10C08773B644AE6
                                                                                                                                                                                              SHA-512:CD145A9FA4ECDDC55F133A64FD693EADF2CE3C22AF599585E9B0B350827AE9309F9345C79756DA2F0CA9230B62085863924B5AF4D9417DFBF5C30F124C3354DD
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\DelayButtonSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2736
                                                                                                                                                                                              Entropy (8bit):4.684553443125928
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05LuhZNaH/NPwy3jFLi:nd5CB7fdpFFFLucBwy3jFLi
                                                                                                                                                                                              MD5:CA6FBCA4034AB0C1FC8D58C50AA2E3CF
                                                                                                                                                                                              SHA1:3F15AD98B82F88ED01656C1AA337492AF5A6A338
                                                                                                                                                                                              SHA-256:CE45196E4B042826A80FE153EDC7ED6796D19915DDA1B91C82CDED33184E1204
                                                                                                                                                                                              SHA-512:2CFA38A0E3939711A9024192C77FE1E087A368359945128B2DAE86D048A3746A7492E0B66171067C09B53F4640237791C2E99461066745918F0B14EA688A7820
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\DialSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5949
                                                                                                                                                                                              Entropy (8bit):4.283006058808884
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:nd5CB7fdpFFFLu/chFKjs0jj5Ujv52DuWj4Z6IEMjFLi:nd0BhpnphFTAq4Drj4Z6zz
                                                                                                                                                                                              MD5:8902AB92488D965807566C9F0AF7B01A
                                                                                                                                                                                              SHA1:9C284E15D96FA1D2CEE33D058142ADE5E8D65BA6
                                                                                                                                                                                              SHA-256:6B8CC2C061A4E350BB13B9C12BF4CAAF4C8F74DB6E05445CF3B7B156D6B1F17A
                                                                                                                                                                                              SHA-512:CDEB45E49F5E5F9CEA4FE6C70017B573A6E074C19B8FC001FAC55D2E79736F93C14D650573F5328A7CC17CAAA2FF757436F3DF713D2AB6CDB978DD48C413FED8
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\FrameSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2123
                                                                                                                                                                                              Entropy (8bit):4.790296350072608
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05LZy3jFLi:nd5CB7fdpFFFLZy3jFLi
                                                                                                                                                                                              MD5:C24D49381CF8B3E6098FDA1C27527E56
                                                                                                                                                                                              SHA1:4C78067E28C7FC742C52461585EDF9113483E5D0
                                                                                                                                                                                              SHA-256:B3BA820FF86BF5EDE7116543342393AB2279C2DEB37C23CE3D240A1F114F16EF
                                                                                                                                                                                              SHA-512:89022C8518525601024B6C63CA425FAE6F0010D1A167FF7EEF6B7526F6AC634C856811B43D18E0555821F1286895A44F1D7DBA6FC26AB58A50E15FE1FFF64308
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\GroupBoxSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2579
                                                                                                                                                                                              Entropy (8bit):4.710846092907281
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05Lu99My3jFLi:nd5CB7fdpFFFLuvMy3jFLi
                                                                                                                                                                                              MD5:977771B918B7ECD33A6F9E5873372BBF
                                                                                                                                                                                              SHA1:3B2C4E8CC47B061A566AFCFF3B7F59535D439275
                                                                                                                                                                                              SHA-256:DEDBD77A8B002762B5A5AEB65E369CF7DAA9767FE68360D5F8654CC60562FD45
                                                                                                                                                                                              SHA-512:148CD83B7C63E9ED80E598ED58B1EFD7F66A3BE562422B59EDE0E91043974F9D53FF0FE0EC61DF7B3BFEF439398ED618552016275A6326A9C9596B70DD1DE80E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\InsetSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4075
                                                                                                                                                                                              Entropy (8bit):4.441096456615466
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:M25H6E+iCsAaKj7fOWIkFy9ym06p7gHkdc6flHkdc6Pzh7uAmAQHkdc6VZHkdc60:L5CB7fdpFFmpUUl+zhD34g52M9
                                                                                                                                                                                              MD5:8C11CC19E8BD0CE990772BB92D246688
                                                                                                                                                                                              SHA1:A7007BFFD6AACA79DC746D4D262EA8AB1EB7F297
                                                                                                                                                                                              SHA-256:7A2FFAD29B19F0B3D2E0D369A4493DC9B7DCCA4179AD01E5A1BCC8C87685B611
                                                                                                                                                                                              SHA-512:F8F87B9C04893F5712F95F46C9FA6766F7EB86A0DAE6050E085EC072851CF1F8286018D36FBDCEFE6CA6AE2EA2554C3C8FCC71030BE13E1A7C288348E28AEB91
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2020 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\ItemDelegateSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2321
                                                                                                                                                                                              Entropy (8bit):4.79619373368411
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym02AWB39:nd5CB7fdpFF6AC39
                                                                                                                                                                                              MD5:A82851C44140F5CAF39AC21DBBC7AEB3
                                                                                                                                                                                              SHA1:A3D673235E30071D0ED23BE75008D76F6BF6B399
                                                                                                                                                                                              SHA-256:18DA14C91C710F8CFA69C676103D2621CD7E0FBA23C75BF640E1ED377EE8BA31
                                                                                                                                                                                              SHA-512:55BDF1DA7EFA1879FFDE53FF2275026ED45B6CFF7FED8191143C15ACDB86AA0727FDD9B909035E420E66775D1EDA22463A31183AC9C527B35BE2D1D7D66063B2
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\ItemDelegateSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2198
                                                                                                                                                                                              Entropy (8bit):4.789736142433364
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05Lq5y3jFLi:nd5CB7fdpFFFLq5y3jFLi
                                                                                                                                                                                              MD5:DF7E32B0E18BD35FA8453CB1263886B9
                                                                                                                                                                                              SHA1:F4336C9380A7FBEE4DFBC17C545B409364F7F8B3
                                                                                                                                                                                              SHA-256:8207C603C9DE51D9954302DD9DF559A1DF70E0A9658AF62637229B5A2437EEC3
                                                                                                                                                                                              SHA-512:21D4E9B1D71C5EA9C7C66E5BACEAD5D4857AC109F7452D81C6D793F8843DD1D6F9194011E41259CDB9E3FAECC04675A1433A2DFCBF0B758FF97CBD068FD95732
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\LabelSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2823
                                                                                                                                                                                              Entropy (8bit):4.755970593471076
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05LQq7RHw0XTMwNBSXTMg9kaL7i:nd5CB7fdpFFFLQq7RQgTMaUTMaL7i
                                                                                                                                                                                              MD5:23066E2FCD92D68EE429B19C34093444
                                                                                                                                                                                              SHA1:4A7A65EF2DCA60CA52BBB0446EDF7A48AA856689
                                                                                                                                                                                              SHA-256:968701B931951FF79DCF09E07D56A91E50F4009D99286CA2B4C348FC35550482
                                                                                                                                                                                              SHA-512:55509C7288BFF36DCD684E8559DA0E67A29F3DB59B0B66DFD7A9B19A24B6D938A588FC91B25DF1A220E14894E70451C12B2C0A212D34223B1D34733950A8A215
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\PaddingSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3681
                                                                                                                                                                                              Entropy (8bit):4.600699886807315
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym0oAsTqHTJvdADYTqHTJl9ZTqHTJcqXOTqHTJPp:nd5CB7fdpFFdvTFCDTT394T2qJTVr9
                                                                                                                                                                                              MD5:C430765B66BE6227979D4BFC4E13486A
                                                                                                                                                                                              SHA1:294F8E24765F9766AEA812FFD033072629F1C6EA
                                                                                                                                                                                              SHA-256:BED58EBA4585F280EFBD5869DC4730BDBC46863D392DBCBE6EE3241AF08609EC
                                                                                                                                                                                              SHA-512:9663030B63C24B3A91A7E496FB4366BC183FFC2CC09AC956B873A5874231C15C988F773E8F799008152D1552553C67AF4D195959B7A6124048F61E90A81A9615
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\PageIndicatorSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3464
                                                                                                                                                                                              Entropy (8bit):4.54198580547783
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05LuJ0aHjpAOaHjp2bHECMjLi:nd5CB7fdpFFFLutjSVj8bkCMjLi
                                                                                                                                                                                              MD5:0E13BBB11B627D0AB5D2D1771A4A35BD
                                                                                                                                                                                              SHA1:1C5294D16BCE34581E92B8F3E23E1067F1D6FCB7
                                                                                                                                                                                              SHA-256:416C1DD1C0E0C402C1228CDB052DFB12103D37620E72D70D176CD1E3F2E607F6
                                                                                                                                                                                              SHA-512:9175A66F1017868640DBFEA41368CF8DF27E207B22FDF7E57DCAD3D17E0A5ACEDBDE75DF7A831F0F398050C762F5A9EFE2FFCE7F9AFE589BD799850CB95E28C3
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\PageSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3512
                                                                                                                                                                                              Entropy (8bit):4.536455819119471
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05LuU9cvaHjpEuaHjpj5MjFLi:nd5CB7fdpFFFLuQcqjy1jp5MjFLi
                                                                                                                                                                                              MD5:F28678714CF8AC3FE1D3DF5790A849B4
                                                                                                                                                                                              SHA1:57D7DB50C11255DE0861F8B086D0B1125D4A8A98
                                                                                                                                                                                              SHA-256:3A2D06290528BD90BBFEE7E532277543340BC33741970BE1F0CD7B743F62F60D
                                                                                                                                                                                              SHA-512:AE1082E8B797592ACFDD4B938F143D2C31728F462CC1ED50F6F7D38C1E517D6E74F2DA3CADBCC55BC48A38685ADC1F036E662C78CD01C1416BC11FFAC91309DA
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\PaneSection.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2819
                                                                                                                                                                                              Entropy (8bit):4.72358971509432
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym08fqHTJ0eqHTJTp9:nd5CB7fdpFFIKTClTZp9
                                                                                                                                                                                              MD5:CD9A097C784EC8FC092609C354D93AD4
                                                                                                                                                                                              SHA1:1496DEFA81A88DFF13AC4534549F30E0A65A2F41
                                                                                                                                                                                              SHA-256:A10517398E8DC800A587D94BF8658C0580A99115800E7EB8D6DAF8B0D9C59887
                                                                                                                                                                                              SHA-512:FC8BE8FD0D8570F01AD314FD4BF6C6D3418F1045384578E60A89F05DB6C583C7DFAE47C0F0AC32C9708F62E8AA0DF718634D6A9A717F2254E1A1E839C1961462
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\PaneSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2123
                                                                                                                                                                                              Entropy (8bit):4.790296350072608
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05LZy3jFLi:nd5CB7fdpFFFLZy3jFLi
                                                                                                                                                                                              MD5:C24D49381CF8B3E6098FDA1C27527E56
                                                                                                                                                                                              SHA1:4C78067E28C7FC742C52461585EDF9113483E5D0
                                                                                                                                                                                              SHA-256:B3BA820FF86BF5EDE7116543342393AB2279C2DEB37C23CE3D240A1F114F16EF
                                                                                                                                                                                              SHA-512:89022C8518525601024B6C63CA425FAE6F0010D1A167FF7EEF6B7526F6AC634C856811B43D18E0555821F1286895A44F1D7DBA6FC26AB58A50E15FE1FFF64308
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\ProgressBarSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4195
                                                                                                                                                                                              Entropy (8bit):4.466402741760662
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:nd5CB7fdpFFFLuqvWiiwGgchFwjsmjj5MjFLi:nd0Bhpn65hFV2z
                                                                                                                                                                                              MD5:4DF82CF68626823EB6BB0313B2E8BB65
                                                                                                                                                                                              SHA1:8E27BA0590C8C879675400C7C534836DE25FF029
                                                                                                                                                                                              SHA-256:94DAB06A5B0FD568E5B9E622A9CCB72607D371D1849970DD6DBAE3355D1D3712
                                                                                                                                                                                              SHA-512:03F9A3F45E818199FC211FC3C260352237E99310966E10644D273EFFA8B08DD1F56DD20C331172733114E087AF42712087BA092638AE3538FAEB119ED1FBE345
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\RadioButtonSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2133
                                                                                                                                                                                              Entropy (8bit):4.795371325434706
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05L5y3jFLi:nd5CB7fdpFFFL5y3jFLi
                                                                                                                                                                                              MD5:95806D0BFADF617CDB91B9BAACAB5429
                                                                                                                                                                                              SHA1:2102999EC25BE88F138EA7C8FBF2A1BF4454C766
                                                                                                                                                                                              SHA-256:07911DFF4B3128DE29FB83223A78878F9E972F35A596429861C7EA7956923B2D
                                                                                                                                                                                              SHA-512:00D3B1DD1D764859249A5997EC4B2EC68FDF7C245A3AD4276A81370B2F43090F41D32DE48D94307703436E661EBAF64FF96332F109B0E611B74521F28C8F8004
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\RadioDelegateSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2198
                                                                                                                                                                                              Entropy (8bit):4.789736142433364
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05Lq5y3jFLi:nd5CB7fdpFFFLq5y3jFLi
                                                                                                                                                                                              MD5:DF7E32B0E18BD35FA8453CB1263886B9
                                                                                                                                                                                              SHA1:F4336C9380A7FBEE4DFBC17C545B409364F7F8B3
                                                                                                                                                                                              SHA-256:8207C603C9DE51D9954302DD9DF559A1DF70E0A9658AF62637229B5A2437EEC3
                                                                                                                                                                                              SHA-512:21D4E9B1D71C5EA9C7C66E5BACEAD5D4857AC109F7452D81C6D793F8843DD1D6F9194011E41259CDB9E3FAECC04675A1433A2DFCBF0B758FF97CBD068FD95732
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\RangeSliderSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):6769
                                                                                                                                                                                              Entropy (8bit):4.259429689145202
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:nd5CB7fdpFFFLuGwEhAzhFejsUjj5gjvrYZvnuWx7MjFLi:nd0BhpnaEhQhFHgGrYZvnr9z
                                                                                                                                                                                              MD5:45E91F4D787315CB57E0B7D2DF6C9625
                                                                                                                                                                                              SHA1:606352AFA72FC5EAFAE9BFF897779AAEA9D0A793
                                                                                                                                                                                              SHA-256:6AC639B5F6858762AE1F938AA6490EB22D48C777C70D9B892315E9683C6275E2
                                                                                                                                                                                              SHA-512:190BF00F8B5BA7D7B4028FF10DA05E0195946C06C232BB4897A2D964A0F9F1BD7B2D845E58F41F4CCD4B1CA9A846D81522C4172C8F2E36DB42125B1B0FF92AA3
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\RoundButtonSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2757
                                                                                                                                                                                              Entropy (8bit):4.684878729571602
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05LuQaH/sqJPt5y3jFLi:nd5CB7fdpFFFLuz9Pt5y3jFLi
                                                                                                                                                                                              MD5:5D48EFFA06041BE07F38BCFD1ACEB106
                                                                                                                                                                                              SHA1:2CB284F7C2BE8EC45AB10B73D4D8928B705BE9E3
                                                                                                                                                                                              SHA-256:807FFF34F63FFDD20D9D410C170C1C854CCCB3A40CAE506CBF2EED38B39760A9
                                                                                                                                                                                              SHA-512:DA7FAA7F8E49485DB78E0FF78A28311F4064D0C23AC1AD51BD2414031768C4F60808A4F97BEA0631EB09DCF996C4B51AC8F06D019C932E52BCF5DAAFAC668279
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\ScrollViewSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3195
                                                                                                                                                                                              Entropy (8bit):4.6079588592166605
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05Lu6vaHjpEuaHjpj5MjFLi:nd5CB7fdpFFFLu6qjy1jp5MjFLi
                                                                                                                                                                                              MD5:85DA810CC706B345D85F9769B904D139
                                                                                                                                                                                              SHA1:B9F641481815ADDF96554B1AD41D8788487F0CB1
                                                                                                                                                                                              SHA-256:CFBB83DB87541E7EDFAD94BC239EBEE295C60E2E40C8FE5DB08FBD231C328BF2
                                                                                                                                                                                              SHA-512:8D342FBC16EB30F7644F4037CE3C94C60E8AFBE2499AF779B9079E574F8A8247966E305486E138DA88496E691C17B8922E2FC0A966044F8F618356F6ABF2BC44
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\SliderSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):6079
                                                                                                                                                                                              Entropy (8bit):4.271218374879073
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:nd5CB7fdpFFFLuBchFDjsljj51jvqfHZvyuWx7MjFLi:nd0BhpnzhFUDdIHZvyr9z
                                                                                                                                                                                              MD5:0154C91F8DBFA6E9EA328F7203F63AC7
                                                                                                                                                                                              SHA1:98443FFC346DAA5A934AB9BC69B1E69C786F8A21
                                                                                                                                                                                              SHA-256:0D9D68FFF4A345DB964F9B15D71263488EA48045253E9E1EE864C477D653AB2D
                                                                                                                                                                                              SHA-512:7007754F6C328D73A5F816DDD34D7498C27A692AEBA3057A5B6E7AEBE34CABE9CE04A29D35B3DA902CC7972A0D793018E76FE72ED5502B842EC306B9D9471DA0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\SpinBoxSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4921
                                                                                                                                                                                              Entropy (8bit):4.3797456090010565
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:nd5CB7fdpFFFLu7rhF/jvNj85njYCgTEMjFLi:nd0BhpnchFzokpwz
                                                                                                                                                                                              MD5:1C848DC852D5B7ED48A9CF1661F2F659
                                                                                                                                                                                              SHA1:3D3F1A8C199CC4EAE881467C9D3B121F7DE9E37B
                                                                                                                                                                                              SHA-256:664B08BFBCD58DD406D7F876FA57FEFDEA06A709BFF5E033613D908D0622D750
                                                                                                                                                                                              SHA-512:087DF27A71ABBCEE34807D955EA61C89DF8708D141E2DAB3E66227D3AE2188CFF79E3571B88BE3B4F282446C118B4ED1241C2D3D0B608AA4884981B15F6E33D7
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\StackViewSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2066
                                                                                                                                                                                              Entropy (8bit):4.797894120379283
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05L3jFLi:nd5CB7fdpFFFL3jFLi
                                                                                                                                                                                              MD5:B450EBA19443A3DF0571977CEAF495D8
                                                                                                                                                                                              SHA1:B35B0C22629222F33BDA33156C178AF505808906
                                                                                                                                                                                              SHA-256:34F14E5B36DE01740DC8A7C571FF8CE65BCEB7FC4C26F906E10C08773B644AE6
                                                                                                                                                                                              SHA-512:CD145A9FA4ECDDC55F133A64FD693EADF2CE3C22AF599585E9B0B350827AE9309F9345C79756DA2F0CA9230B62085863924B5AF4D9417DFBF5C30F124C3354DD
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\SwipeDelegateSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2198
                                                                                                                                                                                              Entropy (8bit):4.789736142433364
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05Lq5y3jFLi:nd5CB7fdpFFFLq5y3jFLi
                                                                                                                                                                                              MD5:DF7E32B0E18BD35FA8453CB1263886B9
                                                                                                                                                                                              SHA1:F4336C9380A7FBEE4DFBC17C545B409364F7F8B3
                                                                                                                                                                                              SHA-256:8207C603C9DE51D9954302DD9DF559A1DF70E0A9658AF62637229B5A2437EEC3
                                                                                                                                                                                              SHA-512:21D4E9B1D71C5EA9C7C66E5BACEAD5D4857AC109F7452D81C6D793F8843DD1D6F9194011E41259CDB9E3FAECC04675A1433A2DFCBF0B758FF97CBD068FD95732
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\SwipeViewSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3100
                                                                                                                                                                                              Entropy (8bit):4.6223226231291985
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05LuGguECBCZrLMt3jFLi:nd5CB7fdpFFFLu5/CEZvMt3jFLi
                                                                                                                                                                                              MD5:A2DF382A28EE2A85E65D72E6706BE9DD
                                                                                                                                                                                              SHA1:8835926DC5E4491BDB5812C55B669D1BDC596DEA
                                                                                                                                                                                              SHA-256:F0D87BE641213B0FF890C2E4069E32681A874646F3965C9C6927D32DE78335D7
                                                                                                                                                                                              SHA-512:67B19EE99E51858D59395816A7E2433E7B0F228633C75662CE71F1B315FEA9CFC048A6220F86E740759B8A47E81883C50C7B9E98F37D81A79C7DB764AA9DAB45
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\SwitchDelegateSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2141
                                                                                                                                                                                              Entropy (8bit):4.797308908670296
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05Lq5y3jLi:nd5CB7fdpFFFLq5y3jLi
                                                                                                                                                                                              MD5:5740311FAD8393D3CD08CC7B64775779
                                                                                                                                                                                              SHA1:29E2FEAFE34FEFFD690B8F102E87CAA9BA52E1A8
                                                                                                                                                                                              SHA-256:45B33505F1DDBBDBE3B20D3511706ADFFE14A3A411CEAE6CBE92CCD4B73B0A66
                                                                                                                                                                                              SHA-512:5A2E7E98FCF966F7170E13C8C505D26B402EF7653812E72DE2EF4D8B51F98DBE8F9C0FE32CC7684324F164671559801A10654C8BCBE54E7029A8864E04126479
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\SwitchSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2133
                                                                                                                                                                                              Entropy (8bit):4.795371325434706
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05L5y3jFLi:nd5CB7fdpFFFL5y3jFLi
                                                                                                                                                                                              MD5:95806D0BFADF617CDB91B9BAACAB5429
                                                                                                                                                                                              SHA1:2102999EC25BE88F138EA7C8FBF2A1BF4454C766
                                                                                                                                                                                              SHA-256:07911DFF4B3128DE29FB83223A78878F9E972F35A596429861C7EA7956923B2D
                                                                                                                                                                                              SHA-512:00D3B1DD1D764859249A5997EC4B2EC68FDF7C245A3AD4276A81370B2F43090F41D32DE48D94307703436E661EBAF64FF96332F109B0E611B74521F28C8F8004
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\TabBarSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3675
                                                                                                                                                                                              Entropy (8bit):4.529921894562925
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05LumN9scvaHjpEuaHjpj5Mt3jFLi:nd5CB7fdpFFFLum3scqjy1jp5Mt3jFLi
                                                                                                                                                                                              MD5:4FD60455B2BC1F81B99ACF8A05B7CD49
                                                                                                                                                                                              SHA1:FF39078653B3F8F1EDAF53430B2D51F3A2581EAA
                                                                                                                                                                                              SHA-256:EEEF272650B489F44319B5490575515A98CE50AB04503402BB9BA27F5F566AD7
                                                                                                                                                                                              SHA-512:9D7013EC552FE93C153FF6EACB01CB6BA415A5259338FE6DE4518CDAE073D60ADB3CBE577EF450F42B66D62347A95337493276DC999F11C9A4350D11B6EBFAD0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\TabButtonSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2133
                                                                                                                                                                                              Entropy (8bit):4.795371325434706
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05L5y3jFLi:nd5CB7fdpFFFL5y3jFLi
                                                                                                                                                                                              MD5:95806D0BFADF617CDB91B9BAACAB5429
                                                                                                                                                                                              SHA1:2102999EC25BE88F138EA7C8FBF2A1BF4454C766
                                                                                                                                                                                              SHA-256:07911DFF4B3128DE29FB83223A78878F9E972F35A596429861C7EA7956923B2D
                                                                                                                                                                                              SHA-512:00D3B1DD1D764859249A5997EC4B2EC68FDF7C245A3AD4276A81370B2F43090F41D32DE48D94307703436E661EBAF64FF96332F109B0E611B74521F28C8F8004
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\TextAreaSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3437
                                                                                                                                                                                              Entropy (8bit):4.6347274032907135
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05LuEDPg54BH5ETkfq7RHw0L7i:nd5CB7fdpFFFLuaPU6H5Lq7RQ0L7i
                                                                                                                                                                                              MD5:B5D0F60422D2FCF90F2A3DA5AA967B34
                                                                                                                                                                                              SHA1:17F5B45D565C6ACAEBC221601F88A0B036323032
                                                                                                                                                                                              SHA-256:C7ED96C7CD4548F68E55F0F03DCF1E4E1A2BA1D840C93ABE89A09A141BB62435
                                                                                                                                                                                              SHA-512:8A1D442B29F5512DD8B1BE386B9435CFA4E2D086CE9FDABEF9AA0FDE6670FDFB773B5334A47FDBA480679EF34965278A426671A7F3076D238FBC020CBA30A07E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\TextFieldSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3338
                                                                                                                                                                                              Entropy (8bit):4.636693633310841
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05Lu8sDPg5pBH5ETkfFL7i:nd5CB7fdpFFFLu8iPUDH5LFL7i
                                                                                                                                                                                              MD5:589D92084CCB416E88FADBE56B01F060
                                                                                                                                                                                              SHA1:1BCDF1BAC05A4DC8CF79D87CC50E2EDDF9CC5477
                                                                                                                                                                                              SHA-256:A4A467321B4A2DEFB93F374447D3B2E593BD0B6127048ABD30642A32B0833FF1
                                                                                                                                                                                              SHA-512:24F29484CF0FBD048F08730BC20FF909569CEC99E6C061AD0A6E22AADEFBAA5ECF5C5A5924B7C7B421E8640F94297E4013226B869A7591A95614ED87D2090DC6
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\ToolBarSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2670
                                                                                                                                                                                              Entropy (8bit):4.698654419425004
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05LuK97My3jFLi:nd5CB7fdpFFFLu87My3jFLi
                                                                                                                                                                                              MD5:871BBA0EE60C356C2D7C83C9F240E957
                                                                                                                                                                                              SHA1:EDFBA03D6D8146BFC3FF0E55DA400F06A5553D07
                                                                                                                                                                                              SHA-256:3F0EC5B9A838CD155BA4426A7D91A9830D300BB2EC08E04685589815D7A20C1C
                                                                                                                                                                                              SHA-512:1C9E86093A6027C28BCD94B714A7F959FC5DB3A7E289A6E55946ECB24E31D9CE8C96DC31CB5D8CCD5037CADA1BAC6F0F63250AF1FB190ADE5B2A133323B371F1
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\ToolButtonSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2192
                                                                                                                                                                                              Entropy (8bit):4.788553950637862
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05Lot5y3jFLi:nd5CB7fdpFFFLot5y3jFLi
                                                                                                                                                                                              MD5:920C6A6B84D14E1995291B8177A1141C
                                                                                                                                                                                              SHA1:C9AB88CC4C09EFBBBA25B63A70479D3159A837BE
                                                                                                                                                                                              SHA-256:9CD02378488E8DDC891CBC1E7718BE197088A628D07100ED2D676B958F57B81E
                                                                                                                                                                                              SHA-512:1FC8193CA7FBBFD005A4D8169535789086460F4F2272086FE44DA7C9E793F9E4B056A5F7D9BBB25BD818DC56A7FD96864F6EB8ABB244E5C27644FC8D9BA04C22
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\ToolSeparatorSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2578
                                                                                                                                                                                              Entropy (8bit):4.712580026164849
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05LulCZrLMjLi:nd5CB7fdpFFFLuQZvMjLi
                                                                                                                                                                                              MD5:E914076BFCB44AB249639204B52A85D1
                                                                                                                                                                                              SHA1:6FCE74E2446DA8A4C506FFFB1255FBB2A5936533
                                                                                                                                                                                              SHA-256:050A484049871C745112B1CC321BF1EEEF61748D809707B5CB1D946578D67CD7
                                                                                                                                                                                              SHA-512:CD52E91805A428E5AFCF477D8A5DD67F38FE591CAEEED52050D0575DDC08A28F534BC7D1D7172921828B13D2F87E8CE8C5517C703291C4A6E2C0A6E47B2940CF
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\TumblerSpecifics.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3510
                                                                                                                                                                                              Entropy (8bit):4.542180543006354
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MCd5H6E+iCsAaKj7fOWIkFy9ym05LuzaHjpjeaHjp2bTT3A3EMjFLi:nd5CB7fdpFFFLuGjFlj8bTWEMjFLi
                                                                                                                                                                                              MD5:8A21CB05BAFE538A8DBDB027C8C483C4
                                                                                                                                                                                              SHA1:6D40134BAD0A93902DEC320F64F4B7EC5AB9ABE3
                                                                                                                                                                                              SHA-256:58C5D2472E3D36750481A8617D222F8A666DACFC5C13D82E4258D8DE5A9AC190
                                                                                                                                                                                              SHA-512:72A68D2A04F5AD6AF2E329FCCF7EE81F5514F80E1F571ED870B345D47749C17A2A4028CFD7E2A7357B54896B79EC23884DF04A4E6BC90B7664C2E00288B91966
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2017 The Qt Company Ltd...** Contact: http://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls 2 module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL3$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see http://www.qt.io/terms-conditions. For further..** information use the contact form at http://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPLv3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\images\busyindicator-icon.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 24 x 24, 8-bit colormap, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):320
                                                                                                                                                                                              Entropy (8bit):6.143538258317517
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:6v/lhPknHIgn7oe3lDbbF8aJUHpXaX2q7p1nFRjtdp:6v/7gPnt3lD/hWJe1p1nTx
                                                                                                                                                                                              MD5:F6ACA7D1A684343F1A7C2AF895CE7B4F
                                                                                                                                                                                              SHA1:6B1EA6AE5D35153161EB2B222E8F2836145CABEA
                                                                                                                                                                                              SHA-256:02E0FA98254896D80E653F6223670ECAF5B289E9326B569DEDA68FB9B3A924ED
                                                                                                                                                                                              SHA-512:77BDF98D0FFEC04B070F69A5C0CFFBE94BC1E53F79C871A6209259AC1A6237BAE0B212E94FE18547FE11F350B9247837F56DA331D8D3B29EF2DA902B0A378527
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR...................?PLTE......................................................................tRNS.......%)0Miz........3.b....IDAT(..... .C..E.)p..[........B.Jo............$gw~..Y`5.L.^.+..n.;).u....=}..x.....y?..|~b..{.`..^J..;..BI..x.F ..TX.VJj?~.V.-K......$........j}.d...9".D....IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\images\busyindicator-icon16.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 16 x 16, 4-bit colormap, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):229
                                                                                                                                                                                              Entropy (8bit):5.609680159962802
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:6v/lhPIFufFpgGDj01mFVKxxi6vJbqXkR+g4HoSp:6v/7lm8VKy6vJbj3fY
                                                                                                                                                                                              MD5:7B919E5C952E44182377DBF7FFFAB9AC
                                                                                                                                                                                              SHA1:EDA8EA728C5A766BE2BE1124ED43E99FBF142E14
                                                                                                                                                                                              SHA-256:2733397B655E5CE5EE38A89CE4C47E608CC439C61479191CC769E3CB2047FCAC
                                                                                                                                                                                              SHA-512:17713CD9ECB8BC852D6D391CF101ADA75EF51FF55B17F5FC2B29C16154124BB4CC9F149864443A6748CB0B2E118CF3078083E27D12FC9C306C4C3416C817A193
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR................R...-PLTE...............................................q.....tRNS....'NOqr..........YIDAT..c```....B.}/......M....J........w...s....N2 ....d.a.....~.`x@.Z.T..```.j.....n)...............IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\images\busyindicator-icon@2x.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 48 x 48, 8-bit colormap, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):643
                                                                                                                                                                                              Entropy (8bit):6.520420673107778
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12:6v/7+fsDvf2ccFNcitVH1aApsN4AHCIMUqc3tj7vkmmbjM6d1b7/N:UH2qNeIMk3tj8Q8p71
                                                                                                                                                                                              MD5:B030185F421E78A62BB53F32F538669C
                                                                                                                                                                                              SHA1:90AE611AE062B498E40169F5BBF06C29277596BB
                                                                                                                                                                                              SHA-256:E0CDD5067406A7AF72C33ABA8BBE7DDCB67B35C3AA232CA538F0243D35F9DBC9
                                                                                                                                                                                              SHA-512:94A708396257507B173A386FEA9186B53BAEEE9C979E0D05AA6CD42BF34D27563FAB1E0DC622B7E812C80D0E35883E6554CC16B49FE5EB445BFB05598CB6E10E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR...0...0.....`.......PLTE....................................................................................................................................................],C...0tRNS..........()07:<=>FIJRS^ersy{|..................I.....oIDATH..V..0...r#..(.`4..u+.P....|s.....5..x..1>.H8.'y.3.....Q...".....V...t.7a.....w.w..&..4:V...U.T.aB....Q.l..5...f{..)......mY.B.6..nUN[.f..M.s:...P..9.....p(.!....3..........?..*.....,T.g..Yj...c...4Mu....V.........W..{...f...........v\....=`T..J.=..g....F1.Vkj[-........E..Y.'........d.t#.EZ..k..P..~.n.w.c(..P....e.|..9.....)zCS...O.].. .9.....B.]k~H.E....IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\images\button-icon.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 24 x 24, 4-bit colormap, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):162
                                                                                                                                                                                              Entropy (8bit):5.469002487170409
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:yionv//thPlG3V/1I/dNNNNNNNNNxyZ9lyQb5/fySxZ95YOChYkX16zUrc/sg1p:6v/lhPIvIgToA5/fysZz+Ck0zU4p
                                                                                                                                                                                              MD5:4534457062287689BD692B7A13361A44
                                                                                                                                                                                              SHA1:208DB74BA6E5B1BED15CEA8E8797E80CC9D23F15
                                                                                                                                                                                              SHA-256:8B570AFCF93F9FF7D2299D1689D372B57DF9C432946C28EC5688D437070DD8C0
                                                                                                                                                                                              SHA-512:0EB687EC15C7D97908EF8C4B2D835B2B5E229CDB23595B0016B582DF8A880513EE7391824A07EEEB002677E621E90D983569DA34D00579F0713E23101F2CD1E9
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR..............Y .....PLTE..................T..T....tRNS.W..........:IDAT..c`...v....C...P8P`.Ep..L..`.W.'.!...rP....b4..(.*...:+...V.....IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls.2\designer\images\button-icon16.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 16 x 16, 4-bit colormap, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):145
                                                                                                                                                                                              Entropy (8bit):5.257752058503895
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:yionv//thPl9vhSFg/dNNNNNNNNNxyZ9lkeWsFhGv8nNmRanZlgc/s/t2rPltjp:6v/lhPIFggT+enFh080RaMO1rddp
                                                                                                                                                                                              MD5:8083A160F5C2087CADBCCDC01F9C63B2
                                                                                                                                                                                              SHA1:0FB5F38A6A653E43CDEE07EE997A3D4DA449B414
                                                                                                                                                                                              SHA-256:BEBDEE848CF1B6041D5FE1E00B064AA16F7CFF5117A3BA72511E70E69C52B888
                                                                                                                                                                                              SHA-512:84C4F70540D1C0EE06CA3AD8372267C4209C405A675FA57FFD58CA8A1371297F8206D315EEC87F2493918C2DBF8827D730D87C4785BF6B21FA0B7402FADDEC1C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR................R....PLTE..................T..T....tRNS..vw.......)IDAT.[c` .....A.!.j(..3.B.!..P.`.........s..e.......IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\CircularTickmarkLabelStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):24312
                                                                                                                                                                                              Entropy (8bit):3.2230542732982297
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:hAAAA8FooooOV1Y9gpGd9tZcWQlN2skBjG/Ji8JSqmFam1rR3rg3Jm/c8G0AEmkI:hAAAA8P9zDtZczGskBjGAWCaqd/cYAuI
                                                                                                                                                                                              MD5:DB3EDD347A03000D3801E1975C574AE7
                                                                                                                                                                                              SHA1:1783A2DF37ACCE092415301FD8FA7D3AA65D1826
                                                                                                                                                                                              SHA-256:22FFF4D810B2D14495B9FB0B878253826335AAAB0A825B66FDFD32CF592FD54A
                                                                                                                                                                                              SHA-512:39D4670DA61E99E796282DB966114591E225F54E70DBBDE9A781D1066E7F4DE284148182B8BBD10B3EEF60BCBD79B327B3CF4810443C5462638BFC9AADC31329
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)................^.................................................._R.|......]SHb..................#.......x!..K...........$.......$.......$.......(........................................................................................H......X...........H...........0...x....... ...........P...................P............... ...x.......X...........@...........(...x...........p.......8...........@........... ...h...........p...................X...........`...........H...........(...........H............... ...h........ ..x ... ...!..h!..................0.......s...s...s...s...s............... .......0...............@.......P.......`.......p...................................P.......`.......................................................................................................s...............S...............s...s...............s....... ...................0...s...........................`...............0...........................@.......s...s...S.......................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\ComboBoxStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):12375
                                                                                                                                                                                              Entropy (8bit):4.601679376476698
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:KtcGqSNWa0XKg5gzwCpjfVEsxd9CDMISxvTwg+v1COCNoOCOCc4:RGlGXKg5gMUfxd99Rw
                                                                                                                                                                                              MD5:0D5F83CE30836BE4CBDBA1B5B0FA77B5
                                                                                                                                                                                              SHA1:D8169FF72B8D0B64E81EE10EED5342B95259B0E1
                                                                                                                                                                                              SHA-256:7EDDA00F6848787DB4BD38A04418D2F99ABA26D4296AFD67A3F67ABEC30C4949
                                                                                                                                                                                              SHA-512:1ED61C158622739CFD6CDBE79F2162884DB920FC01E5D733ECB8AE1166167B65355538AE7237BBEC029C1F6D6267350E40E1723441FD70BB0E2136817EF58659
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\ComboBoxStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):25684
                                                                                                                                                                                              Entropy (8bit):3.0114989260555665
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:hWFaWkzu7ywogYhY8XqqoiFQ1jdYjum0Z09a87sYtrqsyi6a0WJHQz3jM:4aTY8XlFQTqHFrdyib0WJwXM
                                                                                                                                                                                              MD5:9909FB7A0E6631B7BC8C0D2F437D6AC0
                                                                                                                                                                                              SHA1:0D5B61E96642AA9B757A42AC3CC4484259CB9042
                                                                                                                                                                                              SHA-256:0934AADFE5218C9423EC59762E8589314A21A0A029B899A7D9A4362B997489ED
                                                                                                                                                                                              SHA-512:4D0B89409543CC7AC629B2986629FA7AF739B952EAFF1326AAA5CD65235C87DFB116E9B4F116A2CA9A8455ABA3876375011FA9C2DD0FEF9A6422AF785F414D69
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...............Td......................................................I_.J..W..v0................#...........J........... ....... ....... ....... .......................x.......x.......x.......x.......x.......x.......x................A..x.......(........... ...x.......8...............h...........`...........X...........H...........(...x.......(...p...........P...........8........... ...h...........@...............`...........8.......................@...............p...........X...........@...........0........... ...p.......H...3...@.......P.......`...s...#.......P...s...#...........s...#...................................................................................#...............#.......#...........#...`...........#...`...#.......#...`.......#.......#...................`...........................................................#...`.......`.......@.......p...#.......#.......#.......#.......s.......s.......s...................P.......`...........s.......s.......s.......

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\CommonStyleHelper.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2688
                                                                                                                                                                                              Entropy (8bit):4.94846948198866
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MLBO6E+iCshVKzlOWGf0hEVufy9ZsV9hF1tgyTbb9f9IK:KBgUldGcQWX9JtgubR9
                                                                                                                                                                                              MD5:8FDB08DC6713B34EB276C2FC503CC84E
                                                                                                                                                                                              SHA1:5CCCC4CB7AF003671B694BB3C3CB2D75744B6EE0
                                                                                                                                                                                              SHA-256:75FEB7954038FC605A7A111592C16B83286716E4FD509615FDDC2419FA7AD98E
                                                                                                                                                                                              SHA-512:F17C7EF0A50A4843B2A645069E67966266EC134EE5CEF4C41B2790DB9EDC44C3E815639395A7046B8A5E297BE083AA0F83B7FEF0A7333B43FD77FB3D10015752
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Extras module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in th

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\CommonStyleHelper.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2564
                                                                                                                                                                                              Entropy (8bit):2.8965540579934848
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:0iCUCSbKmiiy4IeAtmJeGAcXWqAYXBGXoAb1D4jy88SgGgNgH8Ys/Bc1QDzxfolR:rCUCdmiip9AtcA8AwmoAlSgFYf1efoH
                                                                                                                                                                                              MD5:786B3CCC9B1D861EC1F3F8D9724D9813
                                                                                                                                                                                              SHA1:91E08695B8373BC346E2038BF023A22F6F53B7B1
                                                                                                                                                                                              SHA-256:ACC2463B8F8897997FDAE799C5ABC3DC202C37B499F3088244E35B60239D57C2
                                                                                                                                                                                              SHA-512:01F52AECC412F17372EBE09A44497AF707C0DB03287E34A2A5DC328208B36AED274AC65CEEEECA21C86C523CA6CD990A320373401037EFEB447C1E27D007D7FA
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata).....................................................................q.{.......5Q.................#... ............................................................................................................................................................... ...H...................X............... ...H...................P...................0...X...................X...........................................................Q.t.Q.u.i.c.k...........................Q.t.O.b.j.e.c.t.................................I.t.e.m.................................c.o.n.t.r.o.l...........................b.u.t.t.o.n.C.o.l.o.r.U.p.T.o.p.................................#.e.3.e.3.e.3...........................b.u.t.t.o.n.C.o.l.o.r.U.p.B.o.t.t.o.m...........................#.b.3.b.3.b.3...........................b.u.t.t.o.n.C.o.l.o.r.D.o.w.n.T.o.p.............................#.d.3.d.3.d.3...........................b.u.t.t.o.n.C.o.l.o.r.D.o.w.n.B.o.t.t.o.m...............................#.9.3.9.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\DelayButtonStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):7477
                                                                                                                                                                                              Entropy (8bit):4.457964454713401
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:KicGAS+yVHrMW1TmEmCrFUCz8Itym6kDQbp:4GDRBr3mEmC5VyvF
                                                                                                                                                                                              MD5:DD14E449040774CF0F8C297ADA0BB230
                                                                                                                                                                                              SHA1:33FF12A501046315450A488B3CFA9C360D7F766D
                                                                                                                                                                                              SHA-256:734198AE9B68B20931073ECEC580B3924006A40212A397A26854ACBA3C60D08E
                                                                                                                                                                                              SHA-512:E984BE5ECEA7260D68AE277C0A6F7EA5252B881B5B9195D0FF7BA7A7530E0691A77FC9A6A5FD9158B3D2D3706FDDE2D4C2B9A64A6607B7CB51D7C017CB9199C9
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Extras module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in th

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\DelayButtonStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16832
                                                                                                                                                                                              Entropy (8bit):2.9141612341375875
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:lWMWyYDYnjJ7VawAt8ixAARP9DUTOZ+ubfiXNAcdEPWi5:MmAWkh9DUabKXNAcdEPWi5
                                                                                                                                                                                              MD5:4F15ED59650CE6A69C4C78EB4ADA912E
                                                                                                                                                                                              SHA1:77A2189C5076D0F2040501F938833AE514C52714
                                                                                                                                                                                              SHA-256:52BCE8E2D7F1295C2F8ACCD37BDC81F61225C1EADD83F789054E206A9263CC1C
                                                                                                                                                                                              SHA-512:871E50D6302A2DF5308122E8DBA23BEE18AA3BCA98E2E12BE8652C49C1F5E21A6B0FDB08509833AFBE0F987900AFAEF280BF20790C745410074AD74184BD2A49
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)................A....................................................7?......^....................#...........*...............................N............................................................................................-......X...........h...........H...........(...p...........H...........(...........(...x.......h...........H...........(...p...........H........... ...h...........@.......................@.......`.......................................s...........s....... ...s....... ...........0...C...............0...P...S...`...........p...S...`...............................................................s...........#...............@.......`...C.......c............................................................................@.........?........@...............8.......8...............B.P.................B...........@...............8.......8...............X...................X.....:.....@...............8.......8...............Y...................Y.....:.....

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\DialStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):13309
                                                                                                                                                                                              Entropy (8bit):4.641284565398556
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:KicGjStkxvChpI1QjdAfKRhqfIWvw6/aJCiD2pp5opxj86L8PbWv+IzU:4GGAvn1c2SviE6/pkjfvS
                                                                                                                                                                                              MD5:C9ECBD290C4D4AF10D1F16652064D786
                                                                                                                                                                                              SHA1:7C967C254D293CC4D2ED5667053C02762A7F466B
                                                                                                                                                                                              SHA-256:68D38C22B76E28D994B587A9EDDADCDF87682A0F2678551FE67B68C737107B4E
                                                                                                                                                                                              SHA-512:A1887E899BA983050F84882F4BE70CAF055F4F945E7A7A91E864CCA95A55EB25B15DD4E97CDC2F7846A38D3994F23DE7323947B9AE50C7CCB5B063105AFCF670
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Extras module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in th

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\DialStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):18992
                                                                                                                                                                                              Entropy (8bit):3.2382403834754707
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:MLByX4xGNkT/VF0692zqL99OuAfP8IDkwRewMDr:20oKkTt59CqN6bD54wMP
                                                                                                                                                                                              MD5:3C6FF8ABCC700FD6985EB56F46623D7D
                                                                                                                                                                                              SHA1:9D2847B0CFA8B86C6F04AB7952CF671F0BD793C4
                                                                                                                                                                                              SHA-256:0FF17ACEB14EED54DB814A2B292DC3D5FF8F72F50AA6DD0CEA756639516AFEEC
                                                                                                                                                                                              SHA-512:DF453E48D62CFE9E9044D4AAE04223EE41ADC654C292B930EE0FEC7238A2918CF1AA51DBBC908FC2FD160339A6F3A38645D7360E126BEF8229BBF97C7445793D
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...............0J.....................................................7..`..Z....U`................#.......P...5...........................................X.......`........................................................................;...... ...........0...x....... ...p...........X...........8...........@...........X...................`................... ...h...........H...........8...........(...x...........h...........X...........@...........0...@...............................................P...0...............P...............P...................................................................s.......s.......................3.......@...S...........3...S...........`.......s.......s.......3...s.......3...............s...............s...........................3.......3...........P...........S.......0...3.......3...........3.......3...............................`...............`.......................................`.......................`.......3.......3...............

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\FocusFrameStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2195
                                                                                                                                                                                              Entropy (8bit):4.860641581432451
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:MLkjCT3QXf8WYwid0szM68qDRGNfFTNZbOWGf0HB+N7YiZTcfy9N9C2RE3P/z:MLoO6E+iCshVKzlOWGf0hEVufy9nC+2
                                                                                                                                                                                              MD5:AD01AD6DE4CC26FA4270567AC67899BD
                                                                                                                                                                                              SHA1:4504EBA68FECEB61AE5805AF8FCC9E8F46813368
                                                                                                                                                                                              SHA-256:4A6FDFC1C81341D6B4127DD76CF30A46CDF1EA080156327C641D93659AD10E4B
                                                                                                                                                                                              SHA-512:CC463C14BB9B6321B9E0B3B5F9864CA29E5899D8054CFDFA2458AB3FA5005F470EEBCD87FF3278718D1CC7E15C0184C81776D3C650CF9A0A49F2D209B998AA3E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\FocusFrameStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):796
                                                                                                                                                                                              Entropy (8bit):2.361046648782086
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12:0IzG8ssssssp11Lcz3/jt/c4XRvEENoZ4lc:0IzBsssssspPU3JbhMR1
                                                                                                                                                                                              MD5:1B33BCFD2994AE3F7783136980F3E078
                                                                                                                                                                                              SHA1:9B03F4F149AD4FE25F25829FD5E4235303200625
                                                                                                                                                                                              SHA-256:3DA9343F01C3002E9A952BD3425431C5C81CCA2028305A4E0211C618138B41F1
                                                                                                                                                                                              SHA-512:23B70B9BF4F6236B8C8E3F5C3953B157437CB2059BC3CFADC5A830CCA90E40E75EF92B84F0E15EAAA9FB62F0E09BFD25E5AF7F9656DA39B9BA164FC78F06EF1F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...................................................................".a..a(pL.\...[................#.......................................................................................................................................H..................? ...@...h........... ...........................................................Q.t.Q.u.i.c.k...........................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s.................................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s...P.r.i.v.a.t.e.................................I.t.e.m.................................m.a.r.g.i.n.................X.......................(.......................).......................*...\.......................T...T...`.......`...`.......`.......x...1.......x.......x.............. 2.P.................2. .2...

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\GaugeStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):22836
                                                                                                                                                                                              Entropy (8bit):4.299447926284382
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:KicGzSPBjuH5kOOqqOipbNpymTjDIkE6ypij2RsDPjdBfNDL9+:4GW0gJ4EdEdYjho
                                                                                                                                                                                              MD5:7C3C99E2E1F2D6D7AA20BCEE398DA6E5
                                                                                                                                                                                              SHA1:146F9AEC406A1C8921608C42399BB8F07D5A4F95
                                                                                                                                                                                              SHA-256:47720FB3600A64E782D23C316B88E2A0B8C04DDB4145C4F3FC715C88E5C4AC58
                                                                                                                                                                                              SHA-512:578F5B75B7227138994066997E79A0DA7473172220975AC9298C58CB4CAA6C32DE484AB8A01235F374C80882B85D114324D7AAD20F17BBFB417EAADA4C5E3CD6
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Extras module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in th

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\GaugeStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):30776
                                                                                                                                                                                              Entropy (8bit):3.3385668305513083
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:G8yAxQCIXi0du/Eu9dAU4vhlt6Ej6WXWepCgJtntZKJ:9v2A8LU4V6WNtZ4
                                                                                                                                                                                              MD5:E57175D65E71212F1E5595DAFD629544
                                                                                                                                                                                              SHA1:E80A8792C8229D92A53C62C1E7762D85C9A9D4D0
                                                                                                                                                                                              SHA-256:221A1969368CF082740A31D969416578C105CFF46E545EECD3FDB2D382BF57B8
                                                                                                                                                                                              SHA-512:1402AE7A06FE974686DEFB0F352E5BE2118B7B94A5712C525A5699931701B289B6564B30A9519C2D0E6436C59EFDECA83F3B30BCC2B82B3E3043DA34062F70FA
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...............8x..................................................rj..].....e.$/................#.......(...\...........h.......h.......h.......p.......................h.......h.......h.......h.......h.......h.......h................U..h...........X...........`...........x.......P.......8...............h...........H...........p.......0...........h.......x.......@....... ...p.......P...........0...x...................`.......0...x....... ...x.......P...........8........ ..X ... ..0!...!...!..."...#...$..P$...$...%...%..(&...&..('..x'...'...(...(..()...)...)..(*...*...*...+...,..`,...,...-..x-...-..........C.......P.......c...........p...c...c...........p...........c.......@...p...c.......@...p...c.......@...p...c...c.......@...p...........................................c...c.......@...p.......................................c...c.......@...p...........s...............P.......@................... ...0...........@...............P.......p...`.......p...`.......................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\GroupBoxStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4956
                                                                                                                                                                                              Entropy (8bit):4.6040064729782575
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nC+/GZg3EQ4UWgqk3DJCHB0YpD+0mXkupan9N:KogUldGcQWgG++KvzJu0O+pkXol+1
                                                                                                                                                                                              MD5:551C67724C444056F370802198A7E5E9
                                                                                                                                                                                              SHA1:E87F2AF2D3DB8407A3E467B613191C9C268FBB41
                                                                                                                                                                                              SHA-256:A87CAD5B0BA3FE0E67F183EE47F33B0F92E733ED3150821C0DE76D8AD7A3D664
                                                                                                                                                                                              SHA-512:7CE6B704CE5B36EB2A88ECB77CD86EADEB9E6B579412E657FA94764B04E2BA4E9F006B0089DE1A4587DD925F9130DD4358541FF40E26922F369FDCC06FE72B48
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\GroupBoxStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):11064
                                                                                                                                                                                              Entropy (8bit):2.806526063215661
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:lYH7AAxWw4gucKsiEFJbbITn6TlfHKNE9vUB722zKIocXQsnyxwS02S:+ZYw4guc7blMecXQwyxwS01
                                                                                                                                                                                              MD5:96E7B4BD1E4B59E6D64FF232C69B5BEF
                                                                                                                                                                                              SHA1:CE56A5FBA71BE1D237BF884810B47748380DC642
                                                                                                                                                                                              SHA-256:CD5DB52E37C71F2327E8D68080FDF2BB35FBA7A2D0244E2D3F01A7FDF911BD60
                                                                                                                                                                                              SHA-512:6D580D0B66FC2AA466DA95DBF655881F2C66CB398ED418238AD00BC307D77C5D76F314F3C15FF1909CE73A037CEF932947AF8D41ADA89042FA7A539656C56DD8
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...............8+.....................................................Y..........................#...P...H...............T.......T.......T...3...T....... ....... .......p.......p.......p.......p.......p.......p.......p...................p...........x...........X...........0...x...........`...........8........... ...h...................c... .......c...0...@...c...P...c...@...s...c.......c... ...s...s...c.......s...s...c...P...............0...s...........@...c...0...............s.......s.......s...............c.......s............................................................................@........@...............8.......8...............6.P.................6...........@...............8.......8...............A.P.................A.........:.................@...#...........8.......8...............:...................:.....:.:....`.J...:.L...:.H......|.........@...............8.......8...............H...................H...........@.......!.......8.......8...............

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\HandleStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2849
                                                                                                                                                                                              Entropy (8bit):4.799975439686825
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MLBO6E+iCshVKzlOWGf0hEVufy9nfAerCvgC/5qs4pn:KBgUldGcQWXLA
                                                                                                                                                                                              MD5:4F524B56A3AB03D69866D757F7789BFE
                                                                                                                                                                                              SHA1:18329971CC6F7DFD0620FABCB68EB5A14C3D385F
                                                                                                                                                                                              SHA-256:0C49EED4E013CD6D921A73A362AE0B49288C91377CB1A6FD1D9A3C1A79DB78D0
                                                                                                                                                                                              SHA-512:67D1E2D8E1AF463C850B672121970489A9FB19C6E1ECEC278FE7D40FE8057EE6598B2CE87DB9F1B11D633863E704C17C1F8CDB5E360D040AE3842008208DC3AA
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Extras module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in th

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\HandleStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3656
                                                                                                                                                                                              Entropy (8bit):2.6937189609249783
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:4rssn0OzDRmXRwR7SRDVqIRtMVRBumDFERynksK1Y2QAvJAbJlYsgTSKv:Cssn0y1eacJPtMzBukGOKGWvL
                                                                                                                                                                                              MD5:8C0854577699A7629EFDA32131BE2CF8
                                                                                                                                                                                              SHA1:1C4D275B16C777649C28EA16CFE6CBA8769647D8
                                                                                                                                                                                              SHA-256:230662718DA2C6AF495B462F42F17ABB4B2B915B66557DC9196116C698784127
                                                                                                                                                                                              SHA-512:B3EDF93522E4C6E273DA94DE0B7CCB78440143F589F3EC3DCB79A0AA4C79B590A6F341BAD32B13EBE1C2D594B0E221E359D8454F0BB1D661A641193F25D74FAB
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...............H...................................................E..:.m..Z,...T.................#... ...................................................$.......0.......8.......8.......8.......8.......8.......8.......8...................8...........H...........s.......................................X...............8.......8...............>...................>.......?.......@.......A...........................................@...............8.......8...............<...................<...........@...............8.......8...............H...................H...........@...............8.......8...............I...................I........................... ...@...h...............H...............8...x...............0...h...................X...................P...............0...`...........................................................Q.t.Q.u.i.c.k...........................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s...P.r.i.v.a.t.e.................................Q.t.Q.u.i.c.k...E.x.t.r.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\HandleStyleHelper.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3955
                                                                                                                                                                                              Entropy (8bit):4.902843047893749
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MLBO6E+iCshVKzlOWGf0hEVufy91Bbyx4leoEB5wPCLXmic0uV5llN7Dmic0T:KBgUldGcQW4Bbveoa5wPKc5B7DT
                                                                                                                                                                                              MD5:518B479E244913265C2805AA261295E7
                                                                                                                                                                                              SHA1:6CC7C85DED85CBD12067D469040FE356FE905147
                                                                                                                                                                                              SHA-256:08B3432BCA020144EEE63A8EBA54FCD9DE6ABAD39368E316EA5EB3F627E8C113
                                                                                                                                                                                              SHA-512:D1C05E98F2615F6245767CC03D8368FE605AE50DDBD19C3F3DFE894BE26ADDB4844944B7207B417172DFEC561FD2EBED02E4B52199A414C31BF63525ED6E5FBB
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Extras module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in th

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\HandleStyleHelper.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3404
                                                                                                                                                                                              Entropy (8bit):3.4476532270828906
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:RkkrZYWUl/jrnAC3RmhRnRWlrSRHR/SR0R+RtRpjR5NhAzt2d9qF:H1U9jrURQsxQ2c7pV5Nhkgd92
                                                                                                                                                                                              MD5:D87413CBB5BF2AC58F353376A1F70475
                                                                                                                                                                                              SHA1:CA47A97FB96C5452A015267E7BD93178D3026068
                                                                                                                                                                                              SHA-256:FAA9F227D344C30CA20E76487B31F8BA10183829EF6447DE3286511B18AA77F9
                                                                                                                                                                                              SHA-512:C4BEDC648C7DC626DD8BE5C91F5038EA9492CCDDC40415FC48393149AA10633E62AC13D711D48E1F3537015D7D66087A871DAAC3D331FBD48B660746DDAB3E8C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...............L.....................................................4....l.%.3!...................#..."...................................................................................................................................................3...@...P...`...p.......p...............C...........c.......................................................................ffffff...........O..n./.........................@...............8.......8.................P.............................................@...............8.......`...............8.P.........................................................8.......9.......;.......<.......>... ...?...#...@...&...A.......B...6...E...?...F...g...H...s...I.......J.......K.......L.......P.......Q.......R.......S.......U.......V...I...X...U...Y...a...Z...z...[.......\.......].....................d.L.....:.X.L.. .. ...:.:. ...:.:. ..........................................................................................................>

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\MenuBarStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5266
                                                                                                                                                                                              Entropy (8bit):4.7800368857594115
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:KogUldGcQWLSSQ7FUtyV0zZnr64Hlvsy3A:KtcG8Sp74y+zZ79w
                                                                                                                                                                                              MD5:72E9D9E9FC99FA5DE5157CB65CAB7F49
                                                                                                                                                                                              SHA1:8D973BE620F3BB6DCE39165DE53C2791907A8D14
                                                                                                                                                                                              SHA-256:10B0380B7358DC7AD70A5DA292BEE8278A7171249C8E6B64DDDBDC4D64D6885A
                                                                                                                                                                                              SHA-512:76AFF6AB7DE904EC73CC05DBFD7B76992CC0051BBF5CAC563883C6D29C4BAE47D21BD5B11063D2292B06772BE55D7C7974E698A155931FAF403C30471C5A0CE3
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\MenuBarStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5312
                                                                                                                                                                                              Entropy (8bit):2.888961910430735
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:Q5iTg5J1sf3NHtfGsNoWnWUpZNEr+WGuvNkwv:0iTg++Kwgub
                                                                                                                                                                                              MD5:E9C5703E697F1A96E4A9D0FDF49EA8F2
                                                                                                                                                                                              SHA1:5DB4D3472C9CB8452F43616396F636C45BA24B8B
                                                                                                                                                                                              SHA-256:92EE0FC2B8056AFE82FF34DC180F4D5AF632244D4ECF85CFD162FDAA1477B170
                                                                                                                                                                                              SHA-512:0A2FEED64719705176001F26E5EE7EF79D818EC03297ABEB1996CA4FFAF797D5AFFA3AA3AA939E6F75FEF7A9FE26CFFE7ABE7BD2F3DF7BADDEF2D492B6BD8290
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...................................................................!H...8.!.E9P/.................#...4................... ....... ....... ...$... .......................................................................................h.......(...x....... ...h............................... ...s...0...s...@...S...`...S...p...S...P...S...p...S.......c...........C.......C.......S...p.......#...`...S...`.......3...S...P..........P...............8.......H...............G.P.................................H.....L..........H..................@...............8.......8...............e...................e.....:.....|.......@...............8.......8...............f...................f.....:.....|.......@...............8.......8...............g...................g.....:.L...:.L..(H..)......@...............8.......8...............k...................k.....:.....@...............8.......8...............l...................l.....:.....:...............@...............8.......8...............

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\MenuStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):19028
                                                                                                                                                                                              Entropy (8bit):4.517836433157375
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:RG3wzT7/U9hj3mJx81JDleATgJxKmgGTuNBb6v:RGgzT7/U9hjjeAEJxJ
                                                                                                                                                                                              MD5:FFAAC9E0AA74D8288693E93C3D535183
                                                                                                                                                                                              SHA1:0D8F124B31CC2CD66B769A0B462C3C95D7F6E7C3
                                                                                                                                                                                              SHA-256:89F8F0FC50908E19EC2ECFD39AC53663E95488812E8B05966184E25B1139DF11
                                                                                                                                                                                              SHA-512:B269B9F9B6143835A6F2A8B36C3560C545C8AAD6933792714765EB9ACFC38A2240ED660832338613F836B5B7A27814B0839BAD433D6259E0D6030C56EB3DE06B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\MenuStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):27256
                                                                                                                                                                                              Entropy (8bit):3.1193912423858268
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:9xCJMyDoca2QQkaNNI/NZJbgDpmQvbGYhHwDD7mYrfIInnSDC4tROQAUuGI9s/aW:SKUNcusObG+HxYrPnnSO4teG9aLU+89
                                                                                                                                                                                              MD5:E46156238F671492FB9E2398926E684E
                                                                                                                                                                                              SHA1:EBCE08C270B9BDCC88AADDD6DB320C57236D3C9A
                                                                                                                                                                                              SHA-256:7D7DE4F9DDCF214B36F4C2AA0E925F2F1CB1926EC0A1F1A1D8E51314A3148B11
                                                                                                                                                                                              SHA-512:4C75C13E67885DC8FA58BF8E17CDB9996D22CC4629D8F5C78FF1676619A6290C80D65428FC01972E13DF1E29E2DD11D8048BA970476AD401DE50D16F58BA1D12
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...............xj..................................................\t...zY.I%..Y................#...........D...........................................|................................................................................H......x...........`...........P...........H...........@...........(........... ...h...........`...........P...........@...........0...............`...........8........... ...............x...P.......`...........P...........`...........`.......0...........H...........`...........................................c.......c.......3.......3... ...............................3.......3... .......C...c...`...3...@...C...P...C...`...C...c...`...C...3.......C.......C...........C.......3...@...C...P...C...`...3...0...C...3...@...C...P...C...`...c...`.......c...`... ...c...`...@...c...`...`...c...`.......c...`.......c...`.......c...`.......c...`.......c...`.......3.......s...3.......3...............3...............c...`...........`....... ...3...............

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\PieMenuStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):13619
                                                                                                                                                                                              Entropy (8bit):4.526104451067634
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:KicGPST7AttX6JwMo4n2j6CMFnA0HxogPyXccLZV1TSSEZE2qdBQBKk3ThdR:4G6HxfVRJWX1TSSEZEpBQBKc
                                                                                                                                                                                              MD5:4331645D90F0E38D2486BB5B2C1E402C
                                                                                                                                                                                              SHA1:BD5548BF8894E5BD20253A691E756A4702CAB0C1
                                                                                                                                                                                              SHA-256:2E181DDA4E3BE6B21B5141C7B235E93FB25EAA54D21FB3038BBF861C9B445306
                                                                                                                                                                                              SHA-512:D1337FB0148808E24FF0BC9AEADDAC4837428DB896830A7092078B128B5968DE59E4CB7244AC28632F63540FCA821872F526B23CBC778624DABAB81B6E981346
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Extras module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in th

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\PieMenuStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):19552
                                                                                                                                                                                              Entropy (8bit):3.160341341027771
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:7h4tTgqgqU1vD2IWiFQZMRSIAYHKyI4GNfJQZcTvUGjK52DMiZn:eFjeFvkN7xXT8F57iZn
                                                                                                                                                                                              MD5:4C85BF9777817B4A4B98D3BDE8CB0D87
                                                                                                                                                                                              SHA1:C7A67D2F56A6A0B60664EF6609219299DB42093A
                                                                                                                                                                                              SHA-256:529B297A30AAD00EE68241B603290927B6A4DECADDA8F9BF69D8B787B7CE4896
                                                                                                                                                                                              SHA-512:51E5BC2A3BDFB7A083D8D7F62274794ADCC5CC99BB85EA39A853729749D06F7558A1D0B3B52908A168A5E60E35173C8F41F707AC13BDC7EADCBA57FF0DDAB258
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...............`L.....................................................m2Y$".e..q...................#.......8...1...........................................................@.......@.......@.......@.......@.......@.......@...............x:..@...........8...........H...........`...........P...........(...........`.......X...........@........... ...h...........@...............`...........@...........(...p...........X...........P.......(...#...3...@...3...@...S.......p...........`...c...................................................................c.......c.......S...............C...S............................... ...........................0...`.......Q....... ...S...p...0.......`...Q...S...........S.......................s.......S.......c.......................C.......C...........C...............#...C...c...........................................................................S...C...#...........................p...s..........................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\ProgressBarStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):9671
                                                                                                                                                                                              Entropy (8bit):4.398147008349299
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:KtcGfSf6PYKu6KmdxGjeSunJPqvGeOuJ41jHkPx:RGKygzinJPex
                                                                                                                                                                                              MD5:C29EDE2738CBEB5AFCF438CCB0AC5D0A
                                                                                                                                                                                              SHA1:D71DEB3F6FB577FABCA903C22EDEFCE9082EB284
                                                                                                                                                                                              SHA-256:D3FAAFA6630BCD03E81DDE2D87486CBCD0C4A5B20785C74342F37E002B65A2AF
                                                                                                                                                                                              SHA-512:8D6E88B5B1AAFA8558C17E365F95C51C0E063D6DEE1ED12BC864B3AC5D370F4AFAC71A20F16751AAF130C991D57F9295B567AD7618FE87FAA7C3EF57202374F9
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\ProgressBarStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):19268
                                                                                                                                                                                              Entropy (8bit):2.976968452247448
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:Umwu8hp5O7Myp03lJwrRl7eH9l4dSnl65HHiIjllh:UME/yQwS0Sg5HHiIhH
                                                                                                                                                                                              MD5:B3A85DF74A632C75FC772B10A3FA0092
                                                                                                                                                                                              SHA1:D3D198651B783278BD54530089E8EBACBBD1DD60
                                                                                                                                                                                              SHA-256:47ABE3AB1B1E9B2CF366795C50E284B639DEE5E2C59447752A2A10EFF0907A70
                                                                                                                                                                                              SHA-512:C7778F431CFD10E803E71C79C0D14FD715B2EF7618F99215DE5BE07323848D7AEE7C5ACF5456B35A1E646099311F95B3B639B81D85153CE1383B04E1D5BCC605
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...............DK...................................................)..VP.._.x9q...................#...|.......7...........................................................x.......x.......x.......x.......x.......x.......x................0..x.......(...p...........`...........H...........0...x...........X...........H...........8...........8...........0...............h...........X...........H...........P...........8...............p...........P...........@...3...s...@...s...P...s...`...s.......0...s.......3.......3.......3.......s...........s...@...s...............s...P...s...@...........s.......................s.......s...........3...........s...P...................s...P...........s...................0... ...............s...s...0.......0...s...s...@...s.......s...@...s.......s...@...s...s....................... .......0...........0....... .......s...P...s...........s...P...s...........S.......#...........s...S...........s...P...................................................s...

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\RadioButtonStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):6421
                                                                                                                                                                                              Entropy (8bit):4.608996006455668
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:KogUldGcQWW/SYUpuj3wPSmnEJqZJ/49kGAd/dR:KtcG9SBE8xnEJy49knrR
                                                                                                                                                                                              MD5:D03303AF79AE603CFBE6876482F053A8
                                                                                                                                                                                              SHA1:C8F44F484B05C75B8D081B89BEA1703BC9713E99
                                                                                                                                                                                              SHA-256:A5A0081052F3AE4C8D97472CA1AD6AD67E8C4A05758143CB18CA8E99114DFBAA
                                                                                                                                                                                              SHA-512:BDCED49DFE5E8F6C9DD00C432EEB5643C81352ADD3698D683AC9AB2440C4942941DFAA253BFB9C492A4B8BBD7E5D9C5A75A046B88931552218565AF0E4D154C1
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\RadioButtonStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):14128
                                                                                                                                                                                              Entropy (8bit):2.933463254973183
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:f6yKdFZ6qUT4wLwIfxJZbxqfSHmBse3NWCklw0EJ7rwEAvPYqPBRvIKX4Ro/fuuh:f6yKlqT4wkISl6iOvwKouJlr
                                                                                                                                                                                              MD5:B6043189128F0F1EF769BEAEAD85AC66
                                                                                                                                                                                              SHA1:FADA66D0EA28FD11EE1B34EEF900267FCD681B59
                                                                                                                                                                                              SHA-256:FFD86AADCD6B8679A22CAFF12367FD1915195A9AF59E57CA328F63018FC0A75D
                                                                                                                                                                                              SHA-512:D02FBC74F13A8F3FACEDE511F4FD721A8B47FC7DE9C856DB8B0CE13A0476A472D2862A24B82071FA74313C035A53C157099D0C50DAF2132714C543CFF82D959D
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...............07..................................................5...-/......"..................#...i......."...............................d...........................`.......`.......`.......`.......`.......`.......`................$..`...........P...........0...x.......(........... ...h...........X...........H...........P.......0...x...........P...........(...p...............#...........3.......3.......3...0...3.......s...@...3...S...s...0...`...s...s.......0...........#.......#...............#...................s.......s...@...........................s.......s...............#.......c.......3...@...3...P... .......#...............3...`...3...p...........3...`...3...p... ...........3...`.......................S...........3...@...3...P...3...`...3...p..................@.......?...............333333................%.........................@...............8.......8...............O.P.................O...........@.......,.......8.......8...............o.P.................o...

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\ScrollViewStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):17548
                                                                                                                                                                                              Entropy (8bit):4.574607698856005
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:KtcGfSi2rZovoKAZCv8pbLGoTR9uDHmnuwPxmEaTjQe0RJ6jGHE:RGKVUlAZs8pJR9uDHi14TjQHRZE
                                                                                                                                                                                              MD5:96833FE6D42FC67244982F05C244788B
                                                                                                                                                                                              SHA1:0469818E36FEF3B4F009E7AA79A3BFC183817B35
                                                                                                                                                                                              SHA-256:8E89154CBF7946D7655149B7F6AED77528C95A88F3F7677C2D1579DF9A3DBDF8
                                                                                                                                                                                              SHA-512:F5D2A22D5621DB4E7DE9CA005801A16507C8271568F8F9950B04E76CF48BDB159854854071E05FB727BB96ADD1D927C6290C7E8C7107516A872F58F0315282ED
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\ScrollViewStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):35988
                                                                                                                                                                                              Entropy (8bit):3.2005111570241023
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:31JDbE9qyEJPDcygx33SVfsM3oIH3keOL3L0:31J89qyExBm33SdV4IHw3w
                                                                                                                                                                                              MD5:6E26F39B3B97378A76D80A494CF4C47A
                                                                                                                                                                                              SHA1:79DC43C3CC819325CE8E41153969B9657817A154
                                                                                                                                                                                              SHA-256:4AAB51AC7A35BB70C015C146328F921E8C54D6DEA1E97FD0135C6C33B8ED354C
                                                                                                                                                                                              SHA-512:E27733D1FA1FB622341E15190C42407D125CBC7206B9DB899E4ED40D3B416AA2277BA5B818235E3FA3871B6E4BB34EEDD54DD0F168C5789386768D1194FA843C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata).................................................................../pu.#^ex._".3.X.................#........2..m...............................q...........................................................................................@`......8...........(...p....... ...p....... ...x...........`...........P...........X...................H...........8...........0...x...........`...........X...........H...........8...........(...........0...........(...........(........... ...x.......(...p.......@.......0........!...#...#..0$..p%...%..0&...&..('..x'...'...(..X(...(...(..P)...)...)..8*...*...*..X+...+...,..X,...,...-..`-...-......X......../..`/.../...0...0..`1...1...2..P2..`2..p2...2..#...3...@...3...P...s...`...s...........0...........p...............p.......C...3...P...C...#...3.......................................................p...............p.......3...............C.......0...C...................C...#...................C...#...........C...C...C...C...................C...

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\SliderStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):9011
                                                                                                                                                                                              Entropy (8bit):4.524730875753044
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:KogUldGcQWw/S1DvNkmF0vPwkGO+YCd19MznVXwznoaHFl4a3PkaCAc0rJ15o:KtcGpS17qPwJTd19inV8n3L52
                                                                                                                                                                                              MD5:683EF25C8A8FAE7C5C6ED4E90F6638AD
                                                                                                                                                                                              SHA1:8C81D572D01C9C7A9C7B1B871BE68576812F6447
                                                                                                                                                                                              SHA-256:2A7D2BFC834A4A902EE60361A669355CDA0E401823F42137B83504F97BE0723D
                                                                                                                                                                                              SHA-512:D334AEDEE899EEEC7AB63A837F71DB23C43A6FCAF0D768B71CC716BDAF9F3AFB8D81EF98CE037C77DC61B07CFE4F295DB1E3FA0257F79464C325FAC140C2602F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\SliderStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):19176
                                                                                                                                                                                              Entropy (8bit):3.005812541026281
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:8bHeEWJF80XI0KbMkQ5GdKvXjQH7pfl4VmVd2x8RFiPbB3MdPd/d:8bHeiC4MM4vXjkpw8Ix8RFiP5+/d
                                                                                                                                                                                              MD5:48872F787098940334F5D87B880ED220
                                                                                                                                                                                              SHA1:B0309FAF05753A287F7112D7404A781C097AC746
                                                                                                                                                                                              SHA-256:A4441507B26D0325EC7FFDF4E12E51A7E8A4F4A3C77BA6B78866D3C675476379
                                                                                                                                                                                              SHA-512:64E2C2123F107ABEDB071CABC3B3C0FF11959C3255C802B1271F0323734433D445989421B27964DD059759ABB6D1B1FEEFBBDF505E6D3ECE4F4B9F946713F6F4
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)................J..................................................n....IH..A..~.B................#...|.......1...........................................8.......@......................................................................../..........@........... ...p...........X...........@...........H...........(...p...........`...........p.......(...p...........`...........h...........P...........(....... ...........(...................3.......0.......#...C...#...s...0...C...s...`...#...s...`...........0...................0...........#... .......#...........#...........#...............................s.......s.......s... ...s.......................3.......@...............@.......@...........s...P.......`...s...............................0...s...0...............................................................p...#...................#...@...#...........................................#.......#...@.......................s...................@.......@...s...........#...s...........

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\SpinBoxStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):9683
                                                                                                                                                                                              Entropy (8bit):4.650784716910415
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:KtcGAS9ZBKlV06nI8IgD7KCOCNoOCOCc4:RGD9qlVs
                                                                                                                                                                                              MD5:0FD415924CB1244BAF277FE75A81795B
                                                                                                                                                                                              SHA1:446E5BAAA1ACFF2D90397226741A8C49E4572B7D
                                                                                                                                                                                              SHA-256:C92EA6D633E4B5CB1C2B547096D67AAB6476A9C7493ECA9773835A2FFA4E22F7
                                                                                                                                                                                              SHA-512:2D55EAE74DF7E2A5C0FF73A0A94214F3AF139ADFE7D28B84CEB21C181CD51C53349C082E372048D58157AEE18ED653E5BCBBCD7735FEB4A604B309A0C334EBF0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\SpinBoxStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16484
                                                                                                                                                                                              Entropy (8bit):3.052615289793909
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:XgcoD0HWWGNC4YcxLUSTvq+Qk9J6QvbIWxCr4BiGK23gfSHYdk2486M16sZL722L:8D0HWWGNC4YYUSTvq+QB8bIZ6Y7H7j
                                                                                                                                                                                              MD5:98C22F1835A3A21C61721E5A4B3ECAEB
                                                                                                                                                                                              SHA1:4F2CB349BBAE643000655EECB627B0ACEE209A89
                                                                                                                                                                                              SHA-256:C00C49876BACAD35771E023258FB69DCFD4BB7BCF301B879BE241DEBEF2FF04D
                                                                                                                                                                                              SHA-512:372B757E60A6759DC9746C52A622DC075AF2AA44F8F92B642AFDC9BA4E73137A62858DF6D0CB9F0878E94CF8046974A397595415898CCDBF769C01C445C1DD1A
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...............d@......................................................3...........................#...}...H................................................................................................................................/......X...........P...........X...........`...........P...........X...........0...............`...........H........... ...h.......X...........0...x...........P...........(...p.......................#...s...@...0...#...s...@...P...#...s...@...`...s.......................................................................s...@...........#...........s...@.......0...#...............................@...................s...P.......`...#...s.......`...#...s...p.......................................S.......S... ...S...@...S...`...S...........s...#.......#...................s...............................S...................#.......0.......P.......p...................0.......P.......p......................................?.......@......E.........333333..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\StatusBarStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3884
                                                                                                                                                                                              Entropy (8bit):4.638852057422492
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nC+CSNvd4asGbViYjJ4:KogUldGcQWFSca3bpjJ4
                                                                                                                                                                                              MD5:D7CED5BF6D92DE149E1784EFEA96EB89
                                                                                                                                                                                              SHA1:C29645EACB257B526A17F921B4D19463AF3382B6
                                                                                                                                                                                              SHA-256:E9C144D88DAB0D146F3B32023313BE166BF4FC73E589F4143F4417641789F3D7
                                                                                                                                                                                              SHA-512:4F0D7F0B447CE10875D60C2EDADA25B9864F9F9F38005C66D45531822927B93FFC6447BFEA7BB3268DC748901F53D3496B39C004B1DFC8160614AAA4A5E2A14C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\StatusBarStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3764
                                                                                                                                                                                              Entropy (8bit):2.57807237951153
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:OqcfKJs/NqKCiNH+Dk7UYexnkVM1hk+LjzLv1QMvVZ:X4KJslf3NH+Dk7ad1
                                                                                                                                                                                              MD5:80628C8427720CD855AE1D9903743A8D
                                                                                                                                                                                              SHA1:DD44E5792B2BEBCC7C4EAB33BD832884FBBA262E
                                                                                                                                                                                              SHA-256:F994868CD98CA1DDA6F6FA391F7332DD4367D0DF6797E14E06BFAF4215C97E31
                                                                                                                                                                                              SHA-512:6E14B6F02AB42C54B97BDC4C22011F62973B1C6CDF384A4FA601F1C85493657E1CD36DB42732D5C9249A0D133D6ED6D33038F23FE2FE427E728EBDAA2D49FEBB
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...................................................................G0..FH._...u..................#...!...(....................................................... .......P.......P.......P.......P.......P.......P.......P...................P.......................p..............................................................@...............8.......8...............i...................i.....:.....@...............8.......8...............h...................h.....:.....@...............8.......8...............q...................q.......................8................... ...H...p...............8...p...............(...X...................@...................(...`...................................................................Q.t.Q.u.i.c.k...........................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s.................................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s...P.r.i.v.a.t.e.................................S.t.y.l.e...............................l.e.f.t.........................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\StatusIndicatorStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):9088
                                                                                                                                                                                              Entropy (8bit):4.501823834100412
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:KBgUldGcQWVuSqw1Q8aDFxHfI781cOMKjhKhqfaLR9XpNqgqgH/mOVGOsDMqRZd5:KicG9ScHHf51cAhKhqcR9Xp+P1B
                                                                                                                                                                                              MD5:10364A6BE9565F48A752A82424D221AA
                                                                                                                                                                                              SHA1:D33E7D56A711AB8EC4F4776A948F5518F3F49A53
                                                                                                                                                                                              SHA-256:50553CE68ADB869229ADE37DE56D3517947ECA4A2C0098A0F3F765329A66EB1A
                                                                                                                                                                                              SHA-512:E6E278AFD9E9304693B341128B3E6B995438034D955CDBEBC039CA2FEBAEF4B1ED426E86E7878A0E1FA0F7210D91663E890F3F0D596A7CE5475C8ABE6139BE7D
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Extras module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in th

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\StatusIndicatorStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):13600
                                                                                                                                                                                              Entropy (8bit):3.318924337049846
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:DujRpsTYiQ3Bcepw1lzRMASWKpGMiIcMelRui+QGQeebZlWUDtKfUThOtVHMTzsr:gpzS1RHSWK0jIDti+Q2TH+uLDyuWsd
                                                                                                                                                                                              MD5:AF3EAE476D5E90D2474651C5B7D7BA9E
                                                                                                                                                                                              SHA1:4A4DA17884299D837684494F0CB86F82268D97D7
                                                                                                                                                                                              SHA-256:2D57578766B0825F5CAD63BAC665F3A81E132A610C472CBE1998D1A387A4871C
                                                                                                                                                                                              SHA-512:16472559F1B63459E9ABF732AD692B9C6DF7820DD7CFB935619C57AC319F0611F675D2F95F502E92D52A59F7DDBE190678B7CFFF031B8866496687CA404D62F2
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)............... 5....................................................>..P.q8I.. .................#...V.......$...........................................D.......P........................................................................(..........p....... ...p...........h...........X...........@.......h...........@...........(...p...........X...........H...........H.......(...p...........................................#...0.......@...........3...S.......s.......c.......c...............c.......c.......................................#.......@...0...........@...#...0...#...0...........................c...........................#...................S...........#...................c...#...........................................@...................#...0.......#...............................#...0...............................................................@...............................@.......................#...0...............................0...#...S...@...................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\SwitchStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):6038
                                                                                                                                                                                              Entropy (8bit):4.651338885566638
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:KogUldGcQW6SU0ivWUa0fjra3HDT09IAY5ACDzZZ:KtcGjS0WoyiJCRZ
                                                                                                                                                                                              MD5:FFB5F8291B67A3FC45CB766FB5401269
                                                                                                                                                                                              SHA1:0EEFD1249ED80A0565635814FBFB856F02D8B73B
                                                                                                                                                                                              SHA-256:56F01C435E5BD0B6ED7CFF22B68651AA2CAB6018956284E97220F6BA46C47333
                                                                                                                                                                                              SHA-512:BD77FD4211FB1774369F7F209B0AC8CEE392B6F604CAE0B493C5505F24F3256B30BB6F2989388AC3B8C15DDDC9738A00378B758117DF4B915D69D631CC88EC55
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\SwitchStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):13932
                                                                                                                                                                                              Entropy (8bit):2.9666680395063736
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:B/zWs6EiT0QP2fIuXkFCVJsvPdHwLfk/oZQJX8XER4+g+1FKAN6yVp8G2U:BrmvAQPkIu8C4W6Jh6yVu2
                                                                                                                                                                                              MD5:5AC6DC7F437073B47285482FCEB98700
                                                                                                                                                                                              SHA1:01C0A3BF912C89A0137F8A1F83D967F59EA6DF17
                                                                                                                                                                                              SHA-256:AED23BD6DDE1C7349C3D69C3511B468016D339F272DEFFB414907A83D26924A8
                                                                                                                                                                                              SHA-512:3D99AE7597D55FD5855853843E47F054952684D680E9B46AB2F13788A2C1760AA6FD2E294F212C1F8B0C26E5EE44DA767B8569C26C4DF24A3FE936997E6E83F4
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...............l6..................................................2........m...a.................#...a...P...$...............................x...........h.......p........................................................................$...... ...........H...........h...........h...........h...........X...........8...........@...........(...p...........P...........(...p.......................3...0...........p........... ...............`...............@...S.......`.......s...............s...................@...S.......`...S.......`...S...s.......s...........S.......`...............s...................#... ............... ... .......3...s...s...3.......3.......................p........... ....... .......`...........3.......p...........3...................`.......p...#...3...................c...........`...............`...........3.....................................................................5........@................333333..........ffffff..........@...............8.......

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\TabViewStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):7770
                                                                                                                                                                                              Entropy (8bit):4.62722489903996
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:KogUldGcQWHCSowyJ7pSQMBd+3X1yLv58TDjFLfoD:KtcGnSw5uCnQL2DJLf0
                                                                                                                                                                                              MD5:D3E41A7DFE95B0183D16B0DDE4C29217
                                                                                                                                                                                              SHA1:1E805515B389ED9DF462E58151DA0D2023E96464
                                                                                                                                                                                              SHA-256:A5311934501B5029EE2BE2F6B75B00E8920EA05D0E96776FAE2308A5E955B200
                                                                                                                                                                                              SHA-512:3FFCBB2087A9835BF3F9F7DD95EE4699E7BF7145E2F84EFB146A044144479B8A7545577C4A14623201EE9B7B43B23F5F37C6494EA6A2A265F0D3952485D371A1
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\TabViewStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):11868
                                                                                                                                                                                              Entropy (8bit):2.9732311206277986
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:IkVnImgIbWNvnectzJqbvwBHtLs1cOUfCfVLdEaxZK4ve7yiVNYly4EuJbABuxUe:JImgFvnBiAHgUVSlyj/gnFWeEU
                                                                                                                                                                                              MD5:29EB9C0CFC54CD3B5C1E15CE70CD1E7F
                                                                                                                                                                                              SHA1:BB09FE485EC75EA7A0B26BCF37C3F630D3C7505F
                                                                                                                                                                                              SHA-256:ED94BDD63D6614740CC455B6A2F79A4502B123CB1ED4A3343F5FE0B50640B2E6
                                                                                                                                                                                              SHA-512:4ABBE4573B37E53FA7D3BD90279E6EBF501A5FE2A0C74ACC48694F1199F6EC48D1A70D2A47F619CB5EC5BBBF187CFF01C65104FE5B9C4AF73DD97DDFB5E5D3DC
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...............\............................................................iO8...................#...j...h...............\.......\.......\...E...\.......p.......p........................................................................!..........(...p...................@...........(...p...........P...........8...........0........... ...................c... .......0.......c...@...c...@...S...`.......c...@...s...s.......#... ...........s...#...@...........S.......S...........S.......................S................... .......0.......@...c... .......0...S...S...`...........#...p...#.......S.......S.................................................@...............8.......8...............V.P.................V...........@...............8.......8...............d.P.................d.....:.....@...............8.......8...............t...................t...........@...............8.......8.........................................:.....:.h.L...H.......@...............8.......8.......

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\TableViewStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2116
                                                                                                                                                                                              Entropy (8bit):4.845502592991123
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:MLkjCT3QXf8WYwid0szM68qDRGNfFTNZbOWGf0HB+N7YiZTcfy9E9DsK2n:MLoO6E+iCshVKzlOWGf0hEVufy9E1sX
                                                                                                                                                                                              MD5:C4442C528418356C4115FAC8F196E0E2
                                                                                                                                                                                              SHA1:213BC47F6348B8D47672340BF7A510333667CA13
                                                                                                                                                                                              SHA-256:8E717245351E3B2D37EBC2F86A21BE70DE1F23E400C4D87CE7F5FA5F7E15C9BB
                                                                                                                                                                                              SHA-512:F4683A52E0CAA6F768AD89CB60515BEEDE6E9B3C82F4E2C9EB60AEFDB78117234016768EFAC93DE63D8004B4422616D20FC7DF1B5416EB171849531A8455311E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\TableViewStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1004
                                                                                                                                                                                              Entropy (8bit):2.482155169058455
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12:0dEcqPwDSEEEEEEEA1Rs5cz3/o0clnjedPRU5Z/gxz3tXEE8M7F7Z4if:0dtlKh3w31adZ2yx7t0fwFtZ
                                                                                                                                                                                              MD5:262001739C5D09547BF711698AA57378
                                                                                                                                                                                              SHA1:542C07BE66E1752C4996937BC5B9093F1E9EAF8C
                                                                                                                                                                                              SHA-256:AB15FA9144752616D41F61745D84853A6742B29F0714E3F2FECF604CC308A888
                                                                                                                                                                                              SHA-512:C9416DBA26A796D183013318C52602101438D9562E6C0B001850C504E4AD545E4E2D407B6A56EB30C858EC68C09412E20955740CDA550780491BADDAD0A71731
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)......................................................................&.d}...../.._................#.......H...............................................................................................................................0...........@...............8.......8.................P.............................p...............8...`...........................................................................Q.t.Q.u.i.c.k...........................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s.................................B.a.s.i.c.T.a.b.l.e.V.i.e.w.S.t.y.l.e...........................r.o.o.t.................................T.a.b.l.e.V.i.e.w...............................c.o.n.t.r.o.l...........................e.x.p.r.e.s.s.i.o.n. .f.o.r. .c.o.n.t.r.o.l............................._._.c.o.n.t.r.o.l...................@.......................(.......................)...D.......................T...T...`.......`...`.......`.......x...+...,.P.x.......x.................P.....................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\TextAreaStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):6192
                                                                                                                                                                                              Entropy (8bit):4.708157783383541
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:KogUldGcQWESXxAygFMCOXyNoLyCOXyct:KtcGxSXxApOCOCNoOCOCct
                                                                                                                                                                                              MD5:8C8C3A28F50309394B4688ACA4F59612
                                                                                                                                                                                              SHA1:8B7F68738C1F942FE4B610054F4D57DE636AEA27
                                                                                                                                                                                              SHA-256:F9D62727679FFB17D42739D59F0F5198C24650649C01CF0DC124EC413BD6BADC
                                                                                                                                                                                              SHA-512:ACA39C177EED0F4E29AC2060973719DA681E1F345E969AAA0BBAD20B82929286C83584409FAADF5BCC75C857474DBF096CB981F380859E09E8CA297882455303
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\TextAreaStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3804
                                                                                                                                                                                              Entropy (8bit):2.9788986979942
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:Xgk7lPTO/HdJJP2yt4NO506TfrC6hCXyqWZnS7227WCjRIRLTGqWaSu:wWsdJJPbt4o//rZnS722aYuNj
                                                                                                                                                                                              MD5:E186AD3BBEE2BFE191E336D6AF0606F6
                                                                                                                                                                                              SHA1:2326AF3D4DFED90F1843776E06C32BF7AB154291
                                                                                                                                                                                              SHA-256:882D8F257942FD7AA75E0902185509BF351043239344E7A16360B71508A1BB29
                                                                                                                                                                                              SHA-512:439670D5F4C1C12220A2B123C8909FE374FFD1EB2FDB9ED4C572A62887E2631676E532B311D518A3AA85C2A49CA54746CCBEF3BB07897C3132EA3455012473D7
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata).....................................................................W.?G...J|.[.U................#...(...................................................t...........................................................................................(...........8...........s...............s...............s...........s...........s...........3...@...S...`...S...p......................@...............8.......8...............D.P.................D...........@...............8.......8...............J.P.................J.........:.................@...............8.......8...............M.P.................M.........:.................@...............8.......8...............P.P.................P.........:.................@...............8.......8...............S.P.................S.....:.L.......:........H..".......@...............8.......8...............d.P.................d.....:.L...:.H...:.........0...P...x...........@...h...............0...`...........@...............p........... ...

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\TextFieldStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):8423
                                                                                                                                                                                              Entropy (8bit):4.6776172765953845
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:KogUldGcQWM/SRYv8/SNU+gEClouvAH/ARII/jYlPbDPMCOXyNoLyCOXyct:KtcGXSg8KW+B7YRI0MdDkCOCNoOCOCct
                                                                                                                                                                                              MD5:70657CB2AB96E3A4FCC0C1AC76F19C77
                                                                                                                                                                                              SHA1:E777DE5D90103D2E607AC2B32F09347D28A49DDB
                                                                                                                                                                                              SHA-256:ED6D8C14FCEFF917C6EEF857723B8085F444A456B95044A01DB65A9E0202C8BC
                                                                                                                                                                                              SHA-512:1D3AAAE1EC01AFBC588E99C37CC4C7DCED8B68F2BBA3385A973BF2F9ECCEFF761E4898AEAEB00A0C6438746B88685C93FD56A144A182B558DEE2FB0EA5DF1F35
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\TextFieldStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):11912
                                                                                                                                                                                              Entropy (8bit):3.0076432378041207
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:OWARNnxqfSpUZJ5PbIn4Bf3gHmQG82EUfWzoZnS722TNQmocR2lfjxwg:OgfSyD5K2ZqdRyx
                                                                                                                                                                                              MD5:79C4AA822DBF54F902AA7761A986FC32
                                                                                                                                                                                              SHA1:F955A75E130D0D83242E1BDC9B58C47EDFA98FEC
                                                                                                                                                                                              SHA-256:0B2BD0EB29890928A2CE1CB35771216D83356E6412EE2EC4A99F2C7BD551C4F2
                                                                                                                                                                                              SHA-512:11ADD93EC0A8ECDAD3F064765CBE401B0747CFD68C8449C7D82F7940E948A36999C4C8B327865B73C86C2FBB13D9B4561566B8EDCB07D965DF86DDCD709D0D09
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)....................................................................#..R4X.....~.................#...a...................l.......l.......l...M...l.......................................................................................P"......8...........@...........@...........0...x...........`...........8...............X.......(...x...........P...............s...............s...............s.......................#...0...C...P...C...`.......p.......s...........s...........p.......s...........s.......................................S.......S...0...S...P...#...........s...........#...............s.......................s.......S.......S.................................@..............E.........................{..G.z8.........333333..@...............8.......8...............H.P.................H...........@...............8.......8...............Q.P.................Q.........:.................@...............8.......8...............T.P.................T.........:.................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\ToggleButtonStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):10258
                                                                                                                                                                                              Entropy (8bit):4.560115668765665
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:KBgUldGcQW+S2VLSjsLnLG7+hNDMO+Q99Orr+MR4GmwN7Ghw2FNJ/6kDsSAT/l:KicGRS2Vgszi7Ih+Qmrr1EN56kDsbp
                                                                                                                                                                                              MD5:6C045E9D4AD44B2868CFB552F60828BF
                                                                                                                                                                                              SHA1:B8FF107C21CA58A23F3D849C625D269DF2646124
                                                                                                                                                                                              SHA-256:49EC038431E24C713F223054DBE5A9D8D4106D785F5EE2D108B5FC7103C4C0C6
                                                                                                                                                                                              SHA-512:6691A18B70C835A43B4B23095B31AF82BCCF0466F04A6B2FB6A3685A4E0F659AEDACFF53340B440500216640579B4DBBB566D28977655BA62387F23C2082CBE3
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Extras module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in th

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\ToggleButtonStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):19112
                                                                                                                                                                                              Entropy (8bit):3.0806405770648277
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:YsqDcQYI9wCpNgxLqCU4zh3AFDN3+zxkzKmTUpjz5Jvb9hk2DJ9M+:/49BKLqCUO3AFDN3+zmpg1dBEz+
                                                                                                                                                                                              MD5:37A875A70A5540176BB2331BC138686C
                                                                                                                                                                                              SHA1:67598F96DC00335516454D909C0144221A6B13F3
                                                                                                                                                                                              SHA-256:B1D13F6791A85302AB2C0C796C51CE61C7B10F37E946858C43E8B65F1DF02DD0
                                                                                                                                                                                              SHA-512:B1406D00CD9AB9A8436B0B2CD79FB81D0CEEEBED340D805FEE8B6D6D58DE770FB00AC4BCB5AD8197C6F1C31048084DD9A55B5CBA20797B5205DB99862369C4BE
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)................J...................................................N...."....5....................#...v.......:............................................................................................................................5......8...............X...........0...x...........P...........X...........H...........H...........0...x.......`...........@.......(...p...........X...............X...........8...............`...........H........... ...h...........X............................... .......0.......@...............P....... .......`...s.......s........................................................................................... ...............0.......................................s.......................................s...0...s...@...!...c.......s...`...s...@...s.......s.......P...c.......s.......c.......s.......................3...........................................s...................................s...0...s...@...!...c.......s...`...s...@...s.......

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\ToolBarStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4448
                                                                                                                                                                                              Entropy (8bit):4.635039369223241
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nC+SSVvj54cPQXJ5Vv2X4szt4fjFJZNnGeY4:KogUldGcQWlS0c+5/K4h24
                                                                                                                                                                                              MD5:BE7A015302F2FD4F7A3851063C5C97A0
                                                                                                                                                                                              SHA1:B412F4522F28BFCC30A59BC2283E773CBF64FDE5
                                                                                                                                                                                              SHA-256:82D476FD3675E5F4AAF622EF0211835D859FBAD6E718FD5F100E9AC328EA4A0E
                                                                                                                                                                                              SHA-512:46D3E7AE4B6BFDAD98B867615308801E590121AD78BA2DE5A2418439D9887E3075B5C24AE77C45A99BC6883B42A5979F26A24D082F65D1164391955F3100CD8B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\ToolBarStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4316
                                                                                                                                                                                              Entropy (8bit):2.61400987106961
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:SBA9XVOZmiJs/NqKCi1wHmmJkSxceOlnkE9sXQt+tQ1lsVphkT/Qo92G:4SlSrJslf31wHmukUAwtIlF
                                                                                                                                                                                              MD5:016A0563C92EEABDA4F4C8CBB0DD66C7
                                                                                                                                                                                              SHA1:0C378B76037F6EABBDC66525436021088A6E2106
                                                                                                                                                                                              SHA-256:AB7E8AC23EDE538F60EED3145B4BD018BDFA555B9E4DCC6AA23DC9A0262B4756
                                                                                                                                                                                              SHA-512:9E4BC7AC26C3B63FB306E453EA3E4FD614404F504168E344B1DC51955238BA9A9B241BC01E15C6EF9B632CE4D2F164400DAEA0B02A4102BD2848094A9836E8F1
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...................................................................v...-..u.....Fq................#...%...p............................................... ....... .......P.......P.......P.......P.......P.......P.......P...................P...........(...C...C.......C..........................................................@...............8.......8...............]...................]...........@...............8.......8...............d...................d.....:.....@...............8.......8...............c...................c.....:.....@.......#.......8.......8...............|...................|...............(...P...............0...X...x...............(...P...................@...................8...h...............0...x............... ...H.......................................................................Q.t.Q.u.i.c.k...........................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s.................................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s...P.r.i.v.a.t.e.................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\ToolButtonStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4334
                                                                                                                                                                                              Entropy (8bit):4.665613385293802
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nC+j+DIypJR9gXxXOXjQ7i1eipD+BrMX+sf:KogUldGcQWi+DIO4XxXujQO11+tMXTf
                                                                                                                                                                                              MD5:E6F68E889EFF0EF731F480A5FDE7D338
                                                                                                                                                                                              SHA1:8BE57E64A6B9F620E132B88E2CB363D94AAE3696
                                                                                                                                                                                              SHA-256:195B734636F3B55789CC07BADA134D37AA256BE989D4BDE8E10456C598DEABF0
                                                                                                                                                                                              SHA-512:D3F7DB5F8C64E07A2B764AD9BCDCAE6833B62F58ECAD81C88E9E2C413E4CF641EF3F334392972B8559CF0455154C1038AB21E267D25398510B297128093143AD
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\ToolButtonStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):10104
                                                                                                                                                                                              Entropy (8bit):2.924174275372791
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:0AdyIxEVZgVG4vYJNbxHdfQHmRY2gNETu7EtYTG33nWy0Y+XN:0AdyIxOZoGAYne+W0SN
                                                                                                                                                                                              MD5:15DED7FEB1E06EF760B72EEDC5E98275
                                                                                                                                                                                              SHA1:874E85E63B79222E7E1A4496A5EFA880642E936B
                                                                                                                                                                                              SHA-256:05B9B9214F2EDCDEE9A0524F299D24FDE570C5D53A723C3BCF0B7ADE3B4EC641
                                                                                                                                                                                              SHA-512:EEC0FC6C4676C975F172253F641249A39D1745A95435ADD2812242CBE59760C9F5DA65CF041DE1381DE025CC3C372641D457DD083BF30BF0C9A35FF992413C44
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...............x'...................................................D.|..[J...!.M................#...U...@...............X.......X.......X...J...X.......................................................................................x...................P...........8...............X...........P...........(...p...........`...............................s.......3...........3...................`........... .......s...............0.......@.......0.......P...c...`...c...p...c.......................................0...........c...................c.......c...........c...........c...........c... ...c...c...@...................c.................@.......?........$.......ffffff..........@...............8.......8...............3.P.................3...........H...B...........8.......8...............6...................6...4...7.....L...:.H&......:.....:.:.|.....:.:.|...............:.L...H..|..........@...............8.......8...............8...................8.....L...:.H.......:.......

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\TreeViewStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2813
                                                                                                                                                                                              Entropy (8bit):4.866384722770099
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9EM+suBXZ8XOCNI:KogUldGcQWau
                                                                                                                                                                                              MD5:B6069EF62D8936486E3C0C6892B302AD
                                                                                                                                                                                              SHA1:84051674AAB7B3A78B09980148B6923737CD55F3
                                                                                                                                                                                              SHA-256:838C9D6873D47CED64C308981E88265F2CF80F42540B94411B28C3A5EF930349
                                                                                                                                                                                              SHA-512:FF30D8E3C85C7279D325D142CD16C445E21D97DA06BD9FEFA24A27675E6A5068AABC7F0953FB328994F2F0CA7E3466DC5DF274141166CAC544A3FAD010A30149
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\TreeViewStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5060
                                                                                                                                                                                              Entropy (8bit):2.8276072694539485
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:BhYmpm/vsODRJB9bXQDe4cSuL7RF8NHrlAv4:ImpWvsOluISuoTC4
                                                                                                                                                                                              MD5:534F52D55631397F01CEC619E9E5345E
                                                                                                                                                                                              SHA1:DD2EDA795D89C9CC2FBEAA3D13DBBD45359D1C86
                                                                                                                                                                                              SHA-256:2057C9A5BA4AEBE84B910FFBE098C7CC37F9EF629C3A348EA2B3CF20A71ED249
                                                                                                                                                                                              SHA-512:F45757F36D79D1B3F7A8AC81C1175443F3BE4976A5A5EDE35F7C0C1BDA40B41CAC75A2BFC6EDA62F8A8072FEE153A7CF27FB73FA100C2B14B4583D4B2266C5B5
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)....................................................................(.c8sUP..<.K.I.................#...3................... ....... ....... ....... .......t...........................................................................................(...p...........`...........H...S...............c...p...c.......c.......s.......c.......c.......................#.....................................@...............8.......8.............../.P................./...........@.......".......8.......8...............B.P.................B...........@.......$.......8.......8...............C.P.................C...........@...............8.......8...............4...................4...........@...............8.......8...............7...................7.....:....h.L...:..........@...............8.......8...............8...................8.....:.L..*H..+....@...............8.......8...............9...................9.....:.pJ...:.L...:.H../...@...............8.......8...............;.......

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\TumblerStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):12873
                                                                                                                                                                                              Entropy (8bit):4.629428348660201
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:KicG+pSto6U19Emc9W5gZddj3fQSiz1G6BrY4OY4Rwdr27rF:4GJeV1GWO/djhizI6BVOXg23F
                                                                                                                                                                                              MD5:5EA000E9BF0E1CCCE4233B9BF5AC8916
                                                                                                                                                                                              SHA1:811CC28DB468D3B5B5FFDE90E27EAE874B055372
                                                                                                                                                                                              SHA-256:D23A90DB1D8B0DD7E49F7F83CF9C8BA510B2A14125A452F222F82068822457AF
                                                                                                                                                                                              SHA-512:E79AE8E19F7C13E0FA744BE2E97A9C035A41244FEC17A915919544B5D193CA193831D4C0EC79F357A60B5F36A0E563F129CBD16B35313AC26BDDF839D7DA8CC4
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Extras module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in th

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\TumblerStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):14420
                                                                                                                                                                                              Entropy (8bit):3.294718942358016
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:jjQBGdBHm+JFAsx1R1jbLLtV3VmUkrSs34KSjA:fG+JFBxiHIKSjA
                                                                                                                                                                                              MD5:AD204A63BE5871E9C87D5D9A50F675FC
                                                                                                                                                                                              SHA1:2B20A8B62836690C4EE7A08CD5F1A56FBF520B79
                                                                                                                                                                                              SHA-256:CF8017E03F6392DA885B39F72482367107F95F9E6183D3AB483DEAD3190507FB
                                                                                                                                                                                              SHA-512:DAD7D3F47811C2958FAA27ABF72872DFA26A160F682F5E6BCCA7D1BEBB84C2F0AABC708F9DEC964579C09082CAA015012C8052AE8D93E790BA776165A2DAB67A
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...............T8....................................................i...X....E.................#...s...................D.......D.......D.......L.......................0.......0.......0.......0.......0.......0.......0...............8'..0...x.......(...p...........H...........@...H.......H...........`.......x...........3...C...C...s...0...`...P...............................C...C...s...0...`...P...........................................................................C...C...s...0...`...P...C...C...s...0...`...P....... ...1...@...........P...........P.......@...........................`...p...p............... ...1...@...........P...........P.......@...........................`...p...p...............C...........................p...........C...C...............P...C...s...........`...........C...............................C.......C... .......s...0...............................................Q.B.....Q.2..(\...$...Q.....R....Q..)\...(.................@............. .........

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\arrow-down.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 7 x 4, 8-bit gray+alpha, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):99
                                                                                                                                                                                              Entropy (8bit):5.3926034695973195
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:yionv//thPly7tJXzRUyxlXsV7Xb+khWmj/mleup:6v/lhP8HUy8xPhLm8up
                                                                                                                                                                                              MD5:9E26601B6D0263DDC931B562739789DA
                                                                                                                                                                                              SHA1:CFA26B6B614F9434FE8CF4C332672F6A99F1E030
                                                                                                                                                                                              SHA-256:0D0F06D0E93C8A2F28DA6838BB0BDC9B46DC79BBF0876DB9DB7DFD86B133CB9B
                                                                                                                                                                                              SHA-512:198CF67FC584DB1953069D3BBAF7B5011B8C8A4766212DC22FD1F1C28BFE577102B53A31AA6BACC060FBD3D2719720CF61D67850975067E91DA2A09D956DF905
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR....................*IDAT.[c`......2081|.r.28.I..W.W .?D...;....b....Y.....IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\arrow-down@2x.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 14 x 8, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):138
                                                                                                                                                                                              Entropy (8bit):5.913104986410572
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:yionv//thPlZLtsSp/uugkuXrn7hd94lVF3G3psqA/75dp:6v/lhPGSp/uPz7L9Ke3te75dp
                                                                                                                                                                                              MD5:2A3FA1EC3B03ED9B5FCF208CFBCA80AA
                                                                                                                                                                                              SHA1:44629674E7BEE50279125EA993A253FCE734B3C5
                                                                                                                                                                                              SHA-256:B78BA36EF95DEBB02D5216BC9A2B92F6A9EA20AE90D3985EB44829A358894ADA
                                                                                                                                                                                              SHA-512:995E7BF9BBE1FFEFE0FF8382AF49721C493D71E4CAA4551C3AE05D13C3C79C17EA10066683310A8C3CC68DBDF5F7775AAC58629CF17E98F250F9FA0DF74393A4
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR....................QIDAT......@.............,....93Q|.?.p8.......0`ox+.%i..c....'...|C....../x.VCI.`E.b...2....IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\arrow-left.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 4 x 7, 8-bit gray+alpha, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):98
                                                                                                                                                                                              Entropy (8bit):5.206412870756318
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:yionv//thPlJ4tJ6JYMsA98MCnAFttpTSQ0OoXB1p:6v/lhPst0JYMs0fpSOojp
                                                                                                                                                                                              MD5:A2D915B434E9F0B76330C66CAC462E93
                                                                                                                                                                                              SHA1:552A2047B07A7E4394A43ED34CAA1C4CF170809E
                                                                                                                                                                                              SHA-256:E3EF46A5A48C488F2AF7E46440E28CBF292A8E640144DFCAF896682409994C1A
                                                                                                                                                                                              SHA-512:825EAC978A84893C45F886EF947D4435DDAD7065C0783E9F6203C39DA27DA225DE64A61BABD550D40CA892D42B21CE79A8203D427B6E8B8DE5C7AB1374CB3E8D
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR..............l$[...)IDAT.[c`..'.........d<.S@.;.W........g....i..].......IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\arrow-left@2x.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 8 x 14, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):139
                                                                                                                                                                                              Entropy (8bit):6.070522563629401
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:yionv//thPlvfD4aFLzDCO6xdhMHo+cGaauHo28ydQeup:6v/lhPeaFLvC9R+cVTI28+Qdp
                                                                                                                                                                                              MD5:34CFF14C6287AA225F809A2B394BE44E
                                                                                                                                                                                              SHA1:7B5C7F8A2C484D118E958CD9D366CA95FFA01B6F
                                                                                                                                                                                              SHA-256:C5C3D15C8CA417E66569FDFD69EDE83F6A9F338524E55C21FFD86F11880E4C8D
                                                                                                                                                                                              SHA-512:05A19D498BFBA572CAC54048BA7F4C6CDE7D3FBFCD0EAE6BBD6C344A3AF56BE128DF7E06C95632C24752781708515ECA7C775D0EA9E705C700215B8B81A6C1FA
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR..............V]....RIDAT......@.C.w..@..-.....Tl...AT\b..b....k.....F...Q..=.1a.L...."...S..wjI......<..#......IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\arrow-right.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 4 x 7, 8-bit gray+alpha, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):99
                                                                                                                                                                                              Entropy (8bit):5.230333101040782
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:yionv//thPlJ4tJ6JYPBxldLmKXEUvsjlkojg1JU/1p:6v/lhPst0JYpdKKXEUZojg1Jcp
                                                                                                                                                                                              MD5:1480A736DFBBA89EF423FB99829C8C30
                                                                                                                                                                                              SHA1:58327CF559EEBB4F88B193090F5F7E528C0835AC
                                                                                                                                                                                              SHA-256:ADA31CABDF339314064F905EB072A0895EC07232E8287A9A22BA82A34FADD378
                                                                                                                                                                                              SHA-512:AB4AEB77294EC83484A4352D8D51BAF7A41ABFBE3C940F7BA9A04BC6114FDB6DF146FB5A40F1A47D903DFC46C5641A9FF09DE632CC2B6E950D82FE5A8DA6E3EE
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR..............l$[...*IDAT.[c`8........2.B. .;.........F10.P.....:.......IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\arrow-right@2x.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 8 x 14, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):148
                                                                                                                                                                                              Entropy (8bit):6.179148904370533
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:yionv//thPlvfD43Pl9k0yonHpjv9cl1n2KWT7D3EutkXYJsg1p:6v/lhPe3Pl9kc9HrVWKp
                                                                                                                                                                                              MD5:32BF30A66C6FF87ECDDDBB59D974FEE6
                                                                                                                                                                                              SHA1:4FB8DAC785E763F3A629497159EFC6AE94455625
                                                                                                                                                                                              SHA-256:2007018F329B461364A4E038AD5CA032152A3D25B06394D32E1BA1EDBF2DC27E
                                                                                                                                                                                              SHA-512:D374181CEF3B4D66C599FD9CC12BBC12F161CD1B5EE4FE2516CF9872280ACB914116C4EC896A180C9B0C6BB879B516E183FC9CF3DDB159611417A4A17C617971
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR..............V]....[IDAT......@.@.Q.0...hK0..l....LD.>.....X..`P...^B..B.. A9..9J..?......xc.|b....;..0....}8.$.Tg....IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\arrow-up.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 7 x 4, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):112
                                                                                                                                                                                              Entropy (8bit):5.6716991238441095
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:yionv//thPly7tFfJ2Exiy9ofXhfNy4hZYDxDJnF2g1p:6v/lhP8xJj0tXhfNy4PYDxVF2up
                                                                                                                                                                                              MD5:BCBBB04747E7558F52BC6D92574201EC
                                                                                                                                                                                              SHA1:29FECA33E341D21367DDF0055E016377F2A758DB
                                                                                                                                                                                              SHA-256:D06DA849C008079507F4951696C0C049D080CBCC05D757055D8C98EC23C810B8
                                                                                                                                                                                              SHA-512:7ABEDEBB35119549443FB98CDC9D9C1FFABAE951C3554A992CB84585A9D51A0211E198FAC33D41E0859494057E3FD35BE1AD904995921F34A191B02E8474A5C4
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR.............B.%}...7IDAT..]...!......[.]\.&_......D.hXh.U...b/o<!.a......&.".,.......IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\arrow-up@2x.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 14 x 8, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):155
                                                                                                                                                                                              Entropy (8bit):6.234159177694252
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:yionv//thPlZLtsSp/dseJ00onnXAeqgLiIJ3KgahBctIgjauoHSXB1p:6v/lhPGSp/u50onnXAeqEiNfhOQyTp
                                                                                                                                                                                              MD5:BB0A46E6C1771A779201A47145C61ED6
                                                                                                                                                                                              SHA1:2CC14C4871251DA64879C921A6F2CFFD8E5D397A
                                                                                                                                                                                              SHA-256:E3A73C4AF918665D2FF75FE367E207FD71AD96FF9502D5120586A92D4076ED34
                                                                                                                                                                                              SHA-512:5AD68791A5FD50C9A38988AF39D1AD9124937A4ECF925EF9D65536B7108491BCE7EAAF3D84B2C70A3D19EF0E5F107AD2E15EDEE40129B52A60BF0F91C9489F52
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR....................bIDAT.......@.E.CzP.S...2.2%.....I.$>..w.R...S.k~...R[._B.X?P.bhB$...2.....E..j<...........8....../.4[....IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\button.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 68 x 30, 8-bit colormap, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):554
                                                                                                                                                                                              Entropy (8bit):7.052906621637133
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12:6v/7qFyVzV4Pd4BWgpKNoqW96qWd6RDk9wavyjl7LhYjiBflJg/:ZyVOCIgpKoLchdQk9wr73BNY
                                                                                                                                                                                              MD5:7D2A593CE15F1C18ABE05C4BE7B623FA
                                                                                                                                                                                              SHA1:FB6D3E41F21C23B430C91B08477BCFE78BCB0409
                                                                                                                                                                                              SHA-256:BE15DA1B5DF9D4DB06BBC55673731E3FDE23E82A3983AE7A560B9DA1203A65AD
                                                                                                                                                                                              SHA-512:F317EFB953B2B50A5F321306D6870679CEC8FDEAF660729C616ACA070474B9A47B4DC1125FAE56CDFF5ECD7C9EE73FDC982CBED0FA5AED1B633B5A3BD2056CDE
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR...D...........H.....PLTE..............................]]]..........................................................................................................................kL,|....tRNS..........$&(/0...............&IDATH..KN.@.D_uzFb..F......!F....I.1..E.D......^n._.....=.,....4.....Z.o.z...2.s....{....."22.J........S5..1R....yN....p..Sd.i@......x......a.yN.u.JV..Q..I.@0...s.l..-}...n..m.N.........%46D J...L {>..c...[%>.k..h..>.c....*...s.......l.....5.V..Yj.l`.,.a....f.........>........?..]-.?.....IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\button_down.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 68 x 30, 4-bit colormap, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):203
                                                                                                                                                                                              Entropy (8bit):5.889660105398947
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:6v/lhPmv5bdss/YbwxklpLO/KYmufyYFa8up:6v/7Aq9MizLFai
                                                                                                                                                                                              MD5:30086C443E196DC76E4B63449E6EAE76
                                                                                                                                                                                              SHA1:225856C88F9C9F27FB7EBE7FDD71ADCD11DAA228
                                                                                                                                                                                              SHA-256:292DA1564CEA53FC63203D0184FC0F2849C169AC3EC948A0344C31B674ADA3EC
                                                                                                                                                                                              SHA-512:B3DAC0E218C50D5CB8984EF670390C602D8F427E45599D2CFA12D89E98620A0EA60BC0BD7D02AE27E19A6596A2CBD013CAA962C80B2457DCB0F9DF289AAA59BF
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR...D.........g(.....0PLTE......III.......................................\..\....tRNS.. ......?E.d...AIDAT8.c` ...f.....{......8....&0p......0.dT.pV.NX..a%.....V"2=...{g..d+J....IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\check.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 10 x 11, 8-bit gray+alpha, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):176
                                                                                                                                                                                              Entropy (8bit):6.151672179013188
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:yionv//thPlH0tvl/24hGnlMWnZ/Cy49V+tVq/26yVjk5xoNpfKZSKVglzfDl1UQ:6v/lhPOtvI4hbgZ/CHV4EAVjCo/fRKK9
                                                                                                                                                                                              MD5:B4FABDCB9968F11AD8F464A0DC1E195D
                                                                                                                                                                                              SHA1:F6B40549F93AA73DDA93965D494704F51E2B2AE0
                                                                                                                                                                                              SHA-256:F47290E13D80210EDBAD66771068146D2C2B81FC444448CAD4DDC5D5FAF733D0
                                                                                                                                                                                              SHA-512:A9BB46B285499E40AA6B0D87C82A9CCFE925B30D28DA7F0B2099CA8DF4365211664AE4BB124B3E857F31222DB320F08CBB1F363EEF209AFB7F4FF80CC5E93E4C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR..............g....wIDAT....!......s.@&ZW..m.p7X.....X1Xl...a......'.............Bc..;.5......H,.....]..:+..Q8.h........^.........P...G..J........IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\check@2x.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 20 x 23, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):417
                                                                                                                                                                                              Entropy (8bit):7.342741240452635
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12:6v/7+askHuEhsylgrZWI11YO1JnSC0wgDiIOHt:zkHC71REZCymIw
                                                                                                                                                                                              MD5:94E4C2FD0E6F3A5C2F5EFDE68238F52C
                                                                                                                                                                                              SHA1:5A5756076EB42B6B19C047882537CAAF0ED999FD
                                                                                                                                                                                              SHA-256:F645F3D5464155BE90FB470BFBBCCCB0D4A821B1BBD7A19CFDE462353387FC78
                                                                                                                                                                                              SHA-512:71835DF6CF370E14C7EAF03C69565CDE8F3FDC31CD6A53E9E8596B89AED203925A73B18FCBCBD5ACC0E1D949F4779F4F6A9A02F71A8F75F451A0DEBFFE96EDAA
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR...............o....hIDAT8...K+EQ.....%dx&...........@H.H2._..m.9.EQFF...2R.....Z..n....}.......P.W3.>..".....k.../.B].di5.`A.Z.&.B..p|..>..+...%X.7..Y..VpY......0..5X..}7.......w...\.....[.8.A.Z..d........Xz#..VwF..O..eX.'.......(.+X.<}...]...*..\.T..).:.&&*...t..p...A.[..<.3...g..:.I.d..e.?Q.B.......ju)9)..y.....@.w.!\7`...w%E..z;u=...S?....r..c........~...K.[..]i...".....IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\editbox.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 68 x 30, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):416
                                                                                                                                                                                              Entropy (8bit):7.3708761233550355
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12:6v/7jpJOtqA0d8rRVFTfOY9GX10ykOv9jq3:uHexrTdfH9GXRksq3
                                                                                                                                                                                              MD5:36929CFB5F181721B79C0027AA0C7A66
                                                                                                                                                                                              SHA1:0CBF1BAB50D4CD36987BD5FE5C621FB48AA5B8CF
                                                                                                                                                                                              SHA-256:B206EE4D86B6A279ABAADEF8D674495066BCA353479BF4EA7ABFDCC645FFC3EA
                                                                                                                                                                                              SHA-512:9DF12E1BFC96A3C879551B624C1E07A3D04A29B42E206C06D8193BD1363F36459C2A4B2CB8D19D322FCDFE2CC61B42787B35F74AEAA10DE7654AC5784E3F5B30
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR...D............#...gIDATx..1O.A.....3..X....N..7..C...11...*Z..9. V&...,..F0h..n..dw.f^6kD....0.n.l0..Y...H..:<.F..8........Z.f...[..,...7...m.v...$...].'.(...y..Jahs......`....|.'~...... r@("Q..Xk..n\d..aC....#........[&f..l....s.........D.QA.&H.o..gW.hd42...!...D......FF..=D....G..b...0..3.....T*..x\m6...v...i.d2.H?...z.6I......-TD..(.^.......9...#.T..".+0.........1[......IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\focusframe.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 65 x 30, 8-bit colormap, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):271
                                                                                                                                                                                              Entropy (8bit):6.184821585791818
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:6v/lhPqIltGmQ6dJq3El3YciKebcww3dsdtOG04tN3VwjKJ1yvRp:6v/75Mp6SElom2StstVVweJ1Q
                                                                                                                                                                                              MD5:71B79B7CC09908BA6F8FF40C0EA10510
                                                                                                                                                                                              SHA1:22388DD933F089701310845226EBB790B7EB8513
                                                                                                                                                                                              SHA-256:DB272A7593D3CD66AA2BEF945C96ACF62BC0BDFE458E11CE20C72BCEF5CCEACD
                                                                                                                                                                                              SHA-512:AE1570ED60A621BB14B15DAAF20D65838EF81B245F1014070135B39CA5472442CC53BDEF6024834356C30608FDC087D543FF93392BB5C0E464F26D14E3D5BB7F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR...A.........D.U...EPLTE....f..................................................r..q.!7..8..9.a.'.....tRNS....#'<<=>?@@ABopp.....D......bIDAT8...... .DQ.".c.H....<......p..j+...).Of.....!..{.....2..m>3.`..&..p..U.[.z.....'..".HE.zH.}?...oB.6....IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\groupbox.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 98 x 38, 4-bit colormap, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):225
                                                                                                                                                                                              Entropy (8bit):6.052488438839991
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:6v/lhPMa2sRVg7hr/2ztQ0gVcP04F8jesU/Yp:6v/708odRHBVjzv
                                                                                                                                                                                              MD5:A78C4CA79750EA1BCE8914B870E7E5AA
                                                                                                                                                                                              SHA1:F7A96194B043C552FE9259934B9A78A8AA625601
                                                                                                                                                                                              SHA-256:4470E834BF1A8C2EB025D651ED5BBC71681AA898388AE17F8B276E8AD641A0B8
                                                                                                                                                                                              SHA-512:2B839324A3247E0E4AA20A283541C4037269A197874CDD99FB53E68641A67C8A9B96A9D1036FB3D087BCA62CFA77BD77684F8CAE6C389717B48DBC3597B9E0E8
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR...b...&......BSG...0PLTE.....................'''^^^ZZZuuu]]]lll[[[fffbbbf.K.....tRNS..........244579.^....PIDAT8.c` ...YE.X...........Q.$...eH..+..E.th....1.cT..z. .l'...m%........zp;....DL......IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\header.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 21 x 19, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):383
                                                                                                                                                                                              Entropy (8bit):7.316897675335883
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:6v/lhPu9jK09x49vwpNyNSa7Rb0BA35eP6VNoqxQyNZ3JBaWCFoa8akWWvRJyenr:6v/74/EaNQ7t0O35ee60vOLSa8bNRMer
                                                                                                                                                                                              MD5:9B795F12D86235B8053696F858CFF40D
                                                                                                                                                                                              SHA1:E7E36F304EB356D5358A422A1C4AE5CACB4BEF19
                                                                                                                                                                                              SHA-256:FEF52D00A955B35D50FAAFC08C9F0C6C55D4BC35B01000200E13DB44B59EC9BD
                                                                                                                                                                                              SHA-512:4A0841C0A1BFD03DAE83B5B991C069CD0BC34FF06A4C990A189A3023AEC494DEB6AF376A94FAAB9E2BBAE2B4147AB67447768CBF39D2CC67272623011C602456
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR..............NF....FIDATx..K..0.C.....9J.VD..%..v...D.m.$..i.~.~...m.u.8.m0 .`...+...H`..E....".'].xygd....V..".. !L.0......%!...T..yK4...u........a)\..Be..@JiV...D.gM...J~.BI...R.....,`.5......k7...".8|j..@...C..~1...i.{...D.N.M..G,...hh5 .>v.)..P$YQ../w.{.,w.ii+..R..j)......6.l*.._...........J..*7..r..&<-.S.9..........(.q..7.-....E.c....IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\knob.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 58 x 59, 8-bit gray+alpha, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1703
                                                                                                                                                                                              Entropy (8bit):7.847758130427772
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:rmAlUclYkw8yHr6gUjDQoFT5HfEQ583AS5Nou:rpWclZyHryVXsNQgF
                                                                                                                                                                                              MD5:02945439ADC155CF30AE30BB93EC490E
                                                                                                                                                                                              SHA1:3CA68D3D1410EDDC124876F36433CC888172A93B
                                                                                                                                                                                              SHA-256:455D05DDF72D76B5A3C8B4633FB19493511DA4E04719D308DE7A7F152B516B6D
                                                                                                                                                                                              SHA-512:FCD330CB079AE3E24D2664384AF53A4E1D76AFC1E611B18B488EA037827A1B0144195B038B8A4ECEA80ABC6922AE3CF5A0B1321DB3EDBD85DA7647FB219601F4
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR...:...;.......Q....nIDATX..X[l.U......H[E.....5.5(..`....}PcT..M..E..>.`....$..I.I....1"BB...!...i!......9..;3.?g.rQH|`6........7...]...&....[k..k....,.z....].P....H.\,.7H!.[..t.;...k~.]........y ...... ...O.U...*V........5...U...1.zr.'.s3>....z.+ $.P.A.h.....:.n0....2.....'..&0..$.f..4C...4..yr5...O..........P......zr.4a..T...\.Pd...../.yG.W.....*..\.').+E....1 1C..7.._...T<w.. S.6$....._.........,.x.+....C....i.LLYr......2....5.X~.N.....?.GDa.NH.v..|f.X.a.f..s....)....M.5....i.N........,@.F\.<4.....}.O/m.....G.h._...]..r......p.....U~^;..<...s.@.......[.,.`.W.,....`qP...*..C,.:./.M[W.....~..Wi%.....U...'xb.F..o.4.Mo..`.]..K0.8O...Pc<M...8....R....\CC9.N.Q.1....y.......H.h&Ft.......G:.-X....aztn.a....nb`I...^.g....h{..j....3.. .h)}.t.$.PFA.M..-...l....R..V......Q..M.....:4m.1U%..W...9..6..9l.-..l@Q/.LM......u/Y.........=4).s^y.:9.d...D#.&.J....Y...1.....a.J..&.%.\z.....<.i*.j.^........7.1..m.o2.....O..P.=..+..D"..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\leftanglearrow.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 21 x 33, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):206
                                                                                                                                                                                              Entropy (8bit):6.337291568109683
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:6v/lhPHbkIstUxG+21n4eD+m4NMEFtoMSjp:6v/7PT6WG+neD+PjM
                                                                                                                                                                                              MD5:A6F7DCBF0C95F2EA039AB48656F697C5
                                                                                                                                                                                              SHA1:21AA8F782F61D6FCC2DF6A473952D3CC429A1D97
                                                                                                                                                                                              SHA-256:83D96C6CF82EAEE7684DC663B3072B10CEE5C1B3C9F9F1C49FA7BA32CFFABC40
                                                                                                                                                                                              SHA-512:5293FF25CE5E37413F19CA752A993E6B1EA22D553EB6BD9796751E94D82DCBCA1644D608B0C50F7BDA426FF78F110FAFD9BCCAA73A0E8B4FFD6261788777BD59
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR.......!.....6..-....IDATH.c`...............b0...@C?....S......4..Q..F..D4... .S.....(.e..o..~..d......r@./...H?.IPJ...x.. ...b. ......2p.`........A........FU...2....n.O'.5......IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\needle.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 17 x 201, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2036
                                                                                                                                                                                              Entropy (8bit):7.7960008441887965
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:L8S/XFZMsP9ZpnE9JiXKfZq75Yk0ylh5a8Z0p8f+NLcb:5Xw/92Qtora8ZtWmb
                                                                                                                                                                                              MD5:2DE13EEA606A194431BDCA46C69B9D66
                                                                                                                                                                                              SHA1:AC820D4142AF9CB8DB6091760F00E818A37F471B
                                                                                                                                                                                              SHA-256:DE0BD47828AB9C6929A5452D96B5C6AC13B99C0E3FCC159C885EC15A4CD3E2C7
                                                                                                                                                                                              SHA-512:5C3245BA2257244CAF686C0C5B9DC4211208EB33D1BB32F8EA64F7DCFB613FB57F1064C928A2567CE83524D1995F20069EA5B8E4B2F2FE4DA9267F746D0D3D08
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR....................IDATh...#E........@...;.TH....C.@b?[X...F..r.f.U...u..F..(.T\..\.n.....sq.... ....O.[.<....A8.....?.u.....".....'.g..k.8....E.=.....~..*XpI.ac*G.Ok.#........... ...Dp. ........c.....K.q...p...a..*p.R.,...K.....@.m....b#A......F,./.D...9..D..@v'.O....Y.kch.{..i..>...$~H......7i........-A\..~.O..\8....>..K..}|....8..A'...!.t..P...4.|..}*...nZ.w.t6..&..O...3:C<..C..~.V,%...].y...I...O...S......h..'...\....|.,.~a.AlG...y2...i..vu.....'..+.8&`...:.x........S..X._.9..9...\z%S.b..I........AH..j.Pw-v.Ny..!.y.y.[...V.+.nr.Oy....j.......e).[.......2.M9V....N..6....D..u*wd.%y...em.R...@........p.,r.x..'~.'T.$.I.n+.....2...Z.........F....pE}.w_C..5Z.....O..8.O6...d..N......9O...Ci.K.(..jg...I,..J.OE}r..8.W.<...b5.x..d./y.Dg...'<....U..gL....W.d&.).r..'...jy..'D....j[K#..K...,.kS..O6.'V..t......K..R.....D..D.}5.-".5[...jG:_.X..f.K...".D@%Oh....B._..F.Q..e..J.X..6.}....Hdl.U....\..}.i.J..f1.....K..<......[....(N.wRX..u.Zr.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\progress-indeterminate.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 60 x 38, 8-bit colormap, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1453
                                                                                                                                                                                              Entropy (8bit):7.436248461607645
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:pGy3OXplLIOIs/+mexpuYt2M67hZzPZgOM7c1glYa83T1QRLgqIgqJpa:pG7pVIE2mebZgzY7c1SYbRQR8Vgq3a
                                                                                                                                                                                              MD5:D6A834191405EE2D93AF835999A0F3B0
                                                                                                                                                                                              SHA1:7707D93FFD845E9A4EFA36DCF054093F6DD3B6F2
                                                                                                                                                                                              SHA-256:10DD5915F0352AE3A58B1250E449660537AB36FF0B70DE6F54D3E22AF4EDF0D3
                                                                                                                                                                                              SHA-512:A45F058E954E7CF1F9DC3967CD0D150706DC5B9D3339F0B4791610E5CDB59035B3F8FDC2F812A7202AE40A5AEE0C5EAEF0D893F6A28B6488845B33B8B885982C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR...<...&......o......PLTE.............................................................................................................................................................................................e.....?tRNS...............................................................k>/....`IDATH.M..r";...}..a.Y....!....-...k$...U.QY..#.(..D...w.......,.H.{.Qh.)..iL.R...9..5(qx...>.K.5..y...=.$.Gi}}kS2..|J. h1.$....R+.@.>.M...9.p.....Y*E,P..!.<..!@....M(y.V.%.\...,/.J.R...O....5xs.........;..K1.p..D`...3..y.W:G...~...zY.~.|....j....s...3.e.....\...B]1<HC......>..I|f~...2..a../..f./.>...f.Z.>.$'..U?..8f.Yr.....Ii..^>|.........c...........)....~.-.......:..?..Mm....#0.|SI..:Gf..J..P..-..am6.~9.7.\d.k...Ed.n+l.<....'IL.G..........V.y.)-..._.3.9y..s.7..+.$..V..9.fdf....T..g..FPo..u.]U.Y..E...xf7o..........*..b...gF}...I..z_..K..y.{...1{..O7[<3...e]...~s...\.".'.7'.....L..X....a.75L.4H.9..lt6...$]x...n...WF.{1W.s.d...*.3....ngE....r..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\rightanglearrow.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 21 x 33, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):228
                                                                                                                                                                                              Entropy (8bit):6.39399325133142
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:6v/lhPHQWw/kIWhbPHHmIqHaPUdUA3x3y9wuTp:6v/7P2sIWbPHI9dUxR
                                                                                                                                                                                              MD5:01D831D0914774969825F38B3B9C7211
                                                                                                                                                                                              SHA1:380F64DCC9EB7B2279F341A5FCC0BD95C941FD39
                                                                                                                                                                                              SHA-256:CB264368C0D4801D4DB4C56653F57671D042C591AE24824C62E24D5545890DE7
                                                                                                                                                                                              SHA-512:15A13F029B81CC824D46628E80B87A6807A534B658BAE608D67642AC7F5A961E6019CCD795F00FFD6301BF4BBC2678AFA6F2E4592E762D92954839525D78AFAD
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR.......!.....6..-....IDATH.c`..`...GM{@....@,H-...=...@LU.5F........,$.F...Aq.h...J....{....+.+.1.0..d./.z.@...i52.@..*.A%.......).....JP0P.F..g.........%Cp#bp.!...T.8....<......6...;....OB........IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\scrollbar-handle-horizontal.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 66 x 17, 8-bit colormap, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):825
                                                                                                                                                                                              Entropy (8bit):7.181170546983538
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12:6v/7bjVM6O85n9u1pA5bNNRQ6gQTX2Eu2i2V7WaD+E9yqw77POBSNVYk4w+7Q2bp:CilanypGNRQ6puE7Wa1yqk7PMM2bBtS8
                                                                                                                                                                                              MD5:98B77977A191E201FE872FD67EEB76CC
                                                                                                                                                                                              SHA1:54DAC271DEF15A91A448C0BB1D81D1EE3B7C831E
                                                                                                                                                                                              SHA-256:EE8C1C4B11E8A4A50B08D7597583A0D3CD74E7CB9B77DE47FE8CFEE71B3E4B5E
                                                                                                                                                                                              SHA-512:EC25398A9B34192A6BE506209F071D0F06EE567FA898F099D9DC9ED97A547D32DA71CC7D55452E7B1331204870E76831D6995BE04A5103D8175784E3E2EDF41B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR...B.........^......&PLTE......................................................................................................................................................................................................................................................................................................k.......tRNS.................IDAT.....q.A.@.WG....a...Xf{.b..0.e..p........l+.>.TI.nVb..)>e.*..L$.w^XI{..w.$$.6X%.....H...n.d.C..b.u....r.......HJ:.xW#........^.U..E..^..m4..RO5.y[.....|...v.%.a.M.s.g...z.B.ddj.A.Z"..|..m..ln..'+<y.%....<6.%b%.rs.8.h.4l..nA.9pq..'7m.....0PL.......(.LUh.H........8.....?M.&.-...^L..3...0JYzI...L.U....S)>..h..P}.k.G..dm.<E.........mPy..a.^.W./.K..f...h@g......."d.YhC@@.ln.|......+.jO...FH...(i..*.. ..!.....;.#..3*....DD.h.t....IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\scrollbar-handle-transient.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 17 x 17, 4-bit colormap, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):153
                                                                                                                                                                                              Entropy (8bit):5.417362301449934
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:yionv//thPl8DBry666666JRl/hkegCt5hGZgg1mmmAplms2mEKON1jltB1p:6v/lhP61ry6R67DKqt5hElHmAplP2mEF
                                                                                                                                                                                              MD5:A134D237A48910A55C7AE34FFD5ABA46
                                                                                                                                                                                              SHA1:DB72AA287A8FDB2E0CC0FB778AA7E9F2CC5B0E1C
                                                                                                                                                                                              SHA-256:BFE3263258A144CD9D2B85B6CE4CA15614E6CED6BBB263759DEACEF83C61CE92
                                                                                                                                                                                              SHA-512:B4BF5D8BE626D0B3980441607F2AA00A370CD70AA06B5187CEACF4C45A8F6A168C09FCC86DBCB47802EAE891D666E14030E18C9A1AD98F50DCF15E608E8AB579
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR..............CZ.....PLTE...............5@......tRNS.Y.........5IDAT.[c`@.F....C.K.....B`..#..3......a.P.B....a/.[`.....%..&.....IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\scrollbar-handle-vertical.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 17 x 66, 8-bit colormap, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):839
                                                                                                                                                                                              Entropy (8bit):7.084145875349208
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:4PJlanypGNRQ6pQlBL5z13aTkITPvn4ymZnIohGUa:4Pgyow6pQl5V4FP4yshra
                                                                                                                                                                                              MD5:37CDF30009E9CB143DEDF765F1C55BDC
                                                                                                                                                                                              SHA1:6FB1DB37A28E11B8DB7311BE340E64B89FAA6D4B
                                                                                                                                                                                              SHA-256:329501784A775761531C0E82B2E74CC9CBA464C0A38E93DB3323054C5F117D56
                                                                                                                                                                                              SHA-512:1A52BE2341932150206B7A380B444EA23E3452CC4570740E11119DF67B2A554073971C079DB2794AEFF516CF0E608266092252F685E2D674FA51293DE90DF8E3
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR.......B............PLTE..........................................................................................................................................................................................................................................................................................h..S....tRNS...............IDAT............'%]rHu.0U......gj/............_.s.._wgr..=..$.=?(......".y..4.Lw.6kT.K..dl..xV..*af^3..X.:.Z..q.u7...5s..F.}K..Z....Z......s.b....q..y.. ..f.. FR.['?........N....T.%^.Y...=.....c....`.N.{..@,3.w.xT..7#6rG..% .....^......j...V.M..8.....8G.....[......G........(..g.7..[.t..D.a_....+...m..r4ba..M..vq...EX..{.. .]..a...M.....Q........}....[......~u~ .>..cwY...G........zh..f....s3.kf.x.ywtz.#..z.v.8...3...{....w....18........A.('X.H.....IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\slider-groove.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 66 x 29, 8-bit colormap, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):565
                                                                                                                                                                                              Entropy (8bit):7.197419983507909
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12:6v/7ljaGgjivMGmrAQIZmxE6LeyqcKRKAq4efxVi7NU5LCtfGQmMcSQa1I:mjdsivbmc1cLtjFMNJfTmF6I
                                                                                                                                                                                              MD5:2F055CC607C1CFD46EE5AABBB1672353
                                                                                                                                                                                              SHA1:D1EB517C6276C6C3635B075728C1F52E4027F796
                                                                                                                                                                                              SHA-256:D2BCB94DDBCB5803B9270F782ED52C7B6E0D1FA9AAF7DBFE6E41971C0CEBF46D
                                                                                                                                                                                              SHA-512:734A7B816B541C295BD51FFD1AF7A601E62594C07B82B9FDC4706CFCFE84D59ECC22E5F35205ECB5883FA8C5B71A4BEA6A6585DC8ABE073865461168617455AC
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR...B.........)RJ.....PLTEDDD........................gggnnnhhhhhh}}}~~~iiilllnnnpppqqq...........................................................................................................V....tRNS.FG\]]^lm......|W.U...0IDAT8O...r.0.D..-.W...ev.JV.. .-...: k......o....._.y..B..q........oK...=p.........q.....!]...8r.c_d)...b.M.`.....qTw.....@..4.ZQ.....H ..8.gn`%..l.....!.c.@r...-...L.0...w. ...)O.zY..g...t..6..j.........s.\...s.,..^.-..q.c.[.nWy.-........<.;.x....Wt.g.....I...u...0.G"..t...].9k.....).3.......IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\slider-handle.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 68 x 30, 8-bit colormap, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):524
                                                                                                                                                                                              Entropy (8bit):7.0709053737113985
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12:6v/7qFyY4Pd4BWgplmtiCGbtSyZ1ddm5p6Dhovl+4cg/i:Zy/CIgp+oniDvl+Q/i
                                                                                                                                                                                              MD5:5E45C866A18ACB5A644D250701644FC8
                                                                                                                                                                                              SHA1:2A7CC87A8182CBEBE930F0050E092E77978549D0
                                                                                                                                                                                              SHA-256:C78405B156497C8E84ABFCB97340FFE1CEF4599DD27C3EC4BC8FD282F90B556F
                                                                                                                                                                                              SHA-512:33D04F540D12A90F968BCE8C647FAB409AE88C638380E11F031907D05A10DDF77414F2AA4C579B2BB6E99B6C47647819DB10D74D83B596058FB3A25C4F405CBA
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR...D...........H.....PLTE...........................III...................................................................................................................tRNS......... .......x!.f... IDATH..MN.0.D.........%....'i.5...S..=..j.xpb....D...~....e.wP..S.5^....8:..p^...s.."..P.....AV.W8E....S5..1S....}..d.S8T.%r.4..Kdz~.......i.}N.1K%+P.(.$d XnW...9O.B....c.(x..m^"..y.q.\BsC....e......l..b.!..]Z.6.)N.b..."..#...34.q.Df...:...T...[..iJ....8...........;D;.H......].D.....IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\spinner_large.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 128 x 128, 8-bit gray+alpha, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4723
                                                                                                                                                                                              Entropy (8bit):7.85765721156218
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:lYwiXFuqU3B7ZKDogixWMKvubbolOJi1JTrLEFDWI4gGI:l1iI7Zao+MKGb2OJi1JT36J4PI
                                                                                                                                                                                              MD5:C27FE30DB418E02A6373E9B5E5B5647C
                                                                                                                                                                                              SHA1:713AC1F8D6A98301BDF8AB4B0EBFC7AB491F8D3C
                                                                                                                                                                                              SHA-256:C1FA1F01861AB7BB548BEDD730A4B120C797987DF10CF7BD2809544387C7AE1F
                                                                                                                                                                                              SHA-512:D7A434C360FCF97E2C17482ECE0A43EF987D32AC5E71A1118F9FDA98CC484998D2024F5BF37311DD012ECDE9B5ADD71D556216AF355CAC39D42D5C2897A5C0ED
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR.............i7.@...:IDATx..y@......E<A. j..F...).,. +..}.}....,..r...).b.. H..l...54}.7.M.Ic..^I...........3...*.n..G.)I.....{f.ay.E...[....BSC^.i.......<.,;...WES.Q.``[P.(3 8.Q.]...W..6D..R.."n.......wC.C^.y%.UL..k...^...tO...7....Z@W@n..h...O...L...1..2.).....L.............W.eb.6y...N........M.0E..S..}..~o..9._..<.....9.dL{.X...q. j...#P................3~...#..&..h..S.b.bn..Fc....@...x.......;._.......4...........@%...........0...J...S.x.S.1.7..n.....J.?..@n..b.r..b...}.x.q.%7..!.7..q.r.7..D..[.:.U.@.@>...cz....%3/Z.'<u....@ @.......g.k..U.x..}...3.|.........._..H.....,.....@-.}.........{..j.g..zj(.:..-.p..[...R.@....@.....k._...W.h..>Q.0$.p.....3......... ..3................<M..~..DI.5LJ.\.`l..9.......'....z..._.OtI.I........0.....-@.. .PV.....<./.u.....{......x..IR....t5i@..Y.(....k...uN.....;..{4..G......~........0J@Y.. ..b.R6.....S........{..y...6.4... .Q.j..%..An.....).....G...~K.a^.~....>.....3@.....;...=*.d...s....I s5...c.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\spinner_medium.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1621
                                                                                                                                                                                              Entropy (8bit):7.8462829500141025
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:DM70+IKZfOaCF+eC9c2W+0lXBPcFnWFIJ:DM70BKZGa5lczMJ
                                                                                                                                                                                              MD5:BB0FB3EFECC4C2BC51011009116ACDD9
                                                                                                                                                                                              SHA1:B6BCFD12A2A045D08FD3D37EF99583132A883952
                                                                                                                                                                                              SHA-256:0F620F218012ED6FF30809046CED5CA372327454B59C0B4D9501639BBFFD3CE0
                                                                                                                                                                                              SHA-512:CD454AAC39BA774A47A7A0098BF5540B1AF9B7B9BCDA9F9258945AC1550E51E83936DAD3B6C8196E430B52338859731CC0262357376027D38F890C928127DA80
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR...0...0.......1.....IDATX..}lUg......8hi....24.......E.d..Pc]..C...Y..[G....-ALt....$h4.Q2.2^........H.....{.=..}...{;....9..s_.....=.9.s.ick6.Y[a..akB....v...o.....7......7.sZau.\...w..B..+.W.....V...z5.YE.. 8...D8s(.../.g...,..}....Z.x.......%.).:.....yl.[..GX.E`. .b....40-...A5.FsL....*(8s....u.:....[l.3b....O2.&.U......:Wk3.I.I''...v..p...j.k...!0gUM%.F=.....|..]H#6LsF...:...xg..{>.5....:..p........ia]...b.!....}..:.W.....%.#.(.bjm.......-..../...G......*y..w..V..h......4.H...8f...S......U.zu.8`k....P...Q...3.q.v..P.....18...B....`.'c2E2..S.U|...g.b..[.kO..r...."Y...g.a.f.uV.p.._.&.m.:D.L .M=.h.......n...w.<@....iQ.....y?...v..8M...';.7}.........I...w.[...#(......Z...$...o..1.X..T.T;......"..O..;`.rw"Q# p/.......O...X.6>.._.x....`...z.].`..|.\..g...rM}.....n|._...G..3....y.6..].V...G....t.G}5:x.~RuZ`.v...o..]m.[..........,....>q.6.R.v...d...;.......0..........:........g.v~....\.B...#.%.........K..,NI..'j..~&.PJ..UnN_..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\spinner_small.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 32 x 32, 8-bit gray+alpha, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):998
                                                                                                                                                                                              Entropy (8bit):7.72561165556165
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:12H8Q7cyzKX+GUlIlxepggs9AEIPmIHZ/OUm9U3Z8D8XvSf:12Hr7c+GoQxepKAPPmYZLmS3Znaf
                                                                                                                                                                                              MD5:DD123E59D08DD2E80AF3F527B4FA19C0
                                                                                                                                                                                              SHA1:78214E0D0B57E60538F8A4968613A4A863D69558
                                                                                                                                                                                              SHA-256:8C31E6F37EEE27E6BEC02DBFB6452B9F0831D6586E47DCE4392E9FBAA07ECED5
                                                                                                                                                                                              SHA-512:23D04B0BC9ECB49F3B5D6A4A03935DF52E7DA28007A65E9F9F0EC92A83F94F818B00C1CB78FA03F31746C523F76689387EADC93285EE74CF9EC99052AEC7C9A5
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR... ... ......s......IDATH..Oh\......f..&i.m...-(.,zP....."...E.x...hz.D....zP<6..j E\..l.R.`U.,lbM....73.6.4.d...x.c..7.`.........P.._...D.......{....B.3.54.Q5.j.N....z&..|h.4...&....?*VW.<.>..m..].PSO\]...k0....up)84.?*..q.8#.@.......0$...{.Upx}...1...{..........8........t:1...UHs..1,t..Y&.._NTn..HG.........O.l..(.<......H..[...-..o._Oo.....hh06./...8.>.@[.3...o~z...]..E..........yR.&.&.l|.t....)...F....K...\.&'.Mc.......=.....t....B..q_.......V......k...7l..5.5....jb..y.(.l~.A.hg....L...%SH...$:..@H.z...R>Y.. .`0.d..U..7b>$$.\.SSc.Gg.........K.C..^\m.0...=r..#..........a\l.....b...0..&&&.Cc.....25..N..g:jt.X..oo.0UHRS.V8j.5. FS..}.....cZ..5..-.....:<.&R.=VX-..^.c...i.g...d..E..V!i.|.t..r.Wm..L("U.:./...L:.<.NC.w...sE_6:n.C.$@@...#.Go..Ba........Z...5..4..t].0u.z.F.4j......]I.&....`..1.1K....FWg.R../...<.."$...........L(Ng.*.G.+Z.q.s[.n.q.ZXbja..`....."...~..n.&.5x.@.K..5.......pg.......9&t.$.-..s.e..._EC..+..6....IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\tab.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 66 x 24, 8-bit colormap, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):390
                                                                                                                                                                                              Entropy (8bit):6.983802265794423
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12:6v/7OX/VvA7tCOoPUgvli1vmDwSqd7cMQ:JXNvAUVQ1vQqd4MQ
                                                                                                                                                                                              MD5:993BFF22C0CE8B494EE40D5C0FCF7656
                                                                                                                                                                                              SHA1:FC273DD2567073EBEF5CEE52CC300148128627D7
                                                                                                                                                                                              SHA-256:57B1AE0988C615082705698CE38D82B0AEC46BC11141ACC62F16554AF1F27820
                                                                                                                                                                                              SHA-512:55E68688EA4A3F9E8AD803A75981CCF8FAB75E40C52369D6EDE66E213E4F5A9401C18D0971AB2F07C46DC3195D1DCC3DA3D27CD146EEDB2E48F3EF62D31A995E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR...B.........y..K...fPLTE.....................................................................................................R......tRNS.......K....IDAT8O..In.0....<#...0sSW....4....".Zl.8.qK.>.7..Q<__7.z......P.Kc.@{.h...,..ND..L...t.!Wg.:=..V_p..g.[...5........1+.+..L?..v..".....N...n.`.=.q.1........o....w#]{.....$.....v..N43..=[..7..........IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Base\images\tab_selected.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 66 x 26, 8-bit colormap, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):437
                                                                                                                                                                                              Entropy (8bit):7.193635323117587
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12:6v/7/dfTXAVW3o54JRkLUUFwKyAqGaoqEFc/hc:krP3zkLNqAqpfC
                                                                                                                                                                                              MD5:8511861D8ED8A8F140DDABDB9B3920CB
                                                                                                                                                                                              SHA1:EC61FA8B96DE733CD56D720872D8CB9E89D713F4
                                                                                                                                                                                              SHA-256:B118F88D8D57201E2BBD1F1DA01FE348D3011EFC83B3F909B21C7AB2DABB87EF
                                                                                                                                                                                              SHA-512:2B3DF5E2E8FF187631DFDC5BE3196FF9509F65B304D025F41F5201830197744C6E724B974B38DBCE28A5284B37488D45B0916C60B94BBFCD3FF466FC7D63A84B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR...B.........4Wz@...uPLTE...................................................................................................................p.+....tRNS........@....IDAT8...AN.1...#.$>...........d...3.......DC.\.....B..HO......^M....#p>h#i1....d.;...`.X6XX=&...S_zl..+J.qyq..g.t...lb.'kMF-..wy.(Q.l15..n.(k.g..e..k......m..d.A..)...=.....;........}..|...%.f.........|.T.V.l.....W-..=C=hTB....S..!Z*Ex....IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\ApplicationWindowStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2037
                                                                                                                                                                                              Entropy (8bit):4.83051031007633
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:MLkjCT3QXf8WYwid0szM68qDRGNfFTNZbOWGf0HB+N7YiZTcfy9kXbY:MLoO6E+iCshVKzlOWGf0hEVufy9d
                                                                                                                                                                                              MD5:54013A441AF69B499098EEA96FECE200
                                                                                                                                                                                              SHA1:47877BFA803C0838AB0A47342911C65EC071399B
                                                                                                                                                                                              SHA-256:05E93F38D7C9FC61DE783DB9DA2ECB29327EEFD0C1D8C9B39AD9B90224C7170A
                                                                                                                                                                                              SHA-512:1B8B33D378B91319A31FE773BCAB7E0069E9F60CDA1D2CB35EE0FD92B39CCA2260C7246FA6AC37AD24C66765E0FD380E8B6100E31CAA99B5C9B0DB2C72B07B79
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\ApplicationWindowStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):580
                                                                                                                                                                                              Entropy (8bit):2.1708732850837653
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:K1CUsZEEEEEEEla1ck1p1h2Kbu/Jzxx8PIGC+SEEAsFslfsls1v3DD:0aZEEEEEEEA1cs7s/NsII8FEfEEv3
                                                                                                                                                                                              MD5:6B179A892EB3C222E74B1015125574A3
                                                                                                                                                                                              SHA1:9D5942C4D207ADD75A2F87510F48E136CF671808
                                                                                                                                                                                              SHA-256:58073CA53E6FDC9221379B48400961CD18D20B91199B070C1496D843839C2C68
                                                                                                                                                                                              SHA-512:C96A87F1B593A0D243DD0A0105947A43579864903622DA5A868D84DBEE33B046BA691BD338E9FBA0654FB9BD3BBA0E382E53C54B2107C399BBAE7F2D980E0333
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...............D.........................................................7.v<St..................#.......................................................................................................................................................0...x...............................................................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s...S.t.y.l.e.s...........................A.p.p.l.i.c.a.t.i.o.n.W.i.n.d.o.w.S.t.y.l.e.................(.......................(...,.......................T...T...T.......T...T.......T.......T...*.......T.......T...........

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\BusyIndicatorStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2033
                                                                                                                                                                                              Entropy (8bit):4.829978509699591
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:MLkjCT3QXf8WYwid0szM68qDRGNfFTNZbOWGf0HB+N7YiZTcfy9kXe:MLoO6E+iCshVKzlOWGf0hEVufy9z
                                                                                                                                                                                              MD5:2DCD6E429D59C09BB08C9EBB65AF183A
                                                                                                                                                                                              SHA1:5A9E200CED0F4D6202BA8E1BE082EF4F8EF6412C
                                                                                                                                                                                              SHA-256:269B14A439279C1B28E2D66093E42C8CEC9F9EC4A6996633B263CACA6460FAC9
                                                                                                                                                                                              SHA-512:084C5C7C1F22C6D2378436592EB3B51593471BF96FCFC13D8CE1C95978E6B073BB3BB88C5B084ABC3F2358DFBD8D6F808FDFFA74552A39E03942BD621F4B4B28
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\BusyIndicatorStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):572
                                                                                                                                                                                              Entropy (8bit):2.1347223362915777
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:K1gdVkZEEEEEEEla1V1p1h2Kbu/JzxnIlGejcpAsFslfsls1tt9DD:0gd6ZEEEEEEEA1/7s/NBIdAFEfEEPR
                                                                                                                                                                                              MD5:D863D0DD0952C18FD4E9360B2F34718E
                                                                                                                                                                                              SHA1:BFE6EB71818F3E8CAE5901E856B25384C275CAC1
                                                                                                                                                                                              SHA-256:51ABD93FD84BAEEBC2DA078765B616044C8CD256A49D4DACF9080BC5678B5930
                                                                                                                                                                                              SHA-512:3A91942DD207CF084601DA77D7E440A956B09FA0AE0A0B9A0D7FE03B7C83D936A8B89CC1EF137320BD87B8E89151D8695A538FBFF58FB4E90F266A70E562191E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...............<...................................................^..^.....Zu..d.................#.......................................................................................................................................................0...x...............................................................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s...S.t.y.l.e.s...........................B.u.s.y.I.n.d.i.c.a.t.o.r.S.t.y.l.e.................(.......................(...,.......................T...T...T.......T...T.......T.......T...*.......T.......T...........

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\ButtonStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2728
                                                                                                                                                                                              Entropy (8bit):4.844188917143975
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nCsPByFTJWjr:KogUldGcQWOPByFtWjr
                                                                                                                                                                                              MD5:A62D007DC5671CB3B7E899E6C80F212B
                                                                                                                                                                                              SHA1:D3F14DE84264D533D2262F3A9AAF52010D9677E0
                                                                                                                                                                                              SHA-256:56BD787A33ADC129D41092CAA2E38BAC074F0ABEB9430CA2EE134566D12A55B0
                                                                                                                                                                                              SHA-512:7FE3FAFEBB599129FD7B058D58C388A8825D93981EBC600B47814389D9C10CBF5B7D13BD65D06E34E9C4B78E2F84A65817C557755D32A2AD75B04D29229F8A1B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\ButtonStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3888
                                                                                                                                                                                              Entropy (8bit):2.8820989016726157
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MxmfEhP5JXvPVAepTOmmJ/qhoDvxtxxqS44HhxIJEuMcInTdabBB9yv8p:TchhNnVammJ/iovKy15cInI04
                                                                                                                                                                                              MD5:B901B398784E60D8B49EDB3DA6DA8586
                                                                                                                                                                                              SHA1:FCAB78C872587748A664C7EE28A46904CFF0DBDD
                                                                                                                                                                                              SHA-256:FB9F937080FA55639A19F244A830354FF4BF8351A4D9ED817603B5AA98E329F0
                                                                                                                                                                                              SHA-512:68FC2D755A35EB58AF5F4775E523E79D67FC21488905FB4EF10FB82E84B8505ED995BF4EB002B1087BDF9EBFB3349C12B3079C035EF203615F57F0DF5E914459
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...............0...................................................5...G.,..j......................#...*...8...............................................................................................................................(...........X...........@............................................................................................... .......0.......`...p.......................)...(...........@...............8.......8...............0...................0.....:.J...:.L...:.........@...............8.......8...............1...................1.....:.J...:.L...:.p.......@...............8.......8...............2...................2.....:.....@...............8.......8...............3...................3.....:.....h.L...H...:.....@...............8.......8...............4...................4.....:.....@...............8.......8...............5...................5.....:.....@...............8.......8...............7...................7.....:.L..$H..%....H...............

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\CalendarStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2027
                                                                                                                                                                                              Entropy (8bit):4.825830727934058
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:MLkjCT3QXf8WYwid0szM68qDRGNfFTNZbOWGf0HB+N7YiZTcfy9kXC:MLoO6E+iCshVKzlOWGf0hEVufy9z
                                                                                                                                                                                              MD5:D557C09A026B8492A3517007BF4B222D
                                                                                                                                                                                              SHA1:3031C85AA4B93F676578EFFD1F11ACDFBBB696E9
                                                                                                                                                                                              SHA-256:15F50D0791445818E933E80650BAA16A94D3B9403B216D87FEC1B5E340D1F267
                                                                                                                                                                                              SHA-512:DE7854EB35483025D55B08B3A6F3CED06AA90258D0816A8A2DED72B4E981417DD4D22A9B7C5071550D37E8514BA3E06F3F3F46BB453496C16FFFEC505EC414F3
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\CalendarStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):564
                                                                                                                                                                                              Entropy (8bit):2.097938717140605
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:K1O8llqZEEEEEEEla1s/81p1h2Kbu/Jzx4oY4cpAsslfsls1tt9DD:0LqZEEEEEEEA1s87s/NRUEfEEPR
                                                                                                                                                                                              MD5:5A89A0F87B38EBDFD141B7C0CA47CD5E
                                                                                                                                                                                              SHA1:868239DFC2D42CA3B16D9742402ECE499681C45A
                                                                                                                                                                                              SHA-256:84059D9B8DA7327659B61B789D36FBCBC179B4A5A0EC77AE67C661CD65FFDD1F
                                                                                                                                                                                              SHA-512:D6A99E53727692831B3C4A4DEC0CC168354C9F6349C2EFAC704170A057D10513B9A71E7497A30D2CE3A82E9473A491AF118DDB09354533DE27B942271E65A1A0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...............4...................................................O.I.".g8.km..J..................#.......................................................................................................................................................0...x...............................................................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s...S.t.y.l.e.s...........................C.a.l.e.n.d.a.r.S.t.y.l.e...................(.......................(...,.......................T...T...T.......T...T.......T.......T...*.......T.......T...........

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\CheckBoxStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4043
                                                                                                                                                                                              Entropy (8bit):4.635695740291305
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nCsauKRsCxUu2oM6XRatjM3CSnhHTXgv:KogUldGcQWOauKRsO2oMC+MSS1LS
                                                                                                                                                                                              MD5:52AE42A1BF76186E365F0A7F96E639C8
                                                                                                                                                                                              SHA1:A09A8EF26CCD91155014D86AF57F85FFF3970867
                                                                                                                                                                                              SHA-256:E4CE3E2C356FDC11F7D5AE4029602CDBE5F40E103CD482281A8D9F8EE6EB9936
                                                                                                                                                                                              SHA-512:25EF63D9A6A175785EAE639CB135BAB3FC920016EA5F8D53194915F86EBC96FF4943C02A484DC85573CA298160EA1F440F5DA56E92AD62C9A2D087169DDF8553
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\CheckBoxStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):10368
                                                                                                                                                                                              Entropy (8bit):2.9760807685194948
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:c+q6uYuathFdYDT8t55EUIJ/SQfSo/8J2hEbcKEpcdKt9aaJYBL1n:Rq6uYuatXdYX8tTRJdvKjzY3
                                                                                                                                                                                              MD5:54B06488173C0917B17A21346788B595
                                                                                                                                                                                              SHA1:BF52EF898609D50469FAD744445F6932C40FE7FC
                                                                                                                                                                                              SHA-256:D9D2892E4CB04C73E37CC96AECB4D70A5BC953553CC1DA3C23831E6687500AF0
                                                                                                                                                                                              SHA-512:11E62A7CEDF3D231C33D054BC0DC0B6AAEFFA0B58FC084B0B68AF3D3335309E93C4AC8C0B7EC7C140F2BDEBA7CE682BB91DE66C92C32027D051B050ADF7C90B9
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)................(..................................................!2q..._.9i..K..................#...^...................p.......p.......p...D...p.......................................................................................P!..........0...x...........X...........@...........(...........0...x...........P...........8...............h...........@...#.......#.......#...........................................................#................... ...3...@...........c...........p...........................................................................p.......0...............p.......................................0..........@.......?........U.......@...............8.......8...............0...................0.....:.....@...............8.......8...............1...................1.....:.....@...............8.......8...............2...................2.....:.....@...............8.......8...............................................@...............8.......8...............

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\ComboBoxStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5292
                                                                                                                                                                                              Entropy (8bit):4.717869540578657
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:KogUldGcQWV+JbB+LjqZyYBAQnxg1AJzenItNx06gVgyx:KtcGZJAqACgDgyx
                                                                                                                                                                                              MD5:9CEA0D2F653C5E0536C32175995E7EB2
                                                                                                                                                                                              SHA1:BADC1B9758A4FE56402CEAA0B421E2AE734E5384
                                                                                                                                                                                              SHA-256:B8EC881A35CF7E90154D2413CDCD53C2B131556C22E96F542FD934FA3AE34C83
                                                                                                                                                                                              SHA-512:9D64E98D56A30E2D1937B4266008A65A510F773C2750B26695B61B4549F8780F53B29FE8DB23BD0D5B513D3CCFAEA61B578E7D2F5C894E47F4D6E3FCBD2F9ECC
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\ComboBoxStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):12384
                                                                                                                                                                                              Entropy (8bit):3.0196205930970814
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:8Lbg/sUI0NmNgAgJ5JtQ8wP6EhEJAb6vPTQfnton0KS12HUTv50Ebj7kzFvV2oBj:8R0NmN7gnjTe6EhwAZKSthD62zXNB
                                                                                                                                                                                              MD5:F1939F603E679AFF9A6E6EBBB7789E4D
                                                                                                                                                                                              SHA1:C4E5A6272EDE507CE5E96D91BD778E775B63D2E6
                                                                                                                                                                                              SHA-256:DA56ACEE4F1B71ED0425B79C5B169CD33D248D59E9D2841AF842DC456A6D7E3F
                                                                                                                                                                                              SHA-512:7AAE758EB5EF225E524DFA88ABBD598500AEF7E97B635E665F2797953B73F0E3931BC5A9595C1F0008A885743B4DA055B2ABD8C381457EE8E75ABE284952CB5B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...............`0..................................................b=|.....!Ir~.P.s................#...q...................h.......h.......h...Q...l........................................................................................%......H...........@...........8...............X...........0...x....... ...........8.......8...............h...........s...........s...............@...`...........@...............@.......s.......s...................................................@....... .......0...........C.......P...c...c...........p...............................S...........S...........S...........S...................................c.......c...........`.........................................@........~.............................l...........@...............8.......8.............../.P................./...........@...............8.......8...............0.P.................0.....:.....@...............8.......8...............3...................3........[.......pp.........

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\FocusFrameStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2261
                                                                                                                                                                                              Entropy (8bit):4.866831940677612
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nC+ZXn:KogUldGcQW4Xn
                                                                                                                                                                                              MD5:47CA08817D0EEC6DB4B3EAF514421448
                                                                                                                                                                                              SHA1:0393CD93A96B8B9A6E9ED6E56CEC9CEED8DDE44C
                                                                                                                                                                                              SHA-256:8307CEEF8D86F2E307B67A1C4A0B33AF7B83CC4965F698B15960841D20B19F29
                                                                                                                                                                                              SHA-512:99B632BBD80E9E0A15FB4D43DBEF3BEBFB8F13328F496B5BAF640978B1430CD351FDA50B4DED003FC54664F1E71F4D01A9EFE04577416D701B827D146E492A3A
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\FocusFrameStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1344
                                                                                                                                                                                              Entropy (8bit):2.516006439261854
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:0q+1jssssssp6mNmK3JR/BqDE0dPg5l9eq:d+uCjJRpm1aTr
                                                                                                                                                                                              MD5:5574B58E0109ABD3AC7FA753127ED997
                                                                                                                                                                                              SHA1:58A93A78BA46B1B83DAD9DA092E1BBD185EC2E31
                                                                                                                                                                                              SHA-256:2F61DCEFAF462D6405793175C4AC8E3C19C6848BF9ABC3A294BBCD6F12CB480B
                                                                                                                                                                                              SHA-512:5EE9838F51D17005CB3F7A4A4102FBB09C659CA5D62E2D29461C5A5AA6DF451667228338001817B04A74FA91FDF9045A375B79BA655ACE5A4105E7D79DA020E4
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...............@...................................................;..4uD../.O2:I..................#.......P..................................................................................................................................................?@...............8.......8...............3.P.................3...........................X...................@...p...............................................................Q.t.Q.u.i.c.k...........................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s.................................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s...P.r.i.v.a.t.e.................................S.t.y.l.e.I.t.e.m...............................m.a.r.g.i.n.............................a.n.c.h.o.r.s...........................f.i.l.l.................................e.x.p.r.e.s.s.i.o.n. .f.o.r. .f.i.l.l...........................e.l.e.m.e.n.t.T.y.p.e...........................f.o.c.u.s.f.r.a.m.e.............................p.a.r.e.n.t.................X...................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\GroupBoxStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3230
                                                                                                                                                                                              Entropy (8bit):4.914641706249265
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nCX+/CAYnvoYBxnQ:KogUldGcQW9+/CAYgYBq
                                                                                                                                                                                              MD5:FC05F8A54097E64E9044950470A58E40
                                                                                                                                                                                              SHA1:ED2DD6FE5FCCAA5B88BD4515E93D2435C43899E4
                                                                                                                                                                                              SHA-256:6858DB01FA20AD83559BB5DBB9BB6A7711C8C6959EC53FEBD4D0A9C5370CF59B
                                                                                                                                                                                              SHA-512:11E577F43E332B195BFAD9CE5A0AA8F4127C0C6F1878ED5B99168B8DCDE5C41C89BA9AB752D8C92AAC70C19DA06FB598066FFBE7D6B6449D36D1D704FDCEF07A
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\GroupBoxStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):6616
                                                                                                                                                                                              Entropy (8bit):2.954412897214398
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:fSmoGW7+lqp9O+NlbA6NOJb2ylOqpW8lGFvW8lnEfRS0xqfm6CLZF6HnIJEuvIRv:cXs+f14JbblO55EStwa1L7FbKzfdw5g4
                                                                                                                                                                                              MD5:FBD759675C9AC5FA4A48F6314CCC7499
                                                                                                                                                                                              SHA1:578003BBEAF1BA3647BE2C20248767FD8A629EE4
                                                                                                                                                                                              SHA-256:4CA70ADD85AFFD00890E8CD606ABFD9276D1F6F9F096653BC3C2E9FE2E81A5B7
                                                                                                                                                                                              SHA-512:5B9EB465B999D5AD548FEF550088AFF16AFD11BFC419DEB0BE4FB04DAD7B17940D87F8628C8DF82EA38703790ECEEFC938543EDDC6C0F313474AE6C4E8B2C2D3
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)......................................................................'.^..ZM.6...................#...@...................,.......,.......,.../...0............................... ....... ....... ....... ....... ....... ...............0... ...h...............0...........8...........0...x...........................#...0...c...@...P...c...`.......................#...0...........#...0...........#...0...................c...@...c.......c...........c...`...c...`...c.....................................................6...=...........@...............8.......8.................P.............................`...%...........8.......8...............3.P.................3.......4.......5.......6...!...7......:..../...........`.L.....0...................@...D...........8.......8...............:...................:.........:.....:.:....`.J...:.L...H........:....7\.L...H...|...............@...............8.......8...............;...................;.........:.................@...............

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\MenuBarStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3238
                                                                                                                                                                                              Entropy (8bit):4.90187484968626
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nCev5COkFNpACuUBEKjo3Zq:KogUldGcQWcv5x+aCuUUI
                                                                                                                                                                                              MD5:E78025940E8545B158A72910F129AAF0
                                                                                                                                                                                              SHA1:8CD85D7C384EDF0FF6B05B532A4FE04312162A33
                                                                                                                                                                                              SHA-256:177F211EE15687E231B2A790172D5CADD638016831AF3E4A55C4F9EEDB37E2AC
                                                                                                                                                                                              SHA-512:4A494D95DE21929FDF04721096989C966717D89E5FD2C734CB6F9B5397579C32525A918417E305FAD9043AF5BA8E5D343809AADCB53A31CE8C4391A92BFA33AD
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\MenuBarStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5604
                                                                                                                                                                                              Entropy (8bit):2.994311913214406
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:/ddtytDIZjJ99Zf3Ny5b9UEbt2t4xRWvZHHt:/ddt0IX5gbZ/
                                                                                                                                                                                              MD5:D8475D29AC4A12DAFB65AFA6E0C1B0FC
                                                                                                                                                                                              SHA1:F34A139463779D1863EEA31B8454AFD6CDDACDEE
                                                                                                                                                                                              SHA-256:82FC57AD8798845D876C8834C6CAFE37A2F485B777181859239F32257478683C
                                                                                                                                                                                              SHA-512:BF8D012AEF0377A763D193A43B16DD0F85AB2B24759A1B185350D683E82B2132AA615E27F26449229B5F64ADC05DE54FDD758724B5FF7880AECC774B14F56F9C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...................................................................e4.."~..%qg..{.................#...8................... ....... ....... ...(...$.......................................................................................................h...........P...........0.......s...P...........a...s...P...............s...P...............s...P...................................3.......3...#...3...............@...S...................`.......................7.......h...~...........8.......8...............3...................3.......4.......5...;...6...X...7...z...8......:....'.........)......|.>....:....'.........)......|.>....:....,.........)......|.>....:....,.........)......|...>...................@...............8.......8...............>...................>.....:.....@...............8.......8...............?...................?...................@...............8.......8...............@...................@...................@...............8.......8...............A.......

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\MenuStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4683
                                                                                                                                                                                              Entropy (8bit):4.828387956520702
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:KogUldGcQWzvqVw/vSN93wT4ojVJGkOsjRj1:KtcGKWwyzwTzJLBj1
                                                                                                                                                                                              MD5:9C457D5FAECD7B9A50671D78B48FD52E
                                                                                                                                                                                              SHA1:B5C07C5CFB40D4B40F85C9EE7F8417819A5A15EC
                                                                                                                                                                                              SHA-256:AF75BB0905D646A1A15361D642AB86A1D389695D6BCFEE8291CDA857F84E0CB6
                                                                                                                                                                                              SHA-512:9434551DC72FB405BADF8BF89C024F7531A2E5AB0EEF1FD3F89999230B65D92E0BBA98D0D51C41CA205763AC9081BE4839E5D2B5E435F0135F5726C14B59C11F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\MenuStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):9780
                                                                                                                                                                                              Entropy (8bit):3.069042267581048
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:0DMz+jZG3NChNPDMUmkJ/9hBaHZ2H51MWEbt2SOzZqqvltqFND1E9lESM:1+w3NChRMUmSNZ+/9JWH1M
                                                                                                                                                                                              MD5:B8893885A45B266E019FBA47084E2A23
                                                                                                                                                                                              SHA1:485064760EAB72AE6B931A89C8CBFCAFD9A01E3B
                                                                                                                                                                                              SHA-256:AB6F316236DB12D405A38676E84A4595256B1A01A096B6852A0B2B64CF35D4FD
                                                                                                                                                                                              SHA-512:5576CE57134EA6597F6AEEF43EDB8C005F552D6D700F96CAC7454729CDDE0E9A2A86E7F4C81353B279AB65032B9CE9A552B0C5506567EF111672BA57C1A93651
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...............4&..................................................Oi&ps.]...~.br.+................#...a...................H.......H.......H...F...L.......d.......p...................................................................................H...........8...............@...............x...........`...........H...............................3...0... ...C...c...c...c...c...........................................................................................#...........#...0...#...0.......S.......c...#...0...#...P...#...p...#.......#.......#...p...#.......#...0...#.......#................................................G.z................Z.......W...[...S...\...]...`.......@.......>.......8.......8...............r.P.................r...........@....... .......8.......8...............Q...................Q.....:.....@...............8.......8...............;...................;.....:....`........@...............8.......8...............@...................@.........:.........

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\ProgressBarStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2916
                                                                                                                                                                                              Entropy (8bit):4.839363550613035
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nCsnxq2Bh9n1iWUH95XkuMZr:KogUldGcQWOnl31iWQ95XkX
                                                                                                                                                                                              MD5:5168523E82D5137AD3656165D1D0A2AD
                                                                                                                                                                                              SHA1:0C27710BC44AE4C0D5A781BA0D807398D70AFD42
                                                                                                                                                                                              SHA-256:374ECA958EF36B2324ABBEC45E179E11570F6DE5A91F8AD3F2559393B240ED28
                                                                                                                                                                                              SHA-512:AB2DF3E21E1BF415FC77978F42E64D6BA0273E04CB439367F9093A5BB7E9C7F78A3C2381258FE82AFD67CF45F41E82B8BE116D583D2E628C0C228DE1E6A78E79
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\ProgressBarStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4212
                                                                                                                                                                                              Entropy (8bit):2.9315315607398036
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:dbmdgUafHdx/y2xSJ/qh9mowoM9+yHYEBY4SlybtryKM5CYZDd9zsIn4b8:kZafHSJ/i9vklHYOYZEbt2KM5CYhV
                                                                                                                                                                                              MD5:17DC4D8460018C26EE3D1057CE78ECF2
                                                                                                                                                                                              SHA1:0302471912DCD1AAC76D0DED281442557C1637B1
                                                                                                                                                                                              SHA-256:379B9CE8C96C6BF079B8D29DE249AC15CFF33EC394D92BEF4797438C80AC2983
                                                                                                                                                                                              SHA-512:80DDA771E3BBCC7472EB1C88CFE2D2314AD1AA6A51069C141AC408C75AEBBCD48CCFB9378D92CAD34DDC9F94B96F60911B1159B739D479FC61154678D5573407
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...............t.....................................................IMk.t.`;.C.&..................#...)...............................................................................................................................................`...........X...........@................................... .......................0...................P.......@...S...`.......p...s...s............@s.........@...............8.......8...............4...................4.....L..H...:......................@...............8.......8...............5...................5.....L..H...:......................@...............8.......8...............6...................6.....L..H...:......................@...............8.......8...............7...................7.....:.....@...............8.......8...............8...................8.....:.....:.h.....@...............8.......8...............9...................9.....:.....@...............8.......8...............:...................:.....L.....

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\RadioButtonStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4128
                                                                                                                                                                                              Entropy (8bit):4.6240539224144275
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nCs+MMLR0K6SCv2oM6XRa2jM3CSnhHTXgv:KogUldGcQWO+MMLRvA2oMCRMSS1LS
                                                                                                                                                                                              MD5:9DFAC0C040CA518A9E1930D70E90F6F5
                                                                                                                                                                                              SHA1:A6D338CE117273B5753A982C66C7A76176C01293
                                                                                                                                                                                              SHA-256:D673E0F7FAD84074A376601CA564445E9A8B428CF50C37EA59D05A7AB5924F6A
                                                                                                                                                                                              SHA-512:9855008ABB7A5FC71AE9FD8D5BA78B7FF3E44F0C5110B1C0CCE214ED6A58846B31ECD03500F9B8D4F2ACB1F8076D9A1C3B18AE46623365BABCF8E419831815A3
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\RadioButtonStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):10500
                                                                                                                                                                                              Entropy (8bit):2.9556053459781477
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:NXthaJUb2mCehtYCf5B9J9bxSQfSoK8r2hEbAKEpS7npBN8aqOzIs:Nb2mCehmCRBWaHzz8aqOB
                                                                                                                                                                                              MD5:6CC7B8099B053D4E25EBBECBCD801D83
                                                                                                                                                                                              SHA1:77CA239F0700871352DE2F813B1EF0C8B7451D4B
                                                                                                                                                                                              SHA-256:3DEF03EEFF7756FB647C755ACF1F6542AEBA81AC68CDD4389CC674D686189C96
                                                                                                                                                                                              SHA-512:1BE6603A3251ACD88053F23025D47886B3933A0E8A5F7941C416DC52F4F81654DB1554D1B5784674464DCFCF99264FD491A263EE32100273028ED2DDF0E4C190
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)................)..................................................e.h.@&.0a#.C...J................#...[....... ...........x.......x.......x...D...x....................................................................................... !..........0...x...........P...........0...............p....... ...h...........H...........0...x...........X...........8...............S.......S.......S... .......c.......c.......c.......c.......c... ...c.......S.......c... ...........3...........@...c.......................c... .......p...........c... .......c... ...........@...........................................c........... .......@.......@..................@.......?@...............8.......8...............-.P.................-...........@...............8.......8...............1...................1.....:.....@...............8.......8...............2...................2.....:.....@...............8.......8...............3...................3.....:.....@...............8.......8...............

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\RowItemSingleton.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2070
                                                                                                                                                                                              Entropy (8bit):4.832400322959624
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:MLkjCT3QXf8WYwid0szM68qDRGNfFTNZbOWGf0HB+N7YiZTcfyyU2yEd:MLoO6E+iCshVKzlOWGf0hEVufyyUTEd
                                                                                                                                                                                              MD5:ED9217025E9EC7239C63D2EF60B78282
                                                                                                                                                                                              SHA1:C5A7F37EAD74D963D7E2F706D693E31EAFC3BAD0
                                                                                                                                                                                              SHA-256:5C11ED9112F3D286DD0351CC5166AEB3CF7B4BC8847C0A35422DFBC14FB4F3A4
                                                                                                                                                                                              SHA-512:7157E905D21B7D5C330EC5275B91ED2B2F3E6A696874CA3EE05586B500820C83350942F990895382C32F8942258E708A297DD76B3A9D62DB9C0EF1DA482A4138
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\RowItemSingleton.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):684
                                                                                                                                                                                              Entropy (8bit):2.224650175858714
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12:0pfEEEEEEEA1Wbt/pAg+l05EfEEEoFeEfl/:0pB0R/+L8IFe0/
                                                                                                                                                                                              MD5:6160172487777B0F49ECAECF64B52222
                                                                                                                                                                                              SHA1:7E3056C0A86BFAE46E8B61DA4DF070CDAD55E101
                                                                                                                                                                                              SHA-256:19597E70B013A7E9D2E702336A5CFD9658F41A7485F7DF1176053253F674F07C
                                                                                                                                                                                              SHA-512:39D4C8EA16A11B47B8ECB80FA1E8EADFD413E777AC8D77295ADF0C2E1E9F27DB703DAC32EC9B700C30EFDCDD7DCBA0F235228EBB9B06DF40DDB92FDDB6B09FA4
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...................................................................6.....kv....:.G.................'.......................................................................................................................................................8...........................................................................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s...P.r.i.v.a.t.e.................................S.t.y.l.e.I.t.e.m...............................e.l.e.m.e.n.t.T.y.p.e...........................i.t.e.m.r.o.w...............(.......................)...,.......................T...T...T.......T...T.......T.......l...*.......l.......l.......................+.P.+. .....

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\ScrollViewStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3920
                                                                                                                                                                                              Entropy (8bit):4.8675531615918075
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:KogUldGcQWOLBgWFnl0bNNvGbGDp/s6dkGF:KtcG7qwl0bNN2Cp/uGF
                                                                                                                                                                                              MD5:CCF3DC3DFB076E1397626FC400502E0F
                                                                                                                                                                                              SHA1:379E4B968512352773130A95E75D465F3BEE4857
                                                                                                                                                                                              SHA-256:A6F0CBA47674AF372708D6002506A0514FC8F1C6DF922416B44549BDB5D08806
                                                                                                                                                                                              SHA-512:2DBEFCF7793C5EDD0B167AE6A82652692063126CAF465B33330292357F7D0F2E0D728C60CD375F279F8A41AC94E9CB4CEA431652F42BC9713AA01E102687FF01
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\ScrollViewStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):9328
                                                                                                                                                                                              Entropy (8bit):3.007849911372604
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:Q+BqapWRhIcVNdtuJcOIlSPP86jNVOV0t44k1YOYiwfq2Do4jxVZCTD7EtA2pj4i:xBSScPdmP1VOV0rliUxVh4/6
                                                                                                                                                                                              MD5:E47A3FC7AD33E1C09E1884DC3DE8F45E
                                                                                                                                                                                              SHA1:4E0E3DD7D8F884D141A30158543D7FB843874D27
                                                                                                                                                                                              SHA-256:E9D3504019AD242CE6496F4F1159BFC9DC5D1A5E26F3158BE4B5BA94D1F821CC
                                                                                                                                                                                              SHA-512:CB05229C8DA3AC501D60F226163A9974C768FC120CD9CE5DD77766FE13124F03D3DBE6211A39A9B1E75A44D220BE06CAEAFB8BB5B10258E15F0FC4AD04699AFD
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...............p$...................................................6..D.....p'.*.................#...U...................L.......L.......L...)...P...............................................................................................`...........X...........8...............`...........H........... ...x.......(...p...#... ...#...@...#... ...#...@...#...@...c...c...c...c...........................................................`.......................#.......#...S...3...Q...C..............................@...............8.......8...............0...................0........C..........@....... .......8.......8...............J.P.................J........E..........@.......".......8.......8...............K.P.................K........F..........@.......$.......8.......8...............L.P.................L........G..........j.......@.......'.......8.......8...............O.P.................O........H..........@...............8.......8...............1...................1...

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\SliderStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2912
                                                                                                                                                                                              Entropy (8bit):4.857002307301528
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nCs+DYs7M00/+BDBqivLm:KogUldGcQWO+DYd/xT
                                                                                                                                                                                              MD5:C5BE6A9676AE022A4B5C5B67F9CB3483
                                                                                                                                                                                              SHA1:1105EF627A6B6F46B9860C72E25069ED259AD1A3
                                                                                                                                                                                              SHA-256:67D3A94B75A01AFEE08644CDED0E393CC3180916FE6DC9BF4B7E7B14727ED582
                                                                                                                                                                                              SHA-512:303BF89C5C800C0D7C5C2C9682FD82F27CECA7F16044372808A1E88B74C94258B1A638A6DE3A2671CE92B11C445F047BC3BD30EC543B346690EE4EDC1A82A9D9
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\SliderStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5956
                                                                                                                                                                                              Entropy (8bit):2.8994734744282233
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:eknfSiJWbxii2hEbuk47gYOYin1EpVbv70NxY4HyF:ekq9iliCv4HO
                                                                                                                                                                                              MD5:11C14EBE805EB1BBB0B1DF29AE01E5D1
                                                                                                                                                                                              SHA1:D0117BFD00AF6C2A82F65F84CC3A5395FD599C7A
                                                                                                                                                                                              SHA-256:C73E598834F26081314E7B4D05CE9EFC09DB46C617DBC079E096D5A87F661D94
                                                                                                                                                                                              SHA-512:8ABEC50B5843C67B7A4061558F7B2ABFD942FADE2B12C4487FC09D6754BFA427621F9DC500C652DB5D3C4FB9AA181ECA09C4A980EDE0EFECED3B2D34EC4331F0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...............D.......................................................H9..jSF#T..4................#...=...................0.......0.......0.......0.......................................................................................h...........H...........8...........(...x...........P...........c...............c.......c... ...c...0...c...@...c...P...c...p...c.......c.......c.......c.......c..................................@...............8.......8...............-.P.................-...........@...............8.......8...............0...................0.....:.....@...............8.......8...............2...................2.....L...H.........@...............8.......8...............3...................3.....L......H......@...............8.......8...............5...................5.....:....d........@...............8.......8...............6...................6.....:....d........@...............8.......8...............7...................7.....:....d........@...............

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\SpinBoxStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5470
                                                                                                                                                                                              Entropy (8bit):4.769994565901049
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:KogUldGcQWO+KWtnZkRtrFbWFJRN/3sqNnckMj:KtcGOXZ8UM
                                                                                                                                                                                              MD5:3BCFD261EC53F77B79FF18EDA94F00A4
                                                                                                                                                                                              SHA1:806C34F49630C855AB448D1DDD7CC7EC75155A7E
                                                                                                                                                                                              SHA-256:BC6AA234585366A42DC44D90F15BAF2CDC601F4158E9A2E97A9E8CE4BDABE15D
                                                                                                                                                                                              SHA-512:96F7FA538D396A03D0660B6D76070D5BB66419C80917AA3BB4135C57B98219A87D318E0EFAEF817CDA896C3ED65554072F6168D3B33E779BE3BA430A8E95404D
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\SpinBoxStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):14728
                                                                                                                                                                                              Entropy (8bit):3.1008045226317815
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:mEKptk3+YhgvIFWgHX3Vc5RItlEAlbW8kHsRJnvbIYoPDxcH/yLf5VR5cH+sdq+7:mES+Bh7LXsReEABWtLVfACQpL0wqXJwl
                                                                                                                                                                                              MD5:C49291792799DE07901FC05B8D006BE4
                                                                                                                                                                                              SHA1:290F980659A9BBAB755919B64C5C217E3118CC27
                                                                                                                                                                                              SHA-256:962CE4479579872A510F7EC4C7A335EC7A96BAF54B2C12B7BD72DEBD476E0984
                                                                                                                                                                                              SHA-512:E73119511D60C32D43EAE375C76AB5AF9ACA3EABB77EFE704671E461680B559C3AC473B4207BA5F9B0E9D9F05F609F179D016A436241E27F11991D221D57EAA0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)................9.....................................................R).$..{"..7.G................#...........%........................................................................................................................... /......P...........X...........h...........`...........`...........P...........0...x...........(...p...........`...........P...................H...............................c.......c...........#.......c.......c...........c.......c...........c.......c...........#...0...@...#...`...#...p...#...........c... ...........c... ...........c... ...........c... .......................................................#...`...#...@...#...`...#...........#... ...........#... .......#... ...........P...............`....................................................... ... ...........................s...........#.......s.......................................c.......c.......c.......c... .......................................`...........c...s...............

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\StatusBarStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2491
                                                                                                                                                                                              Entropy (8bit):4.878811646714112
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nC+V4iYSss1bM:KogUldGcQWe4n3oQ
                                                                                                                                                                                              MD5:A4E30E457C53AEFC73DD84E4FB800AAF
                                                                                                                                                                                              SHA1:2A18E9793678530EE130464A134DC1D1C036E030
                                                                                                                                                                                              SHA-256:A605E146BD646C94F5DF54330956FCF355AA994822A3F19D2E8FC8DC7C6FDC72
                                                                                                                                                                                              SHA-512:D0F7E098A0DC960A20273C5EF33DC089B5D6F4C8C9069E2863152D0FCD3EE5972D19FBCCF3BA57D5CCD6E9A341B3BA115C6600A7E7D8E820E4F375DE3599515A
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\StatusBarStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2460
                                                                                                                                                                                              Entropy (8bit):2.573575633424152
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:2BJm/6PUJHOXqh9lmbWBnouFdzLkSRlHgHCwY:UujJuXi9l0WZxHIsNgHCb
                                                                                                                                                                                              MD5:D34FEF3C767472C7C839AAFC146E3ADE
                                                                                                                                                                                              SHA1:DBF188E555A53C8812CD533BB8131655E67923DB
                                                                                                                                                                                              SHA-256:BF708C0AEB946DB15D792C33572B6577FA685965248752CBA021A783B98DE537
                                                                                                                                                                                              SHA-512:29CE7B2B4E5D3D4BD9E9DC10610584212870B99546F52C1CAFD678D01E3CF5A0A3468FF36DBFD2ECE77E2F5CB0513CDBE803A9032E0B1477D4A790C65E8F2F11
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...................................................................7.M....W^4.hK.@Z................#.......x...............................................................0.......0.......0.......0.......0.......0.......0...................0...c.................................................@...............8.......8...............;...................;................... ...`...............(...P...p............... ...X............... ...P...........................................................................Q.t.Q.u.i.c.k...........................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s.................................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s...P.r.i.v.a.t.e.................................S.t.y.l.e...............................p.a.d.d.i.n.g...........................l.e.f.t.................................r.i.g.h.t...............................t.o.p...........................b.o.t.t.o.m.............................C.o.m.p.o.n.e.n.t...............................p.a.n.e.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\SwitchStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2113
                                                                                                                                                                                              Entropy (8bit):4.854277805833694
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:MLkjCT3QXf8WYwid0szM68qDRGNfFTNZbOWGf0HB+N7YiZTcfy9N9C2okXf:MLoO6E+iCshVKzlOWGf0hEVufy9nCfO
                                                                                                                                                                                              MD5:6C9008235764FF0068F72701943B94FD
                                                                                                                                                                                              SHA1:F100EAEEDF7D8164215092BF3C9A5F6FDC98F825
                                                                                                                                                                                              SHA-256:203F0571C301F3215736C0647181D8C40CF7DC6C96C4C22FEE327A0F2643048D
                                                                                                                                                                                              SHA-512:56BD57F97CA85EDDFF01C4C8DEBE9DFC0CFFC8959C49300A52457DCD0A8B78D3AFC2F3256BF6F38FE8942C72BF68B3B7C3385AD816E7E46AF0D6FA159A619686
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\SwitchStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):820
                                                                                                                                                                                              Entropy (8bit):2.3150804402115313
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12:0gkrL4XEEEEEEEA14cz3/jt/9/NgnEENmms:0g+Lcb3J1WETms
                                                                                                                                                                                              MD5:66F8276B294D4FBE7293C903A5114D79
                                                                                                                                                                                              SHA1:D4ADDCFDEC56F731B4E8AC7DB191C572F91AED39
                                                                                                                                                                                              SHA-256:E6B30B30F390277E747B7F08929B032B15B840AF1F142A1804FA976ED51AF850
                                                                                                                                                                                              SHA-512:E862F6DC198F76B4A108645C014B9D1940E2776C926E123C274B9F56EA61D7F5E79AFA60EC127C0D495E5495AFC3EB6F0489EE7B54BC8FF79F7744124F527751
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...............4.....................................................K..8...2.1.................#.......................................................................................................................................h...............8...`...........8...........................................................Q.t.Q.u.i.c.k...........................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s.................................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s...P.r.i.v.a.t.e.................................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s...S.t.y.l.e.s...........................S.w.i.t.c.h.S.t.y.l.e...............p.......................(.......................).......................*.......................+...t.......................T...T...T.......T...T.......T.......T...-.......T.......T...........

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\TabViewStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5403
                                                                                                                                                                                              Entropy (8bit):4.869623049015817
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:KogUldGcQWROnOVeVVpjou109ek09eeNLuJ1T1OAhEs2TTaJtAtZRt7cQq:KtcGVOVeVVdolm6Jl1O5TTm
                                                                                                                                                                                              MD5:70AC23990E0708D6C19F141EE87604AF
                                                                                                                                                                                              SHA1:B887A7EC5240501AB95B576E5B351EDA5D657CFC
                                                                                                                                                                                              SHA-256:FA8D23345774F673EC2E255FFD773B4F79C9402B1D96FD6B59DAF8296B388322
                                                                                                                                                                                              SHA-512:11DAFFFA8DF00DC43D28B18D99E32C0806083DEBE15586436C2808F4D6D7F660CC26A03982271AABA8659FB07D076170E4AD0203ED99080EB664F9E36C13483D
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\TabViewStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):14220
                                                                                                                                                                                              Entropy (8bit):3.14529450605802
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:NMaPEAgR7vM8uewF/GcBKFK9KzVk9NZzOmRW7P:mas5LcF/GZMc0NNp6P
                                                                                                                                                                                              MD5:7A05C3D92DF839F0BE81395F54D45652
                                                                                                                                                                                              SHA1:B43A34980D53ED7A21142D63B069AD329B0FEAFA
                                                                                                                                                                                              SHA-256:EE574AB2DC0E0383578415B45486AC3BC1925E60D4BBEDD65B42D68F60D9355A
                                                                                                                                                                                              SHA-512:6218F4B9C793BD142A68C678F770614F2BB37BAFDC5674D33D79B9F352F60AC6E57E64DA94ABB6BD23DAF51F2D3769FEC3385A383ED44FC44BA12571D4F08AC7
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)................7...................................................7.,..../...".qc................#...........!...........|.......|.......|...~...........x...............................................................................`.......X...........X....... ...........@...........X.......0...........(...x.......`....... ...x...........P...........P...........8...........P...................................................C...c...s...c...........c...............c...s...c...........c...............c...s...c...........c...............................s...............C...A....... ...C...C....... ........................................................... ....... ................... ...............s.......0... .......S...........s...@...P...s.......C...3.......................................0...c...................P...............c...............C...........C.............................................@2...............................c.......l...3...............3.../...1...

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\TableViewStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5378
                                                                                                                                                                                              Entropy (8bit):4.808326079025741
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:KogUldGcQWOZqOMLwFR9oDsEP+nSjMLldH:KtcGvkaRssEWSjqt
                                                                                                                                                                                              MD5:68603CC39333371CDD6E1775322F1670
                                                                                                                                                                                              SHA1:28F91909A18263E06D61EA1FCA4CFB274965EFC4
                                                                                                                                                                                              SHA-256:D79180C0B2D1FDFE1D99E182D5EE3C28262402CFFA817820379E66618C976114
                                                                                                                                                                                              SHA-512:9191915011233D238BAD3BFCB0BFB7D3E9D01BEB4BD6B02F4A6C229FDA4A9A343F8704C4079BC8E12991571B15A6AE0BDA0E2B3C2E36D5EBBA69E798C8069FCA
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\TableViewStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):13648
                                                                                                                                                                                              Entropy (8bit):3.116953971238935
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:zoV5t95m1UehhC+uIBL9esx306youRJtrbpu/O7NRsNr41JgVjVyg318oF8xBL7d:zoVGueTC8eq06ZusBegVjVyg3b2QaDfp
                                                                                                                                                                                              MD5:E36134CF19F6D2E7A338855084049537
                                                                                                                                                                                              SHA1:CCBF8D10B97D2449B870C229498FCAFF8CBD8470
                                                                                                                                                                                              SHA-256:E45D4E5478A7DACCA32E7BE2711D1B031758A2F3E63901A25D471F10EF19CE05
                                                                                                                                                                                              SHA-512:8C25775280063B7D109791D009FA14373F52774559DD21149C572A19F0988D9DBD066711E5F36685CD4B02BB26B5EAC3EEB96354D229674374B3A46FBF695E07
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...............P5......................................................i.L..,....................#..........."...............................k...........0.......0.......H.......`.......`.......`.......`.......`.......`................,..`...........@...........0...........H........... ...h...........x.......`.......@...........0...x...........`...........8...........x.......s...C.......C.......................C........................................................................... .......P.......`.......p...............................................`...............`....... .......0.......0....... ...........s...............s...............................C...0....... .......................................................................`...........................`.............................................L.......c...d...........@...............8.......8...............0.P.................0...........@...............8.......8...............2.P.................2...

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\TextAreaStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2739
                                                                                                                                                                                              Entropy (8bit):4.876333999803406
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nCDtWQwwTeDzT:KogUldGcQWvYT
                                                                                                                                                                                              MD5:F18A31B21F6E1E07ED2C2384EC9DB07B
                                                                                                                                                                                              SHA1:F0DB90907002175B39462D21AB886A0D68117B19
                                                                                                                                                                                              SHA-256:C6B003634227509E65F0BF51DA7C933DDE9EDEEDEC7939A9B4EC6A032D15CE76
                                                                                                                                                                                              SHA-512:5514AB2ED30618CB5C3AD8A15AFC45E90B3EFB83C26400700CD735D98526B6EB3F934D102B1BC83FD1E4BD559AC65B3266940699B94BB726F308FCBBF5BE2776
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\TextAreaStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3808
                                                                                                                                                                                              Entropy (8bit):2.9663640619789073
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:ozQBHggoARxxHmCDJhKBQNO506TfrC6hCVXAoxJ9Vg37WCjh9G8ANIEl2Rd:ozMggPlHJJhoQo/QXng3aj8ALlo
                                                                                                                                                                                              MD5:92EFC385566845FDA25DBE3A95EED300
                                                                                                                                                                                              SHA1:2B9C05611E93B9A036282851CC9E5EDC70B16CDD
                                                                                                                                                                                              SHA-256:8599DD0FBB772DECC4FAADE91E64814F865387AF776413FD7AF71315125CFC6F
                                                                                                                                                                                              SHA-512:B35BDE26998F331C02152E990F07976E52A7DBBF303CB8C5870DC13BCBDA25C8936C9185D86097C0046A4F77945C886A8F1230BFD636B30AF73FECB202EDDA31
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata).........................................................................%..`.&x..................#...%...................................................t...............................................................................h...........(...........8...........P...........................................................................#...0.......@......................@...............8.......8...............-.P.................-.....:.....@...............8.......8.................P...........................:.................@...............8.......8.............../.P................./.........:.................@...............8.......8...............0.P.................0.........:.................@...............8.......8...............1.P.................1.....:.L.......:........H..!.......@...............8.......8...............9.P.................9.....:.....@...............8.......8...............6...................6.....:.....`...............8...p...........

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\TextFieldStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3377
                                                                                                                                                                                              Entropy (8bit):4.85774329326833
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nCshe/RXWBwwjepxStQE/NPGtuvlxR:KogUldGcQWOhOi6StlFOmlxR
                                                                                                                                                                                              MD5:E32F36F66E28A5933DB78000F5A728AA
                                                                                                                                                                                              SHA1:B84E9F41AA9723831BA2F1E33793B280570B2432
                                                                                                                                                                                              SHA-256:469CC7017A3DEAA57E5AD77F67D92C49730158D4CDD3D4CE4A0565916B4BF046
                                                                                                                                                                                              SHA-512:B099EADB5AADBD45B9F20089D77C16953F56475D03C84A8B1F1BDF44E6E2A85163252634C060EBEA5B047C85BEA1A4CD625C850CD75AB7B82E2888690C52868C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\TextFieldStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):7608
                                                                                                                                                                                              Entropy (8bit):2.945721817013744
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:tr0lubHuJNimVpxNEkx2B0nQq82oFu9ndvHhOMP:tYlubUVnW0ntdvHhOMP
                                                                                                                                                                                              MD5:0284E4A0B1D2A6304FC88F0713B13106
                                                                                                                                                                                              SHA1:14D5D465EB05CE73BAE022F335A99FB90282EF15
                                                                                                                                                                                              SHA-256:9CB9880F8DDE6F6C8AA9BA41051442AFEC0226203A4A618EAD6D82CBC9E582F8
                                                                                                                                                                                              SHA-512:ACCA0037068C9ACDBBB8D3BF13F7E6ECE0C6F1BB78D912ACF952355A9F88D3062640BDE6054F3263435C6B03534F46EEDEBA66B9C19783AD2B8C8BDD4C253383
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata).....................................................................[.)..dU;.....:................#...K...................8.......8.......8...$...8...............................................................................................@...............p....... ...p...........`...........H.......c...p.......................................................................S...............3...3.......P...@...c...s.......................s..................................................@...............8.......8...............-.P.................-.....:.....@...............8.......8...............5...................5.....:.....@...............8.......8...............6...................6...........@...............8.......8...............7...................7.....:.....@...............8.......8...............9...................9.........:.................@...............8.......8...............;...................;.........:.................@...............8.......8.......

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\ToolBarStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2560
                                                                                                                                                                                              Entropy (8bit):4.895624359026673
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nC+V4FoTtoKNTfM:KogUldGcQWe4FqtooA
                                                                                                                                                                                              MD5:C00750A748AAC07D2EE770633A1D1977
                                                                                                                                                                                              SHA1:E33BADC9EF8C258828F19FEC2BE808F86CBE43C4
                                                                                                                                                                                              SHA-256:19A1F65314D130633F132DFCC0632767870946EDEC1EC3094D77C7EBF1DEDEA2
                                                                                                                                                                                              SHA-512:33FEF4B179D1BBB6E6559FE4948F1A522E6D8CB08D6B291893A2E3132047E1F0CB0CC5C5849E571B836033B65D7D5032304B9237EBCB13BF88E14949610C578D
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\ToolBarStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2784
                                                                                                                                                                                              Entropy (8bit):2.626590861262889
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:wsYRSmvdlJHOrximKq8tmqyrA4h0FrQgU5f:GtlJuI7XtzwX5f
                                                                                                                                                                                              MD5:2E993C2909569803612A76520D4E5E1A
                                                                                                                                                                                              SHA1:E0BE0113773F855B9EC14D2556D9F3FB98AD611E
                                                                                                                                                                                              SHA-256:4EEB525F050A3D542E8968976C4D779B20C453FDE07409AF9E336D1B2C8B4832
                                                                                                                                                                                              SHA-512:A85BC3EE79B021FE7A07F5A4F5B49432448DD89C89231A8C013E52E49A359D492CBF1C2FC63501367D8087C6FE40FCD503559D50E6284DA902ED6A4FF6F5D5CA
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...................................................................oI.-...?1`..0.B.................#............................................................... .......@.......@.......@.......@.......@.......@.......@...................@.....................................................................@...%...........8.......8...............6.P.................6.....:.....h.L...H...:.....h.L...H.........@...............8.......8...............<...................<...........X...x...........0...X.......................`...................8...`............... ...X.......................................................................Q.t.Q.u.i.c.k...........................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s.................................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s...P.r.i.v.a.t.e.................................S.t.y.l.e...............................p.a.d.d.i.n.g...........................l.e.f.t.................................r.i.g.h.t...............................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\ToolButtonStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2679
                                                                                                                                                                                              Entropy (8bit):4.817998343273068
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nCsPeT6L/jx:KogUldGcQWOPeEjx
                                                                                                                                                                                              MD5:BCFCBFBD6E6B859D0022AC47C639A698
                                                                                                                                                                                              SHA1:2516F4A662B412923F9C2EAD0B5865E5E0D3CA35
                                                                                                                                                                                              SHA-256:EAB8AA6660AFC600BB4638790DEE761289226F376DEC5048FF1322CAE9962EA8
                                                                                                                                                                                              SHA-512:7EA78319472B7ED0D5BD2C93A9C1B5B922F39FFD668D666BB7CEF3CFDF8742EE0B819C2D2C830079D939F01F5078D37E5C71CA6323C0ECE4BCF0CD099A1A0BF0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\ToolButtonStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4156
                                                                                                                                                                                              Entropy (8bit):2.8127110525476646
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:MtAT2ZZzRevfvSfIOVFsmJ/io9EiMKGR6YCKB9QnD:MA6vRIfvSfIO330KMCKB9gD
                                                                                                                                                                                              MD5:FDF627DA1717262C0D5B58580E18B2A7
                                                                                                                                                                                              SHA1:53727EB9CCED3C5C289122B6A7971F9A1AA971D7
                                                                                                                                                                                              SHA-256:ABF0305D9234E2C150F75B1BA0FF2EFCE586CF4AE1996D5C8D84049180E7C064
                                                                                                                                                                                              SHA-512:E8198F3719E4DBC8E565EA25E6C724BED5E5F95046AD78343819F54D91054A02C84260C33860ACB31400D21211EAA2808DF6FADC57A38050540DE973980E1507
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...............<........................................................x...d~JU.o.................#...,...h...........................................................................................................................................@...........(...p....... ............................................... ....... .......0.......@...............P...`.......p...........................)...*...(.......@...............8.......8...............2...................2.....:.L...:.......@...............8.......8...............3...................3.....:.....@...............8.......8...............4...................4.....:.L...:.pL...:........@...............8.......8...............5...................5.....:.....@...............8.......8...............6...................6.....:.....@...............8.......8...............7...................7.....:.....@...............8.......8...............8...................8.....:.....H... ...........8.......8...............:.......

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\TreeViewStyle.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2851
                                                                                                                                                                                              Entropy (8bit):4.83490362938184
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nM+AvKufXjLOH:KogUldGcQWtvrOH
                                                                                                                                                                                              MD5:6F7FAE0B08A85CC48443CD6C2A0AD367
                                                                                                                                                                                              SHA1:E668B85D9524862BB0C849239C4E9F20F9610D41
                                                                                                                                                                                              SHA-256:F25F4D88D7E91A642CF1F1484290398A6FBE56CA30E8D2641674FC2AF95BE28C
                                                                                                                                                                                              SHA-512:E975DF2161991FB789AAC30CE1B5C42B55FB7C0E039377793F3A09F1A668C531431A916CC9046254EAED0D234D93939FD4E808F2E92E337C24F9FF35F559A0C8
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\TreeViewStyle.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3740
                                                                                                                                                                                              Entropy (8bit):2.9289245979676926
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:m42MMZY3ZMnGjfoJHzVFbUHbqpW8lGFvW8lnuLC2q48lnK2VG1l0e:mllY3Z4aQJHz+55uLJ8lnKnlH
                                                                                                                                                                                              MD5:8FA30BB8BA6F81D312864C20D62D16CD
                                                                                                                                                                                              SHA1:BE20DB07B36DC3A209A62EF4DE8B2AEBC1EF9687
                                                                                                                                                                                              SHA-256:4F59547BF507D37C5513BF8EA09009210CAD58625465270C6FD88A4C3EFFBF75
                                                                                                                                                                                              SHA-512:B4C0B842E7D6B38541992CE4A90D0849AAA73B1745708ED128ADFE5F33BC2E1F144661F7962651FC12661421F74F678BE46BAC29DC681F83F7BBCBF2C4C057A0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)....................................................................X.o.b....n....................#...'...................................................l.......p.......x...............................................................@...........H...............................................................s...............s...............0...P...`..............|.......................P...............8.......8...............5...................5.......7.......8.....:.....:.L...:.p...............@...............8.......8...............9...................9.....:.....@...............8.......8...............:...................:.....:.....@...............8.......8...............;...................;.....:.....x...A...........8.......8...............=...................=.......>.......?.......@.......A.......B...2...C...=...D............. .......>....:.0!..0".....$.........:.0%..:...0&......................................P...p...........(...P...p...............H...h...........

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Desktop\qmldir

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):72
                                                                                                                                                                                              Entropy (8bit):4.323595876865264
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:SkR5JsRomvBAWQoAw:GAho5
                                                                                                                                                                                              MD5:5BB63258D01ACFC40E4594162F0A82C3
                                                                                                                                                                                              SHA1:565D8441B24D8780934A9DD477A10AF102DB1FF0
                                                                                                                                                                                              SHA-256:55453E2272C4E35AF64C697A91EE082872A33739E88F9BF18E8128C5AB3BC4CE
                                                                                                                                                                                              SHA-512:74B9A8C62FFCB21C29D48A3CDC0D7EFD2F5CFAC8CEB55C1B6CF0EFCC97730DC3DBA1642EA26E0245C41CC8FDDF10AE97BA12EA3B6388DEC734F8763BAD6A1211
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:singleton RowItemSingleton 1.0 RowItemSingleton.qml..designersupported..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Flat\qmldir

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):126
                                                                                                                                                                                              Entropy (8bit):4.704713117740268
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:3BV9NKBiA/A6UR7ElXMLovyWmopFRPlDMexR9bVvn:xVfQiAbUNkXD8oDVlMexVv
                                                                                                                                                                                              MD5:423C1712AA394DBE84F5179B52B1A261
                                                                                                                                                                                              SHA1:49C875E36D792C01364191C9D236A5A3D3A25186
                                                                                                                                                                                              SHA-256:A84A08BB95A702C80C249681B7C0E6F42173FEA619124961243F4804ED6CDA70
                                                                                                                                                                                              SHA-512:C7CE34D2B67E9B2B74848F28648B3781FE3158B9D27FF309179712B4A16E8028DFFE5818C5E21D082816557EE3E29CCA5E182D81B7B7B44C30C760977DD2A1D8
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:module QtQuick.Controls.Styles.Flat..plugin qtquickextrasflatplugin..classname QtQuickExtrasStylesPlugin..depends QtQml 2.14..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\Flat\qtquickextrasflatplugin.dll

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):829936
                                                                                                                                                                                              Entropy (8bit):6.686405917211323
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24576:R8gIwhCNoh+JJ9f9VhCNoh+5i9FrIJJpCNoh+7z:RY2UJ//UioGz
                                                                                                                                                                                              MD5:23558F14A566B5C924E830293C4B5C61
                                                                                                                                                                                              SHA1:4CECEE41DAC3AECE17B6EF56140D87DEAC595F8A
                                                                                                                                                                                              SHA-256:978D3CEE3ACF87250A64545D23724860D354CAF97985119E7FCB26DF350A0D4F
                                                                                                                                                                                              SHA-512:A5405E32336648C1DCEA70B505FA74E09CB4E00CEB4CB6C4DA3BE56328AA4C2F8645766CCDE8F269122A92FB71EEED04F209F04B2DE1268709FED1BFA98087EE
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........Tg..5.N.5.N.5.N.M.N.5.N\Z.O.5.N.^.O.5.N\Z.O.5.N\Z.O.5.N\Z.O.5.N.E.O.5.N.5.N.5.N.E.O.5.N.E.O.5.N.E.N.5.N.E.O.5.NRich.5.N........................PE..d... .._.........." .....<...T......HA.............................................../....`..........................................n.......n..........`.......................t...8]..T....................^..(....]..0............P...............................text....:.......<.................. ..`.rdata...<...P...>...@..............@..@.data................~..............@....pdata..............................@..@.qtmetad............................@..P.rsrc...`...........................@..@.reloc..t...........................@..B........................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Styles\qmldir

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1575
                                                                                                                                                                                              Entropy (8bit):4.8088919366233815
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:AM0yAwQYdlyGUG9yHg9olJ6DIqrOirQorA6aAUDTQdiCH9BtAH4oeDvXFWdlvZda:ey9y6PAJGIqqiEoU6LUDcEeHy6WXva1F
                                                                                                                                                                                              MD5:413DCF3E49E01CA487FA65136C6FB0A9
                                                                                                                                                                                              SHA1:51AA584ECABFC23F38B8C8E9C45ED820A7F404B7
                                                                                                                                                                                              SHA-256:7BB94BCC9FA7D849C10ED84F476AD7951A61D48FE8F78ED5201956419D38D05C
                                                                                                                                                                                              SHA-512:999E3ADB3F09CF70140B45DD4B8DB2C524974DEB5826D309419FC995A3912A7DF439FCEF121C28D5BA5FA36A1C0D10A3C9289B6B948C7FB8656BBF20E7992519
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:module QtQuick.Controls.Styles..ApplicationWindowStyle 1.3 Base/ApplicationWindowStyle.qml..ButtonStyle 1.0 Base/ButtonStyle.qml..BusyIndicatorStyle 1.1 Base/BusyIndicatorStyle.qml..CalendarStyle 1.1 Base/CalendarStyle.qml..CheckBoxStyle 1.0 Base/CheckBoxStyle.qml..ComboBoxStyle 1.0 Base/ComboBoxStyle.qml..MenuStyle 1.2 Base/MenuStyle.qml..MenuBarStyle 1.2 Base/MenuBarStyle.qml..ProgressBarStyle 1.0 Base/ProgressBarStyle.qml..RadioButtonStyle 1.0 Base/RadioButtonStyle.qml..ScrollViewStyle 1.0 Base/ScrollViewStyle.qml..SliderStyle 1.0 Base/SliderStyle.qml..SpinBoxStyle 1.1 Base/SpinBoxStyle.qml..SwitchStyle 1.1 Base/SwitchStyle.qml..TabViewStyle 1.0 Base/TabViewStyle.qml..TableViewStyle 1.0 Base/TableViewStyle.qml..TreeViewStyle 1.4 Base/TreeViewStyle.qml..TextAreaStyle 1.1 Base/TextAreaStyle.qml..TextFieldStyle 1.0 Base/TextFieldStyle.qml..ToolBarStyle 1.0 Base/ToolBarStyle.qml..StatusBarStyle 1.0 Base/StatusBarStyle.qml....CircularGaugeStyle 1.0 Base/CircularGaugeStyle.qml..CircularBu

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Switch.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5331
                                                                                                                                                                                              Entropy (8bit):4.7535262271796865
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:KogUldGcQWtqJOuPhnGpgFFbVlCidcJhh2Lzprr:KtcGCqJogJkidcfQprr
                                                                                                                                                                                              MD5:CA3D8928B9CEE6FA5F816B955E4BAD91
                                                                                                                                                                                              SHA1:1F260D64D2ABFF2523276C9640411EAD735AABEF
                                                                                                                                                                                              SHA-256:B13AB37C9E463A9CF8E54EC49227D0D9BFC1E2305AC633C52101B1EBC1F764EA
                                                                                                                                                                                              SHA-512:EBFFE62093E5C826A466C95475051E70E460849F99B6D4B8641A464432CD16FBB3DC6E9C3FAB9A95EC04D89056BFA1313BDBBF6860B80E6AC8F74E34CC4BB0A1
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Switch.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):7648
                                                                                                                                                                                              Entropy (8bit):2.994879476237304
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:YS5LglOqBc4eHuZJbQQe2FasN7PVddXMy93xrRMr62rNJ6uViPOB3hdi:Y2glNFeOUqRrghxJ65Pg2
                                                                                                                                                                                              MD5:42D8B81469FA2FF2FB06ED45CD0AAEBA
                                                                                                                                                                                              SHA1:40E10A44B8B5264B7EC7E58CCC84A75C5CEBA706
                                                                                                                                                                                              SHA-256:0A25C167264EE2D66934CEB73B09BBE135C7CA56160750B5E2B721A7FE5A26A7
                                                                                                                                                                                              SHA-512:25D7EED986CD5A7CA099E919F70B33E32FEE910F87D30CBE2C04232503B67E7DF104192E302555327161415AC34F3743FEA21AE0CABBC9E57441E142FACC8ECF
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata).....................................................................?...7B..M._d..................#...H...................8.......8.......8...=...P.......D.......P.......X.......X.......X.......X.......X.......X.......X...............p...X.......X.......@...................X...........8...............X...h...x.......................S...`.......@.......@...c...............`...q...........@...S...............................c...............`...............S... .......0...C...p...........@...c...............`...q...C...p.......S.......C...C...S...`...c...........p.......................X...............8.......8...............r.P.................r.......s.......t.......u......L............................X...'...-.......8.......8.................P.....................................#..........:.L...:.....L...:.H...:...>..................@.......5.......8.......8.................P...........................:....:....................X...$...........8.......8...............l.P.....

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Tab.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3001
                                                                                                                                                                                              Entropy (8bit):4.819287574242073
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9b1MU3w28oAjlCp8jSj:KogUldGcQWC5LOlCpwc
                                                                                                                                                                                              MD5:AD45F17A9C359302CB783D120C735607
                                                                                                                                                                                              SHA1:DEAC44C363B03E2FBAAFD698DB86C9D9CBD22F70
                                                                                                                                                                                              SHA-256:498A7572ACC1A285857798648F3FEEAAC77364555573AD7225FB2A949A0539F3
                                                                                                                                                                                              SHA-512:5F0B2C6CFE00567A1DC58BC4C51091223E3862FFD6B4AC513999E05046E6B063796769EF13B2916F71C7F80575D4B6DFB654FF439BF9230EAA14077CC17355C2
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\Tab.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2212
                                                                                                                                                                                              Entropy (8bit):2.657155308312814
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:rP/RocNm/nkFmZYIv+pUFNpOlzfTvDooD:LCcNuk2g67OZfz7
                                                                                                                                                                                              MD5:E351D3C1E048FD1B3FBA387970E5ADD1
                                                                                                                                                                                              SHA1:36F42B16DB2BD49931BE097CC81CEA51E05C4333
                                                                                                                                                                                              SHA-256:34B8573539273F482E32CF2E15AD38C79EAC59842B8B91C61F0172F69DD1CF77
                                                                                                                                                                                              SHA-512:23C952E584D777C93B518E2C989B6E1C2FF2F24B935C0B0CAC2C96DADDCD14CA0FB0AF8745B5EFB89D9042BE03335DF772E1AD2BADFF2CC3654B7E03DBBD361D
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...................................................................O.w\'.......h_:................#............................................................... ....... ....... ....... ....... ....... ....... ....... ...............h... ...x...............3.......@...........@...............8.......8...............R.P.................R......L....0...............@...............8.......8...............D.P.................D...........@...............8.......8...............L.P.................L.....:.....................p...................(...P...................@...................P...............8...............................................................Q.t.Q.u.i.c.k...........................L.o.a.d.e.r.............................t.a.b...........................a.n.c.h.o.r.s...........................f.i.l.l.................................e.x.p.r.e.s.s.i.o.n. .f.o.r. .f.i.l.l...........................t.i.t.l.e..............................._._.i.n.s.e.r.t.e.d.....

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\TabView.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):10775
                                                                                                                                                                                              Entropy (8bit):4.555931669004076
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:KtcGo4BkD2rdt4uI+t2KD31+F74u3h1zcO04SV22TNQbNqcefu1IucX6:RGo4v4Xaz24u0faWducX6
                                                                                                                                                                                              MD5:21A3BD0847A872DEBB82D5EC259822A6
                                                                                                                                                                                              SHA1:71A53D4F9C9881B97E9E6131883C7928DCA44FB4
                                                                                                                                                                                              SHA-256:6D075D592A118CABD04880B806813D447DD8D38B61282A6305D2B6D8CCE2A1F1
                                                                                                                                                                                              SHA-512:3BA9EE580EC217A4397FDA16B77FDCB5842D4DF5D843A441EB0E71782BDA6DA4A3D468967048614C311AB41A3CD42D6211F31C0BBDE23B904482558343423F8C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\TabView.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16284
                                                                                                                                                                                              Entropy (8bit):3.1848641307639
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:djMuR7GnA8XGNK95R0rEmUmthYV8VS40Q7nLW0HwGLeLEjKX:tMuRsAT0+VhCGjS0QGKL1X
                                                                                                                                                                                              MD5:28B2CC31C1C618827D2B7E0D8F15BC48
                                                                                                                                                                                              SHA1:11C8741E75081682DE7F3AA9F3BB6B6428D7C913
                                                                                                                                                                                              SHA-256:6D26F466D59E5BF33C833432CB9A9397C99D8C4D55F0E15FCC466C0ED7C532C0
                                                                                                                                                                                              SHA-512:CAC87DE938CE347B9CB360BA1F11AA9AF057D814EC5290167313D4556CA341C2B0B03293EB05581A8B785B7EE761C26AF72F05DBF6D53238426DF94777344EE8
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)................?.......................................................V...F..#...................#...........*...........................................T.......`........................................................................2..........0.......p....... ...........0...........x.......p...........H........... ...h...........P...........H.......8.......8...H...........P.......(...........(...p................................... ...........S.......0.......1.......@...a.......q...c...s...........P...S...............s.......................................................P...............S........... ...s...................................................P.......1.......S...@... ...S....... ...s... ...S...@...S...`...............S................... ....... ...P...........`...#.......s........... ...................p...s...................................p...s...................@... .......`...................a.......q...................@...................s...............

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\TableView.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):11555
                                                                                                                                                                                              Entropy (8bit):4.508062969601809
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:KtcGatGcaCIsEeVsAKajWjzfjHNhYjhjEHWgjJAStuKznjnHXbjtxtJt:RGG2CIDe66iHgNGFAg9/Jn
                                                                                                                                                                                              MD5:A03F6048F017119A2EBDD73699108DDE
                                                                                                                                                                                              SHA1:801B5E265790085FDEE815A796BDE28230D59915
                                                                                                                                                                                              SHA-256:10B4650B6196482B2217C5593A1B702E1E85E67B58769D685314C7086E866CCD
                                                                                                                                                                                              SHA-512:6468E846450D98779D857E8D7413E0D2B5A42CF68ACDC9E63336EBA3FF609754EA252CBA8F3A77F8971783FE2383BBB47EB22BA9A6D20399466E2AA392C8B95D
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\TableView.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):19824
                                                                                                                                                                                              Entropy (8bit):3.363986884444094
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:CV8Gmwoetd3NuO/WpQvti6HhsXgntJYMHzlGNFVfY/CFenJVSVKXNP1HjBmhxuh7:CV8Gmwr3NKpQvtpHZ3YMHoIoSTB556i
                                                                                                                                                                                              MD5:B31656A1428AFBC85E7A371CDE29E6AE
                                                                                                                                                                                              SHA1:B4CAB4585505B29FFA85B910447585A8C7AA3D0F
                                                                                                                                                                                              SHA-256:7EB42586498942E1CB09A4C9735A461285E4A3355E030FF6F46A54F45B331047
                                                                                                                                                                                              SHA-512:211799282120A53F5ACF437FBA855361E92C70E72DA0E39327F28D9EBECB3FEFA01D0366433620784D34FDDD01C9A733E2D0CA5E6C750E6B43D844FB6D2563DA
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...............pM..................................................;..z[..o....I.3.................#...........%...............................1............................................................................................C..........h.......P...........0...x...........P...........................................(...........`........... ...........@.......`...0...X...........................................(...8...H...X...h...x.......................s...................`...p.......#...#.......s...0.......P...........`...s...`...s...p.......................0.......................................................................#................................................................................................................... ................... .......0.......@...S...........0...............`........... ................... .......0...........0...s...........s.......s.......S.......................`...............#...................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\TableViewColumn.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):6804
                                                                                                                                                                                              Entropy (8bit):4.758090724415883
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:KogUldGcQW6Gze7Kur0wamqRNjjpLAPzH7Xe8LQL1:KtcGoS7n0wfqjpsPzVLQR
                                                                                                                                                                                              MD5:114CE7CFC7900F90D9D333963F1FA5CA
                                                                                                                                                                                              SHA1:F71D8F3A7FCFF316B43A381A300A9704ED96F81B
                                                                                                                                                                                              SHA-256:AD07F5FB3B72791C0AECA0FE44707CAEC017FDF036B54DFD661D862CA285338B
                                                                                                                                                                                              SHA-512:0889FF45093FCCFA32ADCB4D8C67D9FCE7DBCD4FCDF7B8B63EF934AB5A896B1DA51C2F24069245802AF4C8974450F37AA1C180FF7B2184389D0AA7D16AAD5689
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\TableViewColumn.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3940
                                                                                                                                                                                              Entropy (8bit):3.2291025294249343
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:2Ab0242pmtVJnfUweyKaHSXBCqZKahJAaAuRaxNd6Iaa6fgw1/Kc:vYl3O3ayxCSnV/Rard69/f
                                                                                                                                                                                              MD5:045FB67572F5A375C1B326B92AF256DC
                                                                                                                                                                                              SHA1:A4A2624A33D20882B3757D957E99AFDB8D0D0C7F
                                                                                                                                                                                              SHA-256:6D6A841F0867F30FD2771E6A5DEF7F89C09A6DE7302761D59FEB86B6F521804F
                                                                                                                                                                                              SHA-512:6B0A3970A3F9C17A3707B09EA6C029ED5AC34B7F59C83CD7D23997ADFC16F5A6785B811FC744950B680BF47DB8C3AD51CBE0B316B3E8D074E7BE9DA9F3743FDD
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...............d...................................................pCf.Pd..vt.W..8................#...).......................................&.......................................................................................................`...........C...C...`...C...p...............................C...........S...C...........C...................................S...C... ...S...0...@...P...s...`..........................@@... ...........8.......8...............T.P.................T.....L...:.....h.L...:.:.H.........@...............8.......8...............m.P.................m.....:.....@...............8.......8...............y.P.................y.....:.....@...............8.......8.................P.......................:.....................8.......8.................P.............................................+.......?.......C.......K.......^.......{.......}...................................................................................................N...D.....:.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\TextArea.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):36631
                                                                                                                                                                                              Entropy (8bit):4.4780442352754575
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:RGCsrfpOCQSMCPcc1BjenOjPrvGU5qkV3G6QIwtr6S:RGCCLF1Bj6Er+UR3G6QIwtr6S
                                                                                                                                                                                              MD5:B7C419EBBFCB12ECD1A01B7863F7C2BA
                                                                                                                                                                                              SHA1:B188CE06FAEA8BDC846DCF8B3E8CCDCD4940AFB3
                                                                                                                                                                                              SHA-256:FE67CE4601E82B4954EC6E3A7E6AE91367AAACA41565C09405236E065C9E50D6
                                                                                                                                                                                              SHA-512:27173C32C6359E75C5AA11E698F08FD6C51CC43891DFD54FB7CE34152B236ADB64EC03686421C2881030BF4232665947223BA2797BB2EE54FF5FADC1F599832B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\TextArea.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):36040
                                                                                                                                                                                              Entropy (8bit):3.374796255243882
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:xf7xnjIGFAx14l5ycApCuZIdlgzsUeoWgkHJJ9r/pNDF:l7RjIm5yDCuWdqzsUeomHJ/r/bDF
                                                                                                                                                                                              MD5:C35DC6D7BAF76B3493B6E79275415A59
                                                                                                                                                                                              SHA1:B2A6F29FD93573C34DE54A11269115A5B5308AA1
                                                                                                                                                                                              SHA-256:B6EB7EED20FB5FB25748F4B735806B26B5F84705D9FAD73FC4D42F0F8C998E13
                                                                                                                                                                                              SHA-512:F21AEF7581D7A59BE73D9D5B0CF957CFA1497CD6DA43F4AC2F633414F07A04AE94DADB4C740068774D08B445783C0B736F9EA46D6E79664113F3AA5CE3E73082
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)..................................................................E0F....|..O..................#........8..c............................................................................................................................x......H...........X...........h.......8...........`...........p.......@...........H...........8........... ...`...........P...........X...........X.......X...................@...0.......x.......@...( ...!..`!...!..."..X"..."...#..`#...#...$...$...$..x%..p&..x'...'...(..P(...(...(..()..p)...)...*..x*...*...+...+...+..8,...,..h-...-.........../...0...1..H1...1..(2..x2...2...3...4..`4...5...6.. 7.. 8..08..@8..P8..`8..p8...8...8...8...8...8...8...8......P...................#...#...@...1....................... .......0.......`.......p....................................................... .......0.......@.......P.......`...S...S... ...c...`...................@...#.......................c...c...3.......................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\TextField.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):23187
                                                                                                                                                                                              Entropy (8bit):4.601892640300788
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:KtcG4ZAH+wlOXXPbyICpFy440d/nAS3JLzQ5zfKN3h1gdF0qEhPNq+tppmGjheDG:RGffwkIsV3huEhPNTtTeOp
                                                                                                                                                                                              MD5:438230E5EB067351815803354B75CECD
                                                                                                                                                                                              SHA1:C1D8DA8AFA9D7BF54347A614C3E10F7B119013CC
                                                                                                                                                                                              SHA-256:0A5EEC9E6BDE5A318D695351EAEA1187929D08BD9616672290CEFB42B784B27C
                                                                                                                                                                                              SHA-512:E271F00985D6EF691F4D5C24767DD27623C311D375FCFF20CE5F265BC4937CDF7430929C6AFC7C04D6B01694BD149622C39A2BE7A2302301FDEB5EAA4BF40580
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\TextField.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):17192
                                                                                                                                                                                              Entropy (8bit):3.1463596315426714
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:+dx6PxQTiRxoxjHIvw5hG1SQSrVs4RRzRdfZXu+iKfWAH2xdesg:+dpCB1is43fZCyvHEesg
                                                                                                                                                                                              MD5:C9BB561D821BA37306ED6324FFD43446
                                                                                                                                                                                              SHA1:820C5BD9950CE2935D4850442DD6E1CD014AB2A9
                                                                                                                                                                                              SHA-256:1E56FF3A4417097C8322B86810BE7B8217C510C9CAA35A6C1ED0F310262D25A8
                                                                                                                                                                                              SHA-512:7579E6702558128641CBEE23984E03824FE33C752A155EC7B92DC0B06A5BFAAAF6EB6D87C5BD4261859899C042A04E0BE53D285BFE5EF17AE1260717089E82BD
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...............(C.........................................................4.....................#...........2............................................................................................................................8......0...........0...........X...........h.......H...........P...........X...........0...x...........p...........`...........h...........`...........X...........H...........@...........0...............h...x...s.......s...........s.......s.......s.......s.......s...@...s...`...s...p...s.......s.......s.......s.......s.......s...............`...s... .......C...P.......C...`...#.......#...p.......s...P...s...`...s.......s.......s.......s...`.......................3...................................s........................... ...0...........0...........P...S...........`...........p...........P.......P.......................3...........................S.......S...................................................0.......S...s...............@.......

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\ToolBar.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):7444
                                                                                                                                                                                              Entropy (8bit):4.556868420703673
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:KogUldGcQW9Cs7WWD9z0vqArXxKA/k+PSAdl+f27qUhr6+LnQv1huMmunh+NNMXv:KtcGR+55YCKc8HQ5v3T+NNq
                                                                                                                                                                                              MD5:C07E4147051E16985F5131A5430A8930
                                                                                                                                                                                              SHA1:67D261B5394136DDF95649B8186AF3C7106A1118
                                                                                                                                                                                              SHA-256:A6FDBF00896B66B912C84BD84394637DC418C7B25533FDEE13CDF2C0C530809E
                                                                                                                                                                                              SHA-512:675B1D5B681E2EFAF45F30BE1C8335CD419C8770B26E701C9E275075968BF811CD8131FF405A474905A67E4B1EC2C5E35C831D6FA8ABD178FD2915FB3A39FDD8
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\ToolBar.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):11004
                                                                                                                                                                                              Entropy (8bit):3.1336157578863904
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:HwWZ1ZQzRpkjxxW2R7dbJstc/tHfAQ7fzk71lEbBh7T+sYSLk8Namo2RCbc:XARpk7R7dH/wAP+sYSLoOic
                                                                                                                                                                                              MD5:78D5C89232DDC47C82D362AC0AA62258
                                                                                                                                                                                              SHA1:33C3500ADFEA77099931469795F40C3AADFBC728
                                                                                                                                                                                              SHA-256:7685E541B425EB8FFA3766E9B61C379508256FE483C27BBBB2C8AB92B1F7F818
                                                                                                                                                                                              SHA-512:48C4F0CB55D35CC128AE1F854E53CEEF14B71F0FB27BC1C4445253F41FD5C6B5C0424F67FAD0EFACE1104963709D7C11BB0B9459F5A976A6C6F871FC5FB953B4
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)................*......................................................a..g.......................#...\...P...............l.......l.......l...}...p.......d.......p.......x.......x.......x.......x.......x.......x.......x................!..x.......@...........`...........`...........8........... ...p...........p...................X...........X...........@...............................p...................................p............................... ...............P...S.......3.......s....................... ...........0...@...s...P.......P.......p...........S.......S...p...P...s...s...`...p...s...s...`.......s...s...`.......s...s...`...P...........@...................................@...P.......@...........@...p........... ...............@...P.......@...p.......@...........s.......s...3.......3.......s...............................1.......S.......................@...............8.......8...............d.P.................d.....L...:.H.......H.../...........8.......8.......

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\ToolButton.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3229
                                                                                                                                                                                              Entropy (8bit):4.725674482574039
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:MLoO6E+iCshVKzlOWGf0hEVufy9nC+BD4pj4A9z0GWw:KogUldGcQWkDUP9z0s
                                                                                                                                                                                              MD5:2DAA729A7973A06896E1ED0033FEA2E7
                                                                                                                                                                                              SHA1:3ECD84596262AB298F07F75E0BC7A3CAAB5F44B1
                                                                                                                                                                                              SHA-256:3D0FBEE00479A1D6FEBC3F47223F8902D371A59AF84F298C3FCD0D1326E2AE99
                                                                                                                                                                                              SHA-512:45F5CC021A2CAF1E1751DFD2CDA447BB63960D97CC083F423B204F481B6D60B47F543C61DD5527741CECD868EB5B2F5563CCA7D09E0B19E16823FA96376845A0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\ToolButton.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1196
                                                                                                                                                                                              Entropy (8bit):2.6504306526154524
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12:0S6J8W1vCi7UNTcz3/jt/2I8Po8z5ZvDXmbwYM2/vVvEENubepl:0S6uWlCioNM3JLjCd3YM2/9MLber
                                                                                                                                                                                              MD5:8E1528EF8E059500B7DB07BC8A8D115E
                                                                                                                                                                                              SHA1:9E5F1A7BAE1FEFF94AE0CF21281F9725A7CFA188
                                                                                                                                                                                              SHA-256:BDCD927D9E8E2B27E23D7E01A425A0F1BDC1619A85E3C8EA7A8A536B1A1ADC8F
                                                                                                                                                                                              SHA-512:19302472C651431D56E405202977503FE3AA998FBEF5DDE7B8ABD81F445601B5D124B250174ABA43175EE0A031CC069EBD32D0D9EEB23E44B0630A8C7AF84632
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)..................................................................."..E|.,...=....O................#.......p...............................................................................................................................................`...S.......@...............8.......8...............V.P.................V.........:.....................................(...x...............8...h...................................................................Q.t.Q.u.i.c.k...........................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s.................................Q.t.Q.u.i.c.k...C.o.n.t.r.o.l.s...P.r.i.v.a.t.e.................................B.u.t.t.o.n.............................b.u.t.t.o.n.............................s.t.y.l.e...............................e.x.p.r.e.s.s.i.o.n. .f.o.r. .s.t.y.l.e.................................S.e.t.t.i.n.g.s.................................s.t.y.l.e.C.o.m.p.o.n.e.n.t.............................T.o.o.l.B.u.t.t.o.n.S.t.y.l.e...q.m.l...........

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\TreeView.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):17067
                                                                                                                                                                                              Entropy (8bit):4.403605360211459
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:KtcGf54RK/P5LgNQL+n5GCVEHuCtJjrjPrVG0dQcAjNs0ThLvoajevjOwjCUJ842:RGzL+5hFeJH7rU4ahTF8qwAuCv
                                                                                                                                                                                              MD5:E1FD1395D1F8E2FFA28F696FE0411622
                                                                                                                                                                                              SHA1:FF7C276F0231781D0FA62859800DC95CFFB80AC5
                                                                                                                                                                                              SHA-256:07BEEE0ADBA375BD9E9648AC6DFBE18A8FE3CE9DEA1BC56F3EFD2E017F2F7B9B
                                                                                                                                                                                              SHA-512:75403629C1DE9C9E3E40B678DBBEA5FB2F4CE88AB022E5568BD33D4E173793BE81380ADAE21EF5442177A86D5DB10EB743064567C87AFFBD5DC4DF394F2DC802
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Controls module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\TreeView.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):25496
                                                                                                                                                                                              Entropy (8bit):3.4679868937552616
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:J8Mny7rLqsOBRPshRD/WsSbLOEhO+idO1SunGbFjLEIqHyA0AxdSON9KafcMiWeq:JnnLRBRyD+biEhpEunGayacMf6oNNF7Z
                                                                                                                                                                                              MD5:38E3FC30388E7583D73BBCFC99E64799
                                                                                                                                                                                              SHA1:013CB817E7CBDAD46DA324AAC5F248ED27D9417E
                                                                                                                                                                                              SHA-256:552887A71B9EE8DC3917569757270EAF484A433ABF43443F45935ABA871DD765
                                                                                                                                                                                              SHA-512:9C8EC702CED65216372CC406591B77C33F5961D2543F6562185BE87017633EC2C86BACF167796C39E352C7EC0B106D0244B9A96E6650C73A267AC373CF690B7B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)................c....................................................-...k..R...i#f................#.......0,..............................................................................................................................`Z......8.......p...............H...........0...........0...x...........P...........(...p...........0.......x.......0...............@........ ...!..."...#...%..P%...%...&..X'...(...(..H*...*...*...*...+...+.. +..0+..@+..P+..`+..p+...+...+...+...+...+...+...+...+...,...,.. ,......0...........................#...0.......p...............#...0.......................#...0...........s...........p.......................................s...................s.......3...3...3...s.......P...s.......`...s.......s...............................................#............... ...........3...@...........`...P.......3...p.......3...........................................3...p.......3...........................P...............P.......................P...........

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\plugins.qmltypes

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):157929
                                                                                                                                                                                              Entropy (8bit):4.394855792362328
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:N5pg8X/dXiHasVeW+vrfAUmdR5xK5xO7MF4tXtXMzxo+3aM0XoXyQRcMGMQXv:N5pT/dXQ+TfAR43Pe
                                                                                                                                                                                              MD5:B4A2ABC03607274408F92857B7BAB3FF
                                                                                                                                                                                              SHA1:D271819DF46A7D17D37561132F56738DF8ED4A18
                                                                                                                                                                                              SHA-256:9980DDEB8EBAB08CE397D99A543DC9CDC1E4964026EF9C73D6BA02FE43AD2DE3
                                                                                                                                                                                              SHA-512:C897A979F60FE3A15BED54825DAE0EAA1CF9B831ADF3AF7B975BD0E4F27EAC8FD7E6E6F79FDC34D6FE996AD15B6FD4FF666CDE60DED0E878867BBF8794E4CC5E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:import QtQuick.tooling 1.2....// This file describes the plugin-supplied types contained in the library...// It is used for QML tooling purposes only...//..// This file was auto-generated by:..// 'qmlplugindump -nonrelocatable QtQuick.Controls 1.5'....Module {.. dependencies: [.. "QtGraphicalEffects 1.12",.. "QtQml 2.14",.. "QtQml.Models 2.2",.. "QtQuick 2.9",.. "QtQuick.Controls.Styles 1.4",.. "QtQuick.Extras 1.4",.. "QtQuick.Layouts 1.1",.. "QtQuick.Window 2.2".. ].. Component {.. name: "QAbstractItemModel".. prototype: "QObject".. exports: ["QtQuick.Controls.Private/AbstractItemModel 1.0"].. isCreatable: false.. exportMetaObjectRevisions: [0].. Enum {.. name: "LayoutChangeHint".. values: {.. "NoLayoutChangeHint": 0,.. "VerticalSortHint": 1,.. "HorizontalSortHint": 2.. }.. }.. Enum {..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\qmldir

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):212
                                                                                                                                                                                              Entropy (8bit):4.668721562194963
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:3BV9NKF7eURCNPdMcvyWmopCxKdz+RLV06qWoZAhoAcRSfL8SFzSnRSqRHyQR9bF:xVfy7eU9e8oIQ+keSAhowPJ3qRHy+Vv
                                                                                                                                                                                              MD5:A6CE84D84B95B99795330156F2B48C4F
                                                                                                                                                                                              SHA1:8530263B6C0E61B715673C77BB2F8E55C51B2AA0
                                                                                                                                                                                              SHA-256:DFBD5CB07BDDD1A2342B82A442CD4A4504D87D04DF79F3083BBA3A031888BE3E
                                                                                                                                                                                              SHA-512:0979B08FCB1EC0D7589C3A80F0B24EA77817476D6AFABB9E5F63B8A07BF2F3F3D902695514CB3696F11DB210E1CEB6172CA0B878D6BB366DDD8169B009E9A83B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:module QtQuick.Controls..plugin qtquickcontrolsplugin..classname QtQuickControls1Plugin..typeinfo plugins.qmltypes..designersupported..depends QtQuick.Window 2.2..depends QtQuick.Layouts 1.0..depends QtQml 2.14..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Controls\qtquickcontrolsplugin.dll

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):337904
                                                                                                                                                                                              Entropy (8bit):6.17445886758817
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6144:ERtHRtRs6BjOUGY4YBuFtZLy8ODPTVeVlPJa0S5aXTZjDGog:MxTRKUGjf6og
                                                                                                                                                                                              MD5:DCFFF1747BB8E7A2C6497DF0A4E5EE8E
                                                                                                                                                                                              SHA1:8BAD65CC7DCF4C4B9EC0473F22D251E8661D140E
                                                                                                                                                                                              SHA-256:2EC497AC8AC4814ED4CEE6BF7DAEB15A6DEF7857DCEC6BF290446B125ACD5AC1
                                                                                                                                                                                              SHA-512:10AC1D163900FB03D7B8B11D45113E5A326B653775B5275EA92C35359B17E7F8CAD6636BAAD77C1F660E7439B6262ED6147B6A167E6FB915E890DA9AF9317749
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$......../.O.N`..N`..N`..6...N`.E!a..N`..%a..N`.E!e..N`.E!d..N`.E!c..N`..>a..N`..Na.6L`..>e..N`..>`..N`..>...N`..>b..N`.Rich.N`.........PE..d......_.........." .........2...............................................P...........`.........................................0-.......-.......0..`.......d/...........@..........T...................`...(...0...0............................................text............................... ..`.rdata..^...........................@..@.data...x"..........................@....pdata..d/.......0..................@..@.qtmetado.... ......................@..P.rsrc...`....0......................@..@.reloc.......@......................@..B........................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\DefaultColorDialog.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16805
                                                                                                                                                                                              Entropy (8bit):4.024511905292934
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:iGjfVa31y7foQAOumdPjAa6rhLjm3ADpBUQwNLX:iGI2T1Nj
                                                                                                                                                                                              MD5:4B200AFD3340E84B92381852B9C4D053
                                                                                                                                                                                              SHA1:53B52803A2994A2FF56272CCA5AFE91896981B43
                                                                                                                                                                                              SHA-256:29B816728E1B4450E7B50DDA9287D61052BCC265D178BCD1672C27FB1431FED5
                                                                                                                                                                                              SHA-512:81824E7710908FCCD0CD74A08E328DAC56B5538FCA6E1011BA892B70D9AD945C8E879A2AB05DA2D0D0F494D9F9EBFA6B03F1F77D4AEA927984B2F5F6540328C6
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Dialogs module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in t

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\DefaultColorDialog.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):38880
                                                                                                                                                                                              Entropy (8bit):3.2464805827619645
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:v6a353NGODo8r6TgEAJQz0XxMQ2YOBEagi0sfiVixxKGAYonSc2UrLlfBYJE1rXD:CEwODo8r6TgNjUW55YJyEs
                                                                                                                                                                                              MD5:78393AC836E08BDF68F2767F6BFDE95D
                                                                                                                                                                                              SHA1:E04A2C3A6F88536A52CC6227D4823EB77A56CBC0
                                                                                                                                                                                              SHA-256:89BC4BC32A679C1CC91C1DF0C5E38353D593447AA71EF4B15290643114A652CF
                                                                                                                                                                                              SHA-512:795A7D17C00C2C640E67B1397973649565D6F0FD0D56CFC2A8EB0414E4975E4F33D1F46BF7DBC47A214E22F54C10070E53D3BB2070D8018151C6A3F3DAF14884
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)......................................................................,..t$Y.B{4...................#........(..N...........0.......0.......0...S...h.......................H.......H........................................................n..............@...........H....... ...h....... ...h...........P...........0...x...........X...............P...........0........... ...p... ...p.......@...........x.......H.......H...........................h.......h........ ..P ... ..(!...!...!..@"..."..."..0#...#...#..($...$...$..8%...%...%..@&...&...&..('...'...'...'...(...(..((..8(..H(..X(..h(..x(...(...(...(...(..................................................................................@...!.......................!.......3.......P...c...p.......@...3.......P.......c...p...........@...............0...........c....................................................................... ...3...C.......P.......`.......p.......P.......`...........................................3...............

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\DefaultDialogWrapper.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):8343
                                                                                                                                                                                              Entropy (8bit):4.489736761557964
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:KacGuEXsd6q84cbBNUaf0DuH/ivxMoEu12C1q0E:iGuEXs47zjeU/ivxM7u12C1q0E
                                                                                                                                                                                              MD5:6E9F9F1D9B0B3EC16B9DD0C8F21EA382
                                                                                                                                                                                              SHA1:C0F1CC4C1142F60E4DB4795984DC03B5E43F1C3D
                                                                                                                                                                                              SHA-256:09FDBDC3098BA77DD2261B8CD8FD83866D998EB9BFA9F685DA5C43FF78CE746D
                                                                                                                                                                                              SHA-512:0350E72EDE7826AE537D2944EC1E6A6D07AD1A691109D4D5ECA01170C8E39CC8D08CCC909769795189B4A4035A30967DC001E0D5E041F6611AD80E0AD3B3EA48
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Dialogs module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in t

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\DefaultDialogWrapper.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):15744
                                                                                                                                                                                              Entropy (8bit):3.242478824808993
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:4S9hxzIKchonZ/ZAsyzKvmR5W0D4RvVvTiqE2L:4S9PzItIRZAmGXDsvVLnE6
                                                                                                                                                                                              MD5:96B7B4F9B18007661B17D0FD1BCCEBDA
                                                                                                                                                                                              SHA1:DE6845A4BA235AE07327F0341619947273407FA2
                                                                                                                                                                                              SHA-256:36EC22614F1D81F9E28B879A791A23EF5A7386707026EF18461D0792A654E846
                                                                                                                                                                                              SHA-512:9C4F45CC63D81DAA18E2C6AA34895B4084ECD8EADAB4472E4847CE8718079170B8632C64F204F3003F70DD5A365C15F14DF7BC79EF59FBA13D0895ADB1C5CE57
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)................=....................................................?..5p.;l#..cH/................#...y...8...%................................................................... .......0.......0.......0.......0.......0................1..0.......X.......X...........@...................`.......(...........X...........`....... ...p.......(...x............... ...p...........`.......h...........................(...#........... ........... ...........@...1...c.......P...1...c...0...c...0...`.......3...p.......A...........c.......3...p...`...3...p...............0...................s...p...`...s...p........... ...Q.......................S...................#...3.......3.......C...............................S...............3.......s...................#...3...@...3...P...3...`...3...p...............................................................................`...............`...............`...............`...................................s.......s.......3...........0...s.......

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\DefaultFileDialog.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):21837
                                                                                                                                                                                              Entropy (8bit):3.89069196383034
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:iGCRB55UnGfnUeSO4tIXRAXsMOv6REflHEG:iGKKOPMITb
                                                                                                                                                                                              MD5:D8C075B1466A5DBC163AAF306C8B9C8F
                                                                                                                                                                                              SHA1:0BE13D591DAF52EF34D22C9375DBF484FAC2415F
                                                                                                                                                                                              SHA-256:7562DDFB2AC626A253FA3987FCED5DF7AD7E21CE61EAAF102F005CC586FE6BBD
                                                                                                                                                                                              SHA-512:37A2428C3E7A91CB2626A633447DB586A89D3E35722711B9CE3F2A60634AECE37C0409C965B0E77D31F94B5BE563BB72F94C2D684129BA8597E28908D52A9504
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Dialogs module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in t

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\DefaultFileDialog.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):49208
                                                                                                                                                                                              Entropy (8bit):3.193797144456919
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:SGf3i3bCu8H/qtbhkrb8/WRDSGFOxH7fshFzLUCwSXAwBDvVqboQfgwm:ffirCSbkcWRDSAO4FzlXZzaoEm
                                                                                                                                                                                              MD5:B523699410DCAA64B442E12380DC8030
                                                                                                                                                                                              SHA1:0B90DA7994FCA1B34BF53504BA10C2FA299C4528
                                                                                                                                                                                              SHA-256:017FB628674A5933EEC53CFA0399977B0818E93AFD07A446CE221B279B3F0E6E
                                                                                                                                                                                              SHA-512:F7A24F021FE43B866AC601136B58CADD9A2CC290A575985CDB2321AA3A67137AAC107AB083CBF0491F1E699AFA9D942DD3ACE7442A52177B8C357EAB347894CB
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...............8...........................................................e~3.hr.................#...T....A..{...................................D............................... ..................................................................H.......................p...................X...........`.......0...............X...........X...H...........@...........0...........8.......P...........p...........p.......0........... ... ..X!...!...!..H"..."...#..`#...#...$..x$...$...%..h%...%..p&...&...'..((...(...(..@)...*..h*...*...+..P+...,...,..(-..8.......8/.../...0..`0...0...1..p1...1...2..h2...2..03...3...4..X4...4...5..h5...5...6..P6...6...6...7..@8...8...8..H9...9...9..0:...:...:...;...;...;..8<...<...=...=..8>...>...@.. @..8@..H@..X@..h@..x@...@...@...@...@...@...@...@...@...A...A..(A..8A..HA..XA..hA..xA...A..............................Q................................... ........... ...1...............@...P.......a.......@...P...............@...P.......................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\DefaultFontDialog.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):18789
                                                                                                                                                                                              Entropy (8bit):3.9546487780736306
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:KacGtM5QUU83tyUWheQ3dlbb6zW9e86ewxu2Gy:iGtMQUR3tyUA3bbb6ic8G1
                                                                                                                                                                                              MD5:75F348472EE20DE837256420D3F05A8E
                                                                                                                                                                                              SHA1:4D492C74E8E5CFA2500121E9644872C459D19495
                                                                                                                                                                                              SHA-256:47E4E8472C71959A1CC12FB0857290E655AC901C68D209024A80012555F0C7D8
                                                                                                                                                                                              SHA-512:64B6E0CE233359E654E3E707B4B2E7125F3719649F17E107E66C5B56C216A63FBA10B3259D5741F05600B8F9DD9CCF9688B8A719D2D17F559551604458AE6516
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Dialogs module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in t

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\DefaultFontDialog.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):38616
                                                                                                                                                                                              Entropy (8bit):3.1481148369410814
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:EEYKPGZHZBEgL3SR4yCXiyH8KwXR0fjZpJ9TVeRgzkIus54w/97q:EzKP0LC+yCXiDR0fjZpJpVUIusf7q
                                                                                                                                                                                              MD5:1B245DD1652EF3C2F94E74F82F17A2CD
                                                                                                                                                                                              SHA1:66692A6CA21900A53E0761651872E6977AB6D5B1
                                                                                                                                                                                              SHA-256:B1BB10E14015D9722D144061336D4387BCAFC5E52E11555A5EBFD1583144AE6C
                                                                                                                                                                                              SHA-512:8EAD945EE8AC566AD056C0E42A8F5E12CADCC78B9021237972F60CBA33DFD1E7B936131A4EAE1AA49E52075DE8911842AD74307F4760111133C5D0722EC1FD35
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)..................................................................!.A.Q.'.`L.....................#.......X2..O...........4.......4.......4....................... .......p...............................................................`g..............P...............P...................`...........p.......h...........H........... ...x...(.......p.......X...(...........@...........`...........P...........@...........p ... ..h!..H#...#...$...%..p%...&..`&...&...'..X'...'..((...(...(..p)...)..@*...*...+...+...+..P,...,...-..P-...-...-..`..../.../..P0...0...0...0...0...1...1..(1..81..H1..X1..h1..x1...1...1...1...1...1...1...1...1...2...2..(2..82..H2..................#...0.......0...............................#...0.......P...............#...@...S...........................................................C.......c...............................................................S.......S.......S.......S... .......3...............p...C...............p.......p...#...........#...........

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\DefaultMessageDialog.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):12934
                                                                                                                                                                                              Entropy (8bit):4.097455940794716
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:iGReV5+MQbirxkSVx7oEk/Wb7Ri37lwbuUvr/c18/S7:iGWBeZ8/w
                                                                                                                                                                                              MD5:B0E29EE869FC72FDF86F89E0B0E9B621
                                                                                                                                                                                              SHA1:97A79B3E5C3343894B1107B72773E0435C2459B4
                                                                                                                                                                                              SHA-256:CAAA34C2AADF32D0EBBAACF17744C5797B79D4D377321F88139B3F13A14AB61C
                                                                                                                                                                                              SHA-512:849B344E4B9D17D324DC79CFD62387A08FD147F7B76898B7949928631DB61A16307D97B8671AB7975962693D5EC1413D3D524928177C58AAC2AD795C8AD09A2D
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Dialogs module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in t

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\DefaultMessageDialog.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):31056
                                                                                                                                                                                              Entropy (8bit):3.1085953932547663
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:LCtt/zrjwg2LT1qAnNMlbiptBqDbeD+Vn+W/P9niX6ecHx7X:0t/zfwgIZqbicDSDOPpNNBX
                                                                                                                                                                                              MD5:80A7400C2EC32AA1CA462A15B764C5D9
                                                                                                                                                                                              SHA1:EFA1A7B0DBB3CA7FDE3CD852F9BC633089FA8D2F
                                                                                                                                                                                              SHA-256:8AF5127A5024AE3BA0109F937F706DE25AD46944637BE59D6921D46021B9404E
                                                                                                                                                                                              SHA-512:E98D07CAB7AD2FE15662E4012F7ED897D9E03150CCABF7FFA052E4BCB118E7F461FCF8E41B9412DEA5F09AD767DD2B5A4E2DCB8403855C8AFECEB8D27889E969
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...............Py.....................................................l...0.i....................#.......0/..`...........x.......x.......x...e...........l.......p.......................................................................0Z..............`.......8........... ...........(...p...........x...........P...........8...............X...........P...........@...........@...........X.......(...........X.......(...........h.......8...........h.......8...........x.......H ... ...!..x!...!..H"..."...#...#...#..X$...$..0%...%...%..X&...&...'..X'...'...'..H(...(...(..8)...)...).. *..p*...*...+..x+...+..8,...,...-..X-...-...-...-...-...-.......... ...0...@...P...`...p..................................../.../.. /......@...P.......@...P...c.......@...0...p...........................................................c...........c.......0.......p...............3...Q............................................... .......0.......@.......P...S...`...S...p....................... ...........

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\Private\dialogsprivateplugin.dll

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):52720
                                                                                                                                                                                              Entropy (8bit):5.937095636932423
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:768:dBX2hbPgvssanNBA4lUxNSpZ/ZdDGmLUf2h/:wDKRanNBA4lUxNo/ZbUfW
                                                                                                                                                                                              MD5:DE05A20CDD9E1ED8C0FCCC8A0737FE1C
                                                                                                                                                                                              SHA1:56F0687B132BBDE9FD9AD1CE11F4F85E7385DD7D
                                                                                                                                                                                              SHA-256:ABCEAB15BEBE79BD6E53B2DCE71190BEF7C0EAA0BB9B575ED6EEF15EBA9B417A
                                                                                                                                                                                              SHA-512:30F70E65866A5B9572684D5548FEB907B1C376AA0DB30D1FFDAE24250BDED0DFFC7FCAA6827320F892225DDF230968651C925AC24864473FC3CC9E67D803B40F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......3^.w?..w?..w?..~G..q?..P..u?..cT..u?..P..f?..P..p?..P..u?...O..p?..w?...?...O..r?...O..v?...Ox.v?...O..v?..Richw?..................PE..d...L.._.........." .....J...f.......P....................................................`.................................................$...........`.......................<...xv..T....................x..(....v..0............`..0............................text...+H.......J.................. ..`.rdata...M...`...N...N..............@..@.data...............................@....pdata..............................@..@.qtmetad}...........................@..P.rsrc...`...........................@..@.reloc..<...........................@..B................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\Private\plugins.qmltypes

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):12562
                                                                                                                                                                                              Entropy (8bit):4.0547557110118335
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:I8VFmGH8iSSoesW6kDFLN7rgJO4jybtuYR1pbbQDU1N1l1r1nL1DaHfI85I3P8v+:5ciSSts8XTKQfX5nZ35pkx0v
                                                                                                                                                                                              MD5:01A98548921015519F9BF96AFC6CA3F2
                                                                                                                                                                                              SHA1:7010F0A761839F0396B184A407F064A24E034CEF
                                                                                                                                                                                              SHA-256:9F2748312B462C9BD61A1638B91D2F0E36AF088DA06C55DE385D216299325892
                                                                                                                                                                                              SHA-512:62C11064E927370B42D6758DBCDF42446C7116638941EE6FA7CB5CCCAAE1DC06C5266D3F135C8669E59F4D732C7C5373241D3FC7E37ADCDE0519EC05701113D5
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:import QtQuick.tooling 1.2....// This file describes the plugin-supplied types contained in the library...// It is used for QML tooling purposes only...//..// This file was auto-generated by:..// 'qmlplugindump -nonrelocatable QtQuick.Dialogs.Private 1.1'....Module {.. dependencies: ["QtQuick 2.0"].. Component {.. name: "QAbstractItemModel".. prototype: "QObject".. Enum {.. name: "LayoutChangeHint".. values: {.. "NoLayoutChangeHint": 0,.. "VerticalSortHint": 1,.. "HorizontalSortHint": 2.. }.. }.. Enum {.. name: "CheckIndexOption".. values: {.. "NoOption": 0,.. "IndexIsValid": 1,.. "DoNotUseParent": 2,.. "ParentIsInvalid": 4.. }.. }.. Signal {.. name: "dataChanged".. Parameter { name: "topLeft"; type: "QModelIndex" }.. Parameter { n

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\Private\qmldir

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):128
                                                                                                                                                                                              Entropy (8bit):4.541086444900037
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:3BVa60XzeBz3hVhvyWmopYPJoXhhy+RLV06qWov:xVa60DeR3hV58oOP2X6+key
                                                                                                                                                                                              MD5:D859E992832670DFFA54EBC48137C3E0
                                                                                                                                                                                              SHA1:9A36E7C010533552F9BBD537337B9EFE605D0B4B
                                                                                                                                                                                              SHA-256:328CE7281FF10EF0D90A753A716912656D3F97476624A584A8B50847127FA00D
                                                                                                                                                                                              SHA-512:7E92DFFB3E83DA37DE50CBF6C3E808EFFEFF1E49509EE68C7D2EF9B8094C025BBEA5CB1E023B0EEA8B406BE3617BFA3346CC022E6027D93207AF9D84E52FF849
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:module QtQuick.Dialogs.Private..plugin dialogsprivateplugin..classname QtQuick2DialogsPrivatePlugin..typeinfo plugins.qmltypes..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\WidgetColorDialog.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2046
                                                                                                                                                                                              Entropy (8bit):4.839194226499755
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:MLkMCT3QXf8WYwid0szM68qDRGNfFTNZbOWGf0HB+N7YiZTcfy9N9j:MLZO6E+iCshVKzlOWGf0hEVufy9nj
                                                                                                                                                                                              MD5:B6D6A211D4018E1871A28DA308C0A264
                                                                                                                                                                                              SHA1:8EE3F896DD57F62D9CBB01B6BFB5DDB59ADA2ADF
                                                                                                                                                                                              SHA-256:69A65B64D70B2328258AA1A35B52E1FC4D7A4FFBC2B458BC8CA48DD5BBB28C8F
                                                                                                                                                                                              SHA-512:A52F8ED39092E8B50923A68DFBD5B8CFD790EAE607575B0B10FE3DEE7E097FDBEBD92FA8D3923F6614FD7CE71DCDFA6F9EED5179DC5F4FF69E99B6A8CC3C20FA
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Dialogs module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in t

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\WidgetColorDialog.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):628
                                                                                                                                                                                              Entropy (8bit):2.1278914455157665
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:K1fcilXEEEEEEEla1UE61hmpKWxRKYGhBGt/a847zQlI+lXsls1S0cz+DD:0kGXEEEEEEEA1Ux1cjmCikDXEE1wU
                                                                                                                                                                                              MD5:F4367B013AFF4A1445017C4594F16BA6
                                                                                                                                                                                              SHA1:DCF49B1B1E8FBBFFA3E7AB76DF4994A7CB04E81E
                                                                                                                                                                                              SHA-256:D6511C27A4ACCE5DA65F62C1D79222AD03A86DA0BC9F5889149E09984237EE22
                                                                                                                                                                                              SHA-512:0204219C7DD1FD6CEFB5663BA901C22B482AD51D9AA67921A4DC9026ED4D8507DEB6937364DB47D596F1FF6C7157736621DC83DA9DCEC21B0D0F603327426216
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...............t...........................................................rf..Frz.................#.......................................................................................................................................................0...X...............................................................Q.t.Q.u.i.c.k...........................Q.t.Q.u.i.c.k...P.r.i.v.a.t.e.W.i.d.g.e.t.s.............................Q.t.C.o.l.o.r.D.i.a.l.o.g...................@.......................(.......................)...D.......................T...T...T.......T...T.......T.......T...+.......T.......T...........

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\WidgetFileDialog.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2045
                                                                                                                                                                                              Entropy (8bit):4.838543971830859
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:MLkMCT3QXf8WYwid0szM68qDRGNfFTNZbOWGf0HB+N7YiZTcfy9N9QWC:MLZO6E+iCshVKzlOWGf0hEVufy9nQf
                                                                                                                                                                                              MD5:9AE11A1E4DD9A3D282AD5BD773CFE0CD
                                                                                                                                                                                              SHA1:D08399E72B6CAD3634D15C9C3371F3B61112EA60
                                                                                                                                                                                              SHA-256:275DD745DE7DFBA2CFE20513C72F91DBBCF3A9E79A7C5C5826DDE116407F831C
                                                                                                                                                                                              SHA-512:4F20EE351C799972FA48DC0FF33B54AC56B51DE7232A14F50D8C3F20A698EC9C7822CDE95C4EC27A574028FEEE40308FB6FA7AA421485ADB0BFCA217E2ED51D9
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Dialogs module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in t

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\WidgetFileDialog.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):628
                                                                                                                                                                                              Entropy (8bit):2.120223384798184
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:K19yilXEEEEEEEla1UE61hmpKWxRKYGhBGt/a85MkrMLmlXsls1S0cz+DD:09yGXEEEEEEEA1Ux1cjmCl7BXEE1wU
                                                                                                                                                                                              MD5:E456F1CD59AE7EDEBD8507716C2A3186
                                                                                                                                                                                              SHA1:4C6429F5A69212B8B1059EF454D6897B5012F779
                                                                                                                                                                                              SHA-256:B48A48F583BF21B52969E078CBE822C125E3F7C5E7E5596A44785A63B9581A0A
                                                                                                                                                                                              SHA-512:A26BB54F5FED4120F5D869337617B11C50A16BE362078DA7A7BD6F7FB4043F95AA7582171758AEBEC9AC1D1B805E6A45B081F3855881BEF925C1E6FB54DCFBB0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...............t.....................................................d3.FK,4jM.C..................#.......................................................................................................................................................0...X...............................................................Q.t.Q.u.i.c.k...........................Q.t.Q.u.i.c.k...P.r.i.v.a.t.e.W.i.d.g.e.t.s.............................Q.t.F.i.l.e.D.i.a.l.o.g.....................@.......................(.......................)...D.......................T...T...T.......T...T.......T.......T...+.......T.......T...........

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\WidgetFontDialog.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2045
                                                                                                                                                                                              Entropy (8bit):4.839477066158387
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:MLkMCT3QXf8WYwid0szM68qDRGNfFTNZbOWGf0HB+N7YiZTcfy9N9u:MLZO6E+iCshVKzlOWGf0hEVufy9nu
                                                                                                                                                                                              MD5:A87880CA314C1F7E637390F555D93CDE
                                                                                                                                                                                              SHA1:691774B5B2179CC0B31D976EEC8EFF37166A2D23
                                                                                                                                                                                              SHA-256:DC36D5A4E713A5CEED8E877CB16D30272953E736C99FBF933075220281E3A2EE
                                                                                                                                                                                              SHA-512:DEE0DFBFBEB7D1F43E7FE5AA7C7EEED019FE96D9D885D2C89C19025878D6213B3C95953922130CF877B7B6BE5962A9867B6B659FDC4328F5B0ABBD4DCFEFB7E3
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Dialogs module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in t

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\WidgetFontDialog.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):628
                                                                                                                                                                                              Entropy (8bit):2.1187595200086866
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12:0ugxGXEEEEEEEA1Ux1cjmClRRDB4XEEhU:0ukGpyumMDB40+U
                                                                                                                                                                                              MD5:BA2F8DDDE04DDFAD88D25294FF0CA8AE
                                                                                                                                                                                              SHA1:45B3971F2260E54AC697814A492C284DD6F01D66
                                                                                                                                                                                              SHA-256:DA341346431475B510FCAC1268E59F508EE7A2A6696E61AD52551628C1D99942
                                                                                                                                                                                              SHA-512:45E73E7466F525BF550528BC58331D95D546B8EC4431B2CFEDBEC2587853C76C22A507ADDDB2D8E39D4698889A488474BC1454E8BC7F83F1BE8DB9A04A5D4A3F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...............t...................................................R"uR..<.!.!..^.................#.......................................................................................................................................................0...X...............................................................Q.t.Q.u.i.c.k...........................Q.t.Q.u.i.c.k...P.r.i.v.a.t.e.W.i.d.g.e.t.s.............................Q.t.F.o.n.t.D.i.a.l.o.g.....................@.......................(.......................)...D.......................T...T...T.......T...T.......T.......T...+.......T.......T...........

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\WidgetMessageDialog.qml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2048
                                                                                                                                                                                              Entropy (8bit):4.841495536435705
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:MLkMCT3QXf8WYwid0szM68qDRGNfFTNZbOWGf0HB+N7YiZTcfy9N9Q:MLZO6E+iCshVKzlOWGf0hEVufy9nQ
                                                                                                                                                                                              MD5:36FB0F29228ABACA2E0F0BF72EC62823
                                                                                                                                                                                              SHA1:FB1C98BA0DBC9D5B9B1D2CC3F947DDE5212CDA73
                                                                                                                                                                                              SHA-256:DC91A4E687696C4AA83E5A1D6E05BFDE8F3FAE8338691982E42F3282AF9A1E6E
                                                                                                                                                                                              SHA-512:747B56D7CE4281E25543C6D8705558FF0B3935CE9301FDD00998293B0761FB432143D4040BE97EF0BE15ED8F01045B176F9D08A72AD85B487E834F118122FE75
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:/****************************************************************************..**..** Copyright (C) 2016 The Qt Company Ltd...** Contact: https://www.qt.io/licensing/..**..** This file is part of the Qt Quick Dialogs module of the Qt Toolkit...**..** $QT_BEGIN_LICENSE:LGPL$..** Commercial License Usage..** Licensees holding valid commercial Qt licenses may use this file in..** accordance with the commercial license agreement provided with the..** Software or, alternatively, in accordance with the terms contained in..** a written agreement between you and The Qt Company. For licensing terms..** and conditions see https://www.qt.io/terms-conditions. For further..** information use the contact form at https://www.qt.io/contact-us...**..** GNU Lesser General Public License Usage..** Alternatively, this file may be used under the terms of the GNU Lesser..** General Public License version 3 as published by the Free Software..** Foundation and appearing in the file LICENSE.LGPL3 included in t

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\WidgetMessageDialog.qmlc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):628
                                                                                                                                                                                              Entropy (8bit):2.141656361019161
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12:05K1cGXEEEEEEEA1Ux1cjmC2OD3gkXEEhU:0QcGpyumtEz0+U
                                                                                                                                                                                              MD5:F640BA6DBE4152503A3BB40C49759036
                                                                                                                                                                                              SHA1:0A8058DCDAF59E742797B3CDB97C1CEE0B252ADA
                                                                                                                                                                                              SHA-256:3D6CC8CB4DEFF3467230D7047E21E23844DC0280CBFBFBCBBD7918603611E2E6
                                                                                                                                                                                              SHA-512:11C09416C2FFAEC056AD64AAEE2C510DA6BBA93F7B402EE6BC17736EBC8C31B9210ECC03480B4550776B054E76DBDFBEDACDF34B200C7C6B410CCC0E24F86C39
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:qv4cdata)...............t....................................................+.2Uv*.'.gZ_...................#.......................................................................................................................................................0...X...............................................................Q.t.Q.u.i.c.k...........................Q.t.Q.u.i.c.k...P.r.i.v.a.t.e.W.i.d.g.e.t.s.............................Q.t.M.e.s.s.a.g.e.D.i.a.l.o.g...............@.......................(.......................)...D.......................T...T...T.......T...T.......T.......T...+.......T.......T...........

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\dialogplugin.dll

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):141808
                                                                                                                                                                                              Entropy (8bit):5.91354020244006
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3072:trGr0Ii8KHiE7nZrxlX9uVKTXft+3wmrLnyIv:trO5KJbd9GKTXft+Ay5v
                                                                                                                                                                                              MD5:F6B0C744D24762818B0950D61FBE0C45
                                                                                                                                                                                              SHA1:9560528BB2D338C2788510E1110E6A46B39A2211
                                                                                                                                                                                              SHA-256:0C9EFDC3B001D629B3F140CF801755393F925DE13851A9727D1E157B8642E701
                                                                                                                                                                                              SHA-512:C8B8FAC049CDA98D5DC5E1BE421A410DCC802CD5A9DFE72ECCF2398AE166BDBE2D51E8520B267B5B0F99CDC8CE84B80D484001E34719E197EEAAA377D75F77A7
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......q.D;5.*h5.*h5.*h<..h1.*h..+i7.*h!.+i7.*h../i'.*h...i2.*h..)i7.*h..+i<.*h5.+hm.*h../i+.*h..*i4.*h...h4.*h..(i4.*hRich5.*h........................PE..d......_.........." ................,........................................`............`.........................................0...|............@..P.......0............P..T.......T.......................(...p...0............ ...............................text............................... ..`.rdata....... ......................@..@.data...............................@....pdata..0...........................@..@.qtmetadm....0......................@..P.rsrc...P....@......................@..@.reloc..T....P......................@..B........................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\images\checkers.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 12 x 12, 8-bit grayscale, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):80
                                                                                                                                                                                              Entropy (8bit):4.8250725838538475
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:yionv//thPl/lEyAg+KjExt0Klds4M/2g1p:6v/lhPkpg+sEr0Kw9Vp
                                                                                                                                                                                              MD5:0517A78A9D76782D9C5A0A256F696C42
                                                                                                                                                                                              SHA1:A5C8AA81BEBAFD4C2432922768F83B17B890ABBA
                                                                                                                                                                                              SHA-256:A9FAABAEE11FDCE6A16954F4B5ACFB8CCE82B956BDA8E36536E2FA2A5565833E
                                                                                                                                                                                              SHA-512:F2DAB5776571D2A0E9AEDE01664B6191805AE484FD3016034BE1E0076BA4525EBEB769DD1D23BDF48D138D38433DA138C1C9D66465BE91CF4F9DC3CD837E0F38
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR.............s..;....IDAT.[cx......b....Q...:.I...M....IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\images\checkmark.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):809
                                                                                                                                                                                              Entropy (8bit):7.639303591497463
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12:6v/7lCOYk1ciPxiqauOsLcf/BKdfTXuFUm3BbtbGaOal/5pRFwvckbtyYyuRer4m:zDDFW8JKdfTYnbGRaZdFwvcUdRryyKx
                                                                                                                                                                                              MD5:EFE373D58B121955066445DE9442469A
                                                                                                                                                                                              SHA1:114C6A870D9A9F821C067D6B217069FB1F57B100
                                                                                                                                                                                              SHA-256:C64F5652492178D3E77C358C8169200A819BE50AE557DC5A9D71C1F77AA2EC7B
                                                                                                                                                                                              SHA-512:C78A74A1603DF60E1F24DCD3A19044C0402CFB3C02B35DF0E53813193E0DDD672A7AD53FCC7591E1ED57A39DA80704F70E853B2A3201F8FDFE6FAC7457417761
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR...@...@......iq.....IDATx.._h.a..?.m1....Y+5.`h..7HJ.H))....R.(7.P..\XI[v%.b....(.N...p16.9.~?u...}...{....=..y...{..}^.....X...W.80....@w..9m.n...d.v..x.p1.....|5.Z.?.L.._........O......+.8).'.uV..8............k.!..!Pj.~*.#....V.~..?b).9....b......$D...s&.-......?..V........l.....|)pI....Y1@...7X._V.......Y1...>.!m....9V.g.}...Y..........[.....Ujrc......&K..E......R..`J!/..%..".^K...7...S..v.;.....{....g.k.....G.*..Z..;|./&8X.O3.w.. .?...%..,.=.c_...W.B......Y....AM^..8......m^..:'.u...W...g.k....h..zF6......'....;...$7;}.V...p.?ko...^`.O.X.`.a`~J...g....V.A.j.....eb.$\..<.7.$.....?......./...j.<..Q........g/.+O..LZ;.^.....R.....B...w....!.k........q...".'c..'......?.l&.*.^:..f.@.vyp..AP.....)F^..%..1....)......a.0.fr....&..'t:..........*G....IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\images\copy.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1338
                                                                                                                                                                                              Entropy (8bit):7.747124563344084
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:6lVM8MgSjOvbmMhbYy2bwlWsnPyP/dPgqk4ag90m2Tlk/Mo6C6sGZI5A1:6lyU+wD6wlWsatPgQvK1em1
                                                                                                                                                                                              MD5:EB9DEAA140599B0AE5B6F17885BC4FEC
                                                                                                                                                                                              SHA1:A48179DDCE06E34B40CCD002E8B57F6E6E43028B
                                                                                                                                                                                              SHA-256:2F1115B9C1D70650B8459714A7C410A2629D1992A25E4AF9ECAAFA9CFA1254D7
                                                                                                                                                                                              SHA-512:C90EEAD71CFC46EAB38DF0C380139E549EA64D6C320CFCBAC395AAC5DA905B35266742A751559176700FC54B73116085C93BF50891186E8D0C1CCAE6CACB8D4F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR... ... .....szz.....gAMA.....OX2....tEXtSoftware.Adobe ImageReadyq.e<....IDATX..]L[e..wo....I q.&.N..p.D.P....+.&J.'......l..9......@l.C. +..(.....J{..............*..<9o!...<.G.....F...LZ&a.j`...y.?]P...W.@0......2.'.X"s.yk.K.r..{......@......1).Ka%.D8.Bs.........y$..X....]....".K....M4uY....6..:..._..?V.EEU.*..........%...k.X........p.A....].......Z[[..U...T....195..9.&&PPP.!.o|.I....\...OA..C....j..PCf.....z.H....Dee5fg....f.t...@2-x..Q....p.F...S..~..E.'.a.A8..Pwu.LC#.5...q\.>,/.....z.c@}}.P2..F.f.............dn....:.~E"..+*0..@..mW.4.|S.5@f:......e....C.....cw...*w......e..y......Bgg'zzz8PIi.ni....o....g...%3.......@..(...cmm.........|...=@....A677.v.V.....U...G..;....%.$3O$.(+..........6Z..0...'.<=MI.J......=...0..|q.........P...zH....k....Wd...Sj..F..<..........f....d..(;d.H=.s...@ .eU..-..:c.}.i.v...]=.&...r..J*p.W.=..~.....g...@..D....qL..+++X__..'Y..t.PO...e..2.4...X..dNi)9.D.@....|[....O~u..q..q,.~.Nm.7....d,m72%..#..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\images\critical.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 32 x 32, 2-bit colormap, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):253
                                                                                                                                                                                              Entropy (8bit):6.644105823239495
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:6v/lhP6rmoY0Xhvz23P4vC4IrRHUHThSJ8mlQBOkDwsup:6v/7yrnYch723P4vC4CRIQJ8UbN
                                                                                                                                                                                              MD5:C0D25F09F63973E3E8D63929069E7BA4
                                                                                                                                                                                              SHA1:AF6EEA179B40FEDF1BF38C863F2F0B11C63F4A8D
                                                                                                                                                                                              SHA-256:11F9D1B451E5CB9A3C075387D56AED11AFDF5FF3ABC874B12221E695D5DF9C95
                                                                                                                                                                                              SHA-512:3A6A05DEA9B818C5CE79586D5CE07DE4013020411D18A4F1AD5CEDD00AF0A57057F68ED22FDF5C592CCEBE7AE9E3FCE418097BC9BF6459672930D22F3F312B4C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR... ... ........g....PLTEe-g...........w.....tRNS.@..f....IDAT..].1..P.D.&...#X.)<.O.......aOi..G.%Y...v.........P....P....U.-..(|..H.j..)..].(.eHv.b.F....*VmP#....FlbH...}..s.'cL.l.Q...O...N{..[.#.....q..m...|..k\....N....IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\images\crosshairs.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 17 x 17, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):876
                                                                                                                                                                                              Entropy (8bit):7.601096840987649
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12:6v/7yGiKZNdq4nks6YBPK3ZreNaXduKACDu0eHZdZodawndtKOXDg0sOQpKwgLe5:nGi2qw56sSpCKwHZbMGOMIwOeahW9N
                                                                                                                                                                                              MD5:27D78295C7BE72DFC4F9902DB999FE12
                                                                                                                                                                                              SHA1:E83D516E4ADC19963C35BC621C212ED23AFA320C
                                                                                                                                                                                              SHA-256:30B4A6C95A606AD8E9649F55DC9AA1020637ACF850D204E31904B7144BF4969A
                                                                                                                                                                                              SHA-512:0DCC78AAFA8F45A428A348DB5D0C19A9427CF966AB4F7D0F7B2A009B730C6B7E93844A6BDBF70D332AD6336E38154AE8F2FC4D0ADE2740BBD2E771A26E39B33C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR.............;mG.....bKGD..............pHYs.........._......tIME........6&.....IDAT8.TAh.H.........j.!..1.....,j..vK...$|.I...vw..n..r.A......"....Tl..d-.1.ZA!^C.....5.^.o...7.{...............ey.W._.p......!I&...=#5...]...R..;....Fc.1..aH.bq.....<.o.*~7.'.F.RJ..|.q6.]0M........B>..L).....M.R#K...t:.y.DU.eY...eY...E..&.t:F)}Ijd.+. .vJ.R,..NF.Q\.#.^__......t8....htR*.bA......;...j. .J....=...........e.....O.Rk.V...Y...1.~.<.a..i..,7......7....w.%..<..B..E.4M.4M;.E.s....$..e..K...'.~.._...Fob8..~.?.eY..u..r...x.....:.....G7.vww.v:.^.....qV..a8...,o.^.1..m.#.0UU.zE......Q.!t.8....j...m...ca.....W.U&.9..r...^lom.....b.RJ..H.)......^.."..A&.9.U|5c1....a...x1.H.u.n......B..m........x.h......W9.U..!..n.}A....zCQ...@Q..^.7.AXl..>Bh.f.gb...5Bh..l...I.4..@.4..O.fs.!......K.V.....y'.(J.....j...W. ......(.x....grBk..P%X....IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\images\information.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 32 x 32, 4-bit colormap, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):254
                                                                                                                                                                                              Entropy (8bit):6.547926800884188
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:6v/lhPLARehlh16BSVVCCVaWqsbfrXW2IK855/gt3tVp:6v/7gKhE0VVxaWjrXW225Yd7
                                                                                                                                                                                              MD5:E63DA36F919735C308F3A549AB9DE849
                                                                                                                                                                                              SHA1:D2E037B8FF7D52E8FEFD71334878FA68A083BA18
                                                                                                                                                                                              SHA-256:84878E61F7605016611FBB49C07F1963C4823B41208162072FBCDA30963301B7
                                                                                                                                                                                              SHA-512:6EF916C15958E7CDEDA1C6FEDB314585B2C1608936763E6E85877D3E25B9F0D76BB9340BD06F6AD251A363653415EB2CD41611EB1D203D13B190492BF45E6C63
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR... ... ......Tg.....PLTEet-....................tRNS.@..f....IDAT(..... .DA^.(L`u.T..H...bl0E..}.x:;.9...8...Z...W. T..J..?.Y...r=.a.2;hI.xK.a.S.TpY...(._.}.....hEK .`...I...C..k.t.w..JI.J.U...e....UQ....S..y.q..; ....M..{.R....IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\images\question.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 32 x 32, 4-bit colormap, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):257
                                                                                                                                                                                              Entropy (8bit):6.415365056752292
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:6v/lhPLARehlhx/ATmN3CexVXDfiJasfw6yvwM8p:6v/7gKhxR3HzfiJ3ov3u
                                                                                                                                                                                              MD5:FC9C3BEA26774AC81478D5A102D2309C
                                                                                                                                                                                              SHA1:475360264E44712708F262EFC5BA0173FC5B2A58
                                                                                                                                                                                              SHA-256:98E8DD83FAC047B42FB3DE69F2733B87697CA8A33F54AE12E65D2D88867EF80A
                                                                                                                                                                                              SHA-512:8EDEE937294990F49F1CE82A5F6A6CFE33594935991A0500B895389C4F78B45AD5E9B30B10FE045294DD2B9FFBBBBF47252E8EB8C33D92F69135ECDF2AB2549B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR... ... ......Tg.....PLTEet-....................tRNS.@..f....IDAT(.....!.DgE.A..D.D.....k................xK.p..5H.(..'hK.9K.k...\\.4..p`.9A..<.gL0".8A9...M.~..._..7.k...6b....I`(K......!&I-.S..%#.C0...I....N.t.....B._..NK...d....IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\images\slider_handle.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 33 x 35, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1551
                                                                                                                                                                                              Entropy (8bit):7.792886790544157
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:ML/6UyaupoFkgoKOldzUIWx4HYAqmTq5Y0x7y/QDA9bJt+COW04/zPwNOh0dFakX:0/6UyBpoWtKOlnHHY7iKzy+CfMNOSQkX
                                                                                                                                                                                              MD5:2FEDE459808D27D66E72CC141C247775
                                                                                                                                                                                              SHA1:FE82356C019458249747C1FD9BA2635A8F697FCF
                                                                                                                                                                                              SHA-256:8FA5D483D83FE4A9320D524A5396C6C4DF80F48E553B0FDF344B36576236ACDF
                                                                                                                                                                                              SHA-512:EEDA47AB421CBC535BD30B374D6057BB8B5B2972B5A4564555E301DCD0400A34F99A988E828075BFF0D1198F22F7A47E5620B93B3053A8478E7A4D1DF08AA241
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR...!...#......,cd....pHYs.................IDATX..oH.e......e.a....rB,....b!.".Le.Dc...`$.......B...F.,D4.1X0(."..Q.65.?.z...}?..............;.y..>....%..o.).......Q...4..h-....8.$..c........xS...........vuu.v........KJJ.K.^]]._\\.........J......[.y,..`.......#G.UTT.....`..Dz....DB....w..t../4/*^..K..d. |...Uz...o....Z[[.j..<8..VTT........;;;.......x5... ...G..|...Z}e,.s.w......:.....h4~...w._...f.., 9A8O.G...}............QP..\...C...E. K'O.l... "..5.....`.%......<..lnn:.8&......0...r...gwoo.....Pf.V~."..........q..L.8...9....Q[[...g..`.8..Q7....../~*.aBj+5.A.*B.1...u..S.....D......vbj..lwMM.......X...9...)w".3T]]....bfffNB.|..H..'."r..............A....s).p8.utt..h7~.n..E...477.IP(F..5..2Y..!s ..n.Um."q...N)3.|.(....E ..V.tBM 7..3....]ZZ..)B,v.3AH...'7.f..LB......7y.M.@.(.......VfDTl5V|6N.-...t........C..d.|.."......A....1dN..(..sZ.@.......n.E........n..W..;..i.. .....6...D......i\...L.Hp.....N.....a..I..F.o@L.V.KLNNN-,,.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\images\sunken_frame.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 74 x 61, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):623
                                                                                                                                                                                              Entropy (8bit):7.202049687689328
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12:6v/7r5/6TFvNygZYD0yL0iRkl+V3tz1VNRJGhxNxNxNxNxNxNxNxNxNxNxadSQgu:e5/6rygZYDp0iRkl+9tz1VjJGhbbbbb2
                                                                                                                                                                                              MD5:CA1794DACDF01801CE397608EF365155
                                                                                                                                                                                              SHA1:C126DF19665BEB8F98FE19566611A39CD261A50C
                                                                                                                                                                                              SHA-256:B4E6F75A256A8153AC362824A8B7DAA29C77008D812C78DDFA48F916A26C9F60
                                                                                                                                                                                              SHA-512:9BEFA015DB39E33DF451F5FC0A2EFDE2B231398FC7AA1D9B5136A0736027B4D00DF352DEDA603F679B0296EB675937202035EF2850B50CE28D079966910CA55C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR...J...=.............pHYs................!IDATx...=N.@.....F..h".+..9.. 7.7..^tIC...X.?...(...J.+.P.c...q..f..m...!$Ir..t.d.4MC...,....p8<.u.j/..e3.`....?..*S;....v.^?F.,.!..O.o...b....7.`e6K..s..O.*...7.............P.%."........W....Q.....X...t.........p..|..>..8.6az..+...._......l.3..v....u.dv..'Vi..x.1E..PL.{&6.;.s..b.,#(A..dL...)@..(A..dL...)@..(A..dL...)@..(A..dL...)@..(A..dL...)@..(A..dL...)@..(A..dL...)@..(A..dL...)@..(A..dL...)@..(A..dL...)@..(A..dL...)@...@.a...=...%..[e'(...k.........8fW(.].Vw.....K.......p.p(.b..k..n..|..~{.I...i.:2...Qc.a.}...B.4.?o.}p.Yo.....IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\images\warning.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 32 x 32, 2-bit colormap, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):224
                                                                                                                                                                                              Entropy (8bit):6.463068668189326
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:6v/lhP6suFh2DkA1u9mqw3WTKwyLJ8a0a2vro1X2up:6v/7yhFh2DpuYqw3qKzLJnI81X2c
                                                                                                                                                                                              MD5:BC3BDEA5EF8793CF2437F69181BB01F5
                                                                                                                                                                                              SHA1:7F37DBA2901F59D2976862C824A9068D02BAAF5C
                                                                                                                                                                                              SHA-256:05408A124A293DF55CA5D3EB62F373C954075FC7EEF903C96F2559A9F3DBEED0
                                                                                                                                                                                              SHA-512:82177628BAEC04A2D7FA320F5AE8BADC1525ABE8AF171D8BEA8439D390A5A931B66C9AF43349D3C1748A39BF691BDDAD7F3F29768829D986A08B9B767C9F2148
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR... ... ........g....PLTEe-g...............tRNS.@..f....IDAT..U....0..P.2....%...K.QzD.'....S...iQ..O..e.........=..~.(.....-.0i.....(...(Z........ ....14u(a}.*..Q8.*..3W..<E......@"..N....IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\qml\QtQuick\Dialogs\images\window_border.png

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PNG image data, 29 x 29, 8-bit gray+alpha, non-interlaced
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):371
                                                                                                                                                                                              Entropy (8bit):7.300004361961238
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:6v/lhP2/2sN2+Dp4Fs/RHWkx2Q1evgQdWrqALFb2ktDPYPK7I5mGL/CYIYA8QvEl:6v/7HsQ+FasJF2Wey7LF3DWK7I5jGYIG
                                                                                                                                                                                              MD5:3C059400E675F24F62F21A735D6D86A8
                                                                                                                                                                                              SHA1:A1C8A945389171C2872BA7CCA7ED25BDBB245134
                                                                                                                                                                                              SHA-256:9B6B13CF306091BE1274C62D0DD54003935CDBE2AFDDFA23D71BE3360E44213A
                                                                                                                                                                                              SHA-512:3903DD82D4C03886E4EB4B3931FAE04B211D309CE9E8ED4D9A3D49C9B66AEC432C16834C387F4E84402E9297835FBE50B47BB3A182901BE9A214BD3331ADB82D
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.PNG........IHDR....................:IDAT8....N.0....J. ..D......k4zKj.`..0..dc.].m.d..-I.N.".x..}..b..b%K.\|3.i.\A...C.y..[..r)...O-.P..u....N.!....HcKu^..l.J..C....0fMt..........\.9%.b...y,."...=.`.[(.Kc|...x..F:.R..&...M+.....a.]....P\^..Z.....M......>..t..-49Vp.5.\..;.....Av.jp~.\.#.a.\z...^e........k..)...xsr....D...p"........./...Mb5p.....IEND.B`.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtconnectivity_es.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):46591
                                                                                                                                                                                              Entropy (8bit):4.564321972676103
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:INB/YqJ5tXJAKnPYapNiuwR63ECnsXCcWzuNBnYAITPQ1/yb5dRuR:c5yKHpNka1CZw5Lm
                                                                                                                                                                                              MD5:DE8187285115A9D13C92B265E32B953F
                                                                                                                                                                                              SHA1:F20D2BB597AC8EE9DCFDD74AE019F936971954EA
                                                                                                                                                                                              SHA-256:85059995827BF473EE93380918712A671461FAFCBC62A8406A17A3EDFC4BA915
                                                                                                                                                                                              SHA-512:5A5F9E878C0ED7E6399B578F70F4D42D0170A6662F1D247F17DB3F1539E227E3B0DCCBBBA0F0BF01C941401FE08DE023B9EFE67C73CA65F31DF720385C133B28
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......es_ESB...X..G....N...t..?....t..@............D.......T.., . .u..W..9....|..>....}..OQ...G..c....U.id....t.xO..."..z.....E.{................K...h.......o.........9...0.......7.......b....)..m..$J...-Y.&E......&E...9h.&E......(B....s.-x....L.5.".....7.4..$..9#~.....A.U..?I.L.......T.4..7..c.d...K.c.....y.ryd.....r}......}.9..nQ..+r......8...0q..{e..2...pS...........3.......T.!o....O.5a...Yk.7....E..D....+..MT...>..R....{..Z1....j.d*...Q..e.E..!b.s.u..s..wg...\\.}.4...h.......$.............Ve..|...5....u...k..q%..$]...d..Z......U.......*...&...NT...5..k.......M....5... .#q.... .7....G..8|E..mi.L.7..dJ.u.e.."/.voE...G.w.<../Q..k........t...D..e...j(../,..Xp......Q..]...1...Et..&...`l..!...#...q.......f....3..D ..#D...x......'...w).....%T......7.D..{..7.D..^P.K.......R.'..h*.T.......d.$.....l.P..t..v)....!..&...z...1D..L...a...Lp......P...b...b..W..Q......`9..J...Fu..E..T%......W9...W..BW...t..Z...........&$..Kv.&!......H=....;.V....N..XA...4..az......b.e..1=.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtconnectivity_hu.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):43428
                                                                                                                                                                                              Entropy (8bit):4.777297711194391
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:768:Hcip3heSwTBUo/dztIwmn4DtC/wcYUptQHM56VbOKtexCNBCgmDiD5fmIOh2H:Hcip4SwTBNywmn4hC/wc9755YtexQSCl
                                                                                                                                                                                              MD5:6F7441AAFBE9C672C55B6085C7DC2AE5
                                                                                                                                                                                              SHA1:7E95D623FB55865D93260210DE610F4A02CCFB38
                                                                                                                                                                                              SHA-256:5CDEFB869ED55751415A16D44528AB132E78FBF53F943BAD9BC84B27ACCA472A
                                                                                                                                                                                              SHA-512:833AB3CA13F2211305CE590DBDFA15063AD304E5492E276F27AD605DCC07E066D20FA2B7DF06D7C4A2936D03B416226244D86011D7270A1EEDA6FFD6C569985C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......hu_HUB...X..G........t..:`...t..:............D.......T..'.. .u..QJ.9....sd.>....t/.OQ...A..c......id....:.xO......z.....s.{.............!..K...`o......g.........9...,c......2.......Z....)..ef.$J...)..&E....k.&E...4..&E....`.(B......-x......5.".....7.4..!..9#~..)..A.U..9..L.......T.4..3c.c.d.....c.......ryd...q.r}......}.9..e...+r......8...,...{e...[..pS...6.................!o...uq.5a...R..7....?C.D....'..MT...8..R....rm.Z1......d*...J..e.E.....s.u..k7.wg...U>.}.4..........x......}.......O...|...1....u..~...q%..!?...d..S".....O.......&x..&...G....5..c.......G....5...*.#q......7....@..8|E..e..L.7..\..u.e...c.voE.....w.<..*...k........t...Z..e...a.../,..Q.......3..]...-E..Et.."...`l...=..#...i(......^....3..=...#D...V......$...w).....%T......7.D..r..7.D..W..K.......R.'.._..T.......d.$...T.l.P..k..v)....Y..&...p...1D..F{..a...F...........b......W..K......X...J...@?..E..M.......P....W..<M...t..S........%..&$..E .&!......H=......V....H..XA...0..az......b.e..,..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtconnectivity_ko.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):37040
                                                                                                                                                                                              Entropy (8bit):5.736197609490334
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:H4gj2Dby4aBn173HwD7h8KCBio+Oi85aD8ML06cU99ACVPV:HDjKaz0faKx2a8T6cUHA8
                                                                                                                                                                                              MD5:38554D1DCDAF84C4BECBBB38938AAACC
                                                                                                                                                                                              SHA1:D3E736C0FBADC2A6C20FEEC017671AB95284CECF
                                                                                                                                                                                              SHA-256:CAB886251C9AE4147986BB2C4EBB6DDF76BABC5B8D6569BC13812613421030D9
                                                                                                                                                                                              SHA-512:14712CBA1E7BA1CBD5A35D9A4CD88CC469F0F840C4DF8AB573DF642B76DA148B979708DF2764EF87FF193DCC869EF1E763202584F16B5DD2531E76E67F83090C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......koB...@..G........t.......t...............D..|1...T.. .. .u..?w.)I3..z-.9....Y..>....ZZ.OQ...3..c...k..id...i..xO......z.....V.{.....v......k...K...KD......P......o..9...#.......(B......F....)..O..$J...!..&E....M.&E...)..&E...p..(B......-x....U.5.".....7.4.....9#~..!..A.U..-..L....._.T.4..(..c.d.....c.......ryd.....r}....(.s....mb.}.9..Ov..+r..et..8...#...{e..%8..pS..................pp.!o...[\.5a...@..7....1..D.... H.MT...,..R....Y..Z1......d*...:..e.E.....s.u..Sv.wg...B..}.4..|.......]......aC......>L..|...'X...u..b@..q%.......d..A......=...........&...8w...5..M.......8(...5..e..........#q....=.4+....n.7....3&.7.#.....8|E..N..L.7..H_.u.e...,.voE..b..w.<.."...k...j....t..{...n~..v...e...LE../,..?......h,..]...$...Et......`l...H..#...Q.......J....3..0...#D..g...........w)..._.%T......7.D..X..7.D..D..K....h..R.'..J..T.....9.d.$.....i;...lM.l.P..S..v).......&...W...1D..7<..a...6......q&...b..x...W..:......E...J...2...E..<.......>....W../....t..A...OC..n.....

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtconnectivity_pl.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):31377
                                                                                                                                                                                              Entropy (8bit):4.774581815633691
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:768:k1Btop4jHZqPsftmNMB3/vNxN4RW6nB8PppCQGe8:CmmC4bBza
                                                                                                                                                                                              MD5:C0224AE2DCF33290AEC840EB04A774A7
                                                                                                                                                                                              SHA1:19AF6BF79DD782D00C100AD1AA2093E1AEC8B2C1
                                                                                                                                                                                              SHA-256:64FEFDAEE792AE38FC069F07E339A3C2200C0B1887F9B785527BF3E4D3A6DFA6
                                                                                                                                                                                              SHA-512:4B32710597A690C485AE959B9A51FA7FD6700954A1237760B0A2AB8EC475EEAEB1FE2B39CA960C48A8F4BBE72AA28912702A013963B979956B358029B1269C49
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......pl_PLB......G..............9....J..>....Jt.OQ...(..c...\,.id...Y..xO....#......[.......Az.......0......8....)..?..&E......&E... ..&E...aL.-x....-.}.9..@[..+r..T...8.......{e...#..............`..5a...2i.D.....s.Z1......s.u..D..wg...3......O.......0...|........u..P...q%.........0x..............-<...5..T.......r@.#q......7....'Z.7.#..p..8|E..?u.L.7..:m.u.e.....voE..Q...k...Z.../,..1......W...]....G..Et...E..`l......#...C ......<...#D..V...w).....%T......7.D..I..7.D..5..K....X..R.'..=..T.......d.$..q^.l.P..E&..&...HR..a...+......a....b..g...W..-...J...&.......1>...W..%...&$..+c.&!...^..H=..._*.XA......az...Q..b.e.....s$...C....2..%...v...G...A...M/..P...........Z6......O....%..Xf..1R..UK......b(......B.......A.......m..1....u.L.l..[(.hHY..K....<..]...-...!...(...h....$..0...9R..\...e...*..+....N..['...eZ.bz]...S.jud.......W..L.......)....D..........5...j"......i..@... w..(...4..b...E\..%z.....F.......b.. ....o..5.#..&..Dh...7..N....6|.POh..Sq.Y5...PJ.}.%..G..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtconnectivity_ru.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):49914
                                                                                                                                                                                              Entropy (8bit):5.289068485521892
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:768:zweGuTIadBAnxchylgw3/3eBya8z3o5GNISIE/riAy:dGuTBdGDWEmB8RIHV
                                                                                                                                                                                              MD5:FB3886461FCCBECC6F9165AE84986242
                                                                                                                                                                                              SHA1:9CC478C37EA256E367B684DE7F25EDCAC8358828
                                                                                                                                                                                              SHA-256:2A8DCCF95E0C81EF467DFD50856E3B38976CFBBA875BC64D98193B6C58DE0896
                                                                                                                                                                                              SHA-512:EB1D2CD9EC175B3F01363BD3AC38A9BCAEAC73F2DFEEBE02C46D26D79298A21D14E66221568E051F7CF418A41B0B1A39C4D6FDEADD6A2AE2A5E61D5D8C7F0510
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......ruB...@..G........t..Ag...t..B......../...D.......T..... .u..Y..)I3...I.9....|..>....}..OQ...I..c....Z.id......xO...%..z....!$.{................K...i|......p.........9...3"......9p......c....)..n..$J.../..&E......&E...;..&E....Z.(B......-x......5.".. ..7.4..'..9#~..0`.A.U..@..L.......T.4..:$.c.d.....c.......ryd...>.r}....4.s.....V.}.9..o$..+r......8...2...{e..5...pS.."........K.........!o...~..5a...[:.7....F..D.......MT...?..R....|..Z1......d*...S=.e.E..$i.s.u..tH.wg...]..}.4...........S......?......XN..|...8D...u......q%..'....d..[......W.......-Q..&...PQ...5..l.......O....5...O.........#q......4+......7....H..7.#...?.8|E..n<.L.7..e..u.e..%..voE.....w.<..1...k........t...o..n~......e...j.../,..Z?.........]...3...Et..(...`l..$...#...rC......g....3..E=..#D..........*v..w).....%T......7.D..{|.7.D.._..K.......R.'..i..T.......d.$.....i;......l.P..t..v).......&...z-..1D..N^..a...M...........b...[..W..S......a...J...H ..E..V,......Y....W..Ct...t..\...OC........

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtconnectivity_tr.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):45805
                                                                                                                                                                                              Entropy (8bit):4.867005270170585
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:768:+119hirg5RgcagU46EEKmV1gSt6ZjynXybDDIPOvKqBXIFDCalbEgpu41IAsUz1l:+r9hi05RgPnm35vKTbpu41IfUzxBf
                                                                                                                                                                                              MD5:7E426548AF63624789C22A4AC007B27D
                                                                                                                                                                                              SHA1:66F5F8BF812D27A58BA4C427C71B47337E75519F
                                                                                                                                                                                              SHA-256:0BB8CDCD2C0EF44871A983F138F9A46A25F0FCFF2750F81CBCFD243DBE8833AA
                                                                                                                                                                                              SHA-512:0598516D41500B47C1703C02ABB1FAF4348192D43A381F893E8FA22DDD076FD11C631953648D863D2FD97593AF02231BFE5106693F70897029FA94872B0080FC
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......tr_TRB...@..G....Q...t..:....t..;J...........D.......T..).. .u..PM.)I3...[.9....p..>....qj.OQ...A..c....(.id......xO...!..z.......{................K...^.......e_.....=..9...-.......3x......Y*...)..c_.$J...*..&E......&E...5q.&E....P.(B......-x....g.5."...O.7.4..#..9#~..+T.A.U..:P.L.......T.4..4..c.d...`.c.......ryd.....r}....X.s.......}.9..c...+r...H..8...-...{e../...pS...o.................!o...r..5a...Q..7....?l.D....)..MT...9U.R....o..Z1....).d*...J..e.E.. ..s.u..h..wg...T..}.4...o......u......z5......N...|...2L...u..{z..q%..#F...d..R......Np......({..&...G....5..a.......G2...5..~..........#q....S.4+....(.7....A..7.#.....8|E..c..L.7..Z..u.e..!p.voE..|H.w.<..,...k........t......n~......e..._.../,..P..........].......Et..$...`l.. l..#...f.......]6...3..>'..#D..........&$..w).....%T...._.7.D..oV.7.D..U..K.......R.'..^I.T.....a.d.$.....i;......l.P..i'.v).......&...n#..1D..F...a...E...........b...g..W..Jx.....W...J...@^..E..L.......O....W..<....t..R...OC...T.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtconnectivity_uk.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):42223
                                                                                                                                                                                              Entropy (8bit):5.034808358439184
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:X6MrgTlBI56DonWt9TXOOVeuzrpXVzbB6EtXR2AmoxpG66jq2PC4a+mOOeQcg+MV:KUgTOWNjeu3yAm4A7PUdfPsN1onmGTNt
                                                                                                                                                                                              MD5:3BB2B8E555D1FE0AA5824E5CB6667A17
                                                                                                                                                                                              SHA1:F48D726951655809158C81B2B6812B6241260C4D
                                                                                                                                                                                              SHA-256:8DF80026E7CD4B81C898ECA4834882BFB48558B6A55C2CB850061B8F1947CEF8
                                                                                                                                                                                              SHA-512:2057519225698FD166274D8A5505F3FC078A5F642D2A8A7EF823E31CF199AED4348C8653DE17C0103B40DD72E8AF0F48E257D747290CB12751E2851E6E1B6C59
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......uk_UAB...`..G........t..8....t..9!.......J...D.......T..&.. .u..NV.9....od.>....p..OQ...?..c......id....n.xO......z.......{.....E..........K...]S......dN........9...+U......0.......W....)..b".$J...(%.&E....[.&E...2..&E....p.(B....=.-x......5."...t.7.4..!..9#~..(..A.U..8..L.....P.T.4..1..c.d.....c.....).ryd...e.r}......}.9..b...+r..~A..8...*...{e..-...pS...d.................!o...qi.5a...O..7....=S.D....&g.MT...7..R....n..Z1....t.d*...H..e.E.....s.u..g..wg...RZ.}.4..........t......y,......L...|.../....u..z[..q%.. ....d..P......Lw......%...&...E....5..`}......E=...5..}..#q......7....>..8|E..a..L.7..Y~.u.e.....voE..{..w.<..)...k........t......e...^.../,..N..........]...,1..Et..!...`l...e..#...e.......[....3..<...#D..........#c..w)...*.%T......7.D..n).7.D..T..K.......R.'..\..T.......d.$...u.l.P..g..v).......&...l...1D..D#..a...C...........b...@..W..H......U...J...>?..E..J.......M....W..:....t..P...........&$..B..&!....T.H=......V....F..XA......az...{l.b.e..+..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtdeclarative_bg.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):70152
                                                                                                                                                                                              Entropy (8bit):5.090575148550578
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:1536:8LWrCowUHUZxfV6Ro5nH4B+pRdfeASHygM5v9r0Hsd7AAIIr6KLivz:81B2sd7FIBVvz
                                                                                                                                                                                              MD5:5723EEA8825E6F35814AFA377FDE5257
                                                                                                                                                                                              SHA1:AAD3A85BA029D9128F58F6535F8519074B84ABA9
                                                                                                                                                                                              SHA-256:FAC1AB26FE0DC23027A62B2A63144F831D1D91B83E3C6E1611130AE5D243062C
                                                                                                                                                                                              SHA-512:3BAFA14F5496E3344E0B100D206689FDBF1939EB39498522B21083587829FA56C932761372F4F78B9FCCA6DF1DF5818D2F4ECFE6028943B7757599D3F7857F74
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......bgB...........S..Ht......!n.....vS...!..zd..D..(2....I.S{......T.n...].[=......^.....I.^,......t.>...w..........Md...(......j...d....n..........g...LQ.........Xt......1......................|...E........H...B..Zq.7"...!..H!E..;..XJA...*._.s..h..j.R.....u&......|)^..W.......?F..I2...j...4...w..#....@...Y..G..............TU......]....}..i@...}..u...x..>..........<D..e......Y..!g).....&Xd...../Xt.....BW...}l.F.R.....Y.C.....rN...........Rz...$......l.......bb...........r...>.......n.......T..."......F...*^.....................:Q....x.Nj...ox._3....;._3....+.}......._..............-E...s..-E...v..-E......L........a....$.>..I..&.....d.,n....&.C.......K....M..O.....A.V#......n.......n.....C..x~...:..&....;...$......Q.......V......._...q...t7..v...(.........c...<...~n..................Q....#..X....)......P...b......$.......'Z...y..;_......L.....(.S....0/.U5...H..X....\..z.2..Q0..Ji...........{...U..?....D......:...q...........................e..@k..=......=

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtdeclarative_da.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):69319
                                                                                                                                                                                              Entropy (8bit):4.471427797872923
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:768:X4x+ORcpgZ9+3+uydCUWUNYQMf3kcY2jTKu118/tBMzmaNkRwK:XIdqpKXRNif3kSj2u118/3T
                                                                                                                                                                                              MD5:F584B53E444B922FA0D43E4CA4612022
                                                                                                                                                                                              SHA1:002B640A97D9619676B3133777C869B151DEE457
                                                                                                                                                                                              SHA-256:F2A30B4B3A0AFE65AAFE52FE634F24DC6DA224D6206E01C0DE00FAE3F2F81DC3
                                                                                                                                                                                              SHA-512:B3DA803337E03C810C18148645AE4727DDC215F74DB864C07110A1B728A0663778AAA9A09EAB8D52AA5942D3344B85BD87340804E6B06778409CBA3C08906D03
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......daB...P..........Ht......!n...)..vS......zd..Aa.(2......S{....!.T.n....W....p..[=....C.^.......^,...w..t.>...Q..........Md..........c...d.......................g...H_.........Xt......7......1......................|...A...........B..U..7"...!..H!E..9..XJA...?._.s..b..j.R...D.u&......|)^..R.......<U..I2.......4...f..#...|....Y..D~.............O.......W(...}..b....}..m...s.../..x..;.......J..<D.._u.....Tn.!g).....&Xd...../Xt...O.BW...u..Y.C...0.rN....]......M....$......l....P..bb.......)...%...........>.......n..{....T...c......B........Y..*^...........k.........:Q......Nj...h.._3......_3......}...........d6.._....p.......7..........-E.....-E.....-E...#..L....m.......@...a.....$.>..E..&.......,n......4.......C.....8.K....I..O....x'.V#...y..b_......n.......n.....o..x~......&........$......Q....^..V....P.._...j#..t7..o...(....V.....]...<...v...................Q.......X...........L...........b......$....w..'Z...r..6.......;_....7.L.......S.....B.U5...E(.z.2

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtdeclarative_de.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):74839
                                                                                                                                                                                              Entropy (8bit):4.366362763172934
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:1536:TyBhBK8bbIHRPzFdj5J0V3EgiM0SDa1R2Y/dTKtiR:arKcbIxPzFdj5J0V3EgiM0SD+RJdGMR
                                                                                                                                                                                              MD5:CDA573C273C975FCD7B0818EEB53AFD8
                                                                                                                                                                                              SHA1:52AA46B032F081F3F62962F2D6C86E5823562EC4
                                                                                                                                                                                              SHA-256:8F7E3AA3436C87BCFF7113751E9A8576F2970755227929A024F2943AB4B4871E
                                                                                                                                                                                              SHA-512:51ED1BF3163FA2ABD8367C4CF03B1FC4BAF1D53F06703641886AF56E32DF2C2BE059436082C8C4A6F8347D3F16A7C31007E122AC1199B8FAC3D936244A4589BD
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......de_DEB..............Ht.....!n...O..zd..L..(2....'.S{.....W.....Y.[=......^.......^,....g.o2^..<!.t.>.............Md...t......p...d....T..........g...U.......O..Xt.....1.....................|...M[...........B.._..7"...(;.H!E..C..XJA....._.s..n..j.R.....u&...........F...I2......4......#....e.............b....}..o*...}..|...s...,..x..F2.........<D..k......_..!g).....%j......&Xd...../Xt.....BW......rN...........[....$......l..........."...bb.......)..............>.......n.......T...|......N...........*^..................A.:Q......Nj...u~._3......_3......}...........q..._...............-E......-E......-E......L........a.....$.>..RB.,n....f.C.....d.K....U..O.......V#......b_....r.n.....k.n.....p.{........x~......uu..\v..&........$......Q......V....B.._...x...&....m..t7..~D..(..........ij..<......................Q....b......YJ..........b......$.......'Z......6.....u.;_......S....6..U5...QS.z.2..Y...Ji...........Y...U..G&...D...+..:...wP.......j.......u.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtdeclarative_en.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                              Entropy (8bit):4.0
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:j2wZC4n:CwZ
                                                                                                                                                                                              MD5:BCEBCF42735C6849BDECBB77451021DD
                                                                                                                                                                                              SHA1:4884FD9AF6890647B7AF1AEFA57F38CCA49AD899
                                                                                                                                                                                              SHA-256:9959B510B15D18937848AD13007E30459D2E993C67E564BADBFC18F935695C85
                                                                                                                                                                                              SHA-512:F951B511FFB1A6B94B1BCAE9DF26B41B2FF829560583D7C83E70279D1B5304BDE299B3679D863CAD6BB79D0BEDA524FC195B7F054ECF11D2090037526B451B78
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`...

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtdeclarative_es.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):59875
                                                                                                                                                                                              Entropy (8bit):4.378278425043744
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:768:DF1mGEmqUXbLf2/qP3PyZUu+Mv+3/tDZ2MHuApkmuVw4rTHAZONS:ZdEZUX32MvJ/NZ2MHkmuVL0
                                                                                                                                                                                              MD5:6D3980152D9149280641945911DDB404
                                                                                                                                                                                              SHA1:C0F3BB7C026815D0D6A6EAF8A4F5DBADEE42AA3C
                                                                                                                                                                                              SHA-256:E21FBD29B7F7EEEE40E83E28DDCEC767E2CD5437184C86D9614A36D21D0A3896
                                                                                                                                                                                              SHA-512:A85D5EA38BB90EEE25EB633F4C97EFDAA6D11C09EC84375CDD61DFA2C7CDD85AAEAA4D5AA53EE6526D4D07448AAE580BC071611A498876B6DC329942A42A55D8
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......es_ESB..........t...Ht......!n...B..vS......zd..&X.(2......T.n.....[=...{..^.......^,...^/.t.>...........i..Md...f......K...d...|0......qM..g...-q.....k[..Xt...8..1..........~...........|...&............B..;7.H!E.....XJA... ._.s..I9.j.R.....u&......|)^..8....... ...I2.......4......#...d....Y..) ......5I......=b...}..I....}..U...x.. m.....}...<D..FY.....:n.!g)..vl.&Xd...../Xt...Y.BW...\..F.R....Y.C.....rN...........3P...$......l.......bb..x"......r....>..i....n..c>...T..........(...*^...F.................:Q....8.Nj...O.._3......_3......}...h..._...........H..-E......-E......-E...]..L........a.....$.>..*..&.....q.,n....r.C.....P.K.......O...._g.V#...a+.n.......n.....M..x~..n...&........$...l..Q.......V....P.._...Q...t7..V>..(..........Dt..<...]...........Q......X...........1Q..b....t.$....^..'Z...Y|.;_....s.L.......U5...)..z.2..1...Ji..wH.......F...U..!a...D......:...Q........]......z...........e..!...=......=...i..7..EK..PU...S..N....j..DD..>;.8....B..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtdeclarative_fi.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):65815
                                                                                                                                                                                              Entropy (8bit):4.47627460642578
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:768:n5NOqB3OcFs0kSolyD3dtFnf0+whd7CAlBo1Ju4AIY6:n55H9HFnfEd7CAlw
                                                                                                                                                                                              MD5:7AD1602253312EBE7246E68611013BE8
                                                                                                                                                                                              SHA1:88C902EDF73E6D37DAEAD1818105DF0B311B1FED
                                                                                                                                                                                              SHA-256:ECBDFE57CEACCD55344D0C81E3A23A437C7654CC3E7E9371030576107531062F
                                                                                                                                                                                              SHA-512:A8ADEAB27BDA7D96E77877492F2CBBD8AC8612ECF05B34E9015B43FE48C268FA6755D0F1F269718EA7E91843E5C747603D03E25A56B8DA016491A188FAE0A41E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......fiB...0..........Ht......!n...-..vS.....zd..=..(2....0.S{.....T.n.....W....kA.[=....'.^.......^,...q..t.>..............Md..........`...d...............g...D......}...Xt...l..1...................t..|...>D...........B..Q<.7"......H!E..6/.XJA...a._.s..^b.j.R...n.u&..../.|)^..O.......8...I2.......4......#...w2...Y..@..............K.......S....}..^....}..iD..x..8w.........<D..[......P..!g).....&Xd...,./Xt.....BW...pP.F.R...W.Y.C...x.rN...........Ja...$......l.......bb.......)...........A...>..{....n..v....T..........?Q..........*^...................B.:Q....4.Nj...d.._3....N._3....-.}...zt......`..._...............-E...0..-E......-E...l..L............f...a.....$.>..Bd.&.......,n......4.......C.......K....Er.O....r..V#...tQ.b_....K.n......n........x~......&...._...$...8..Q.......V......._...e...t7..i...(....e.....Z#..<...q........H..........Q....'..X...........Hl..b......$....r%.'Z...mn.6.......;_....q.L.....@.S....+..U5...Aw.z.2..I...Ji...C.......b...U..9W...D

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtdeclarative_fr.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):61420
                                                                                                                                                                                              Entropy (8bit):4.339517241259642
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:768:KiT9lgkVKKes08B/D7i72o1sGwYPtf7N51GFY2A:KBF4Xro1sStf7N5D
                                                                                                                                                                                              MD5:A1921CC689F49BA78892C87E048278D6
                                                                                                                                                                                              SHA1:8E3518040B4D65117DCA5E93026A5528656782BB
                                                                                                                                                                                              SHA-256:DB1F16CD9D1BB55D3A957EFCB6B53930CBF7CC92C5A0C1D7A9E4FED5239ED24B
                                                                                                                                                                                              SHA-512:EAE40A66F09D4C83320CEE721474DEAAD2143E78E109AD58B0BBAFA9E69BC95AEAF2AE67BE59454E75C10D9E647FF62B74E179566CA6B3D326AB791AA618CC2A
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......fr_FRB..........{L..Ht......!n...C..vS......zd..*..(2....o.T.n.....[=....O.^.......^,...b..t.>..............Md..........O...d...........w...g...1......p...Xt...e..1....5......B..........|...*............B..>..H!E.....XJA...q._.s..M..j.R...P.u&......|)^..<:......#...I2.......4......#...i....Y..-9......8|......@....}..NI..x..#4......c..<D..JT.....=..!g)..|..&Xd...../Xt...(.BW...a..F.R.....Y.C.....rN...........6....$......l.......bb..~.......yI...>..o....n..hA...T..........+...*^...[.......M.........Nj...T.._3....A._3......}...m..._...........!..-E......-E......-E...o..L........a...#...a.....$.>.....&.....p.,n......C.....=.K....2@.O....d..V#...f..n......n.....v..x~..t...&........$...!..Q.......V....|.._...V...t7..Z...(....i.....H;..<...b...........Q.......X....1......4|..b......$....ch.'Z...]k.;_....q.L.......U5...-..z.2..51..Ji..}............U..$4...D...1..:...V7.......................)..e..$...=......=.....7..I&..PU..!...N....w..DD..A..8....F..Q.....'.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtdeclarative_hu.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):60508
                                                                                                                                                                                              Entropy (8bit):4.5358592744331006
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:1536:kqThM34iRSFTYetcPvv8qpue5QdxlmVzRe2f/upvV8B7Uwqz7++2VuJAtGQaWQbj:xhM34iRSFTYetcPvv8qpu7dxlmVzRe22
                                                                                                                                                                                              MD5:D9CA88AE1E456538CD25136B898DECAD
                                                                                                                                                                                              SHA1:3B4C6CDFF2175BB267B2125CAEA31CA408C2AB29
                                                                                                                                                                                              SHA-256:49391E359D5657B4AB4EB5736484C804860C03F4FA5CEF2030D8DF6CDED5FD19
                                                                                                                                                                                              SHA-512:5C02328BD96C4BF93652F81D2D114F434E7F580E0DA5BFB2FB87A83417450B37EE94EB29EC0BEC444D2959F76F1A0AA3B3E31ABD0F5876ACE44D2FAF4DFB1CD6
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......hu_HUB..........v...Ht...6..!n......vS......zd..'..(2......T.n.....[=...~..^.......^,...`..t.>...$.......+..Md..........M#..d...~.......s;..g.../E.....me..Xt......1...................|..|...(~.......[...B..<..H!E...G.XJA...&._.s..K..j.R.....u&....}.|)^..:o......!...I2...?...4......#...f....Y..+ ......7.......?:...}..K....}..X5..x..!C......D..<D..H%.....<..!g)..xh.&Xd...V./Xt.....BW..._f.F.R...#.Y.C...g.rN....T......5h...$...@..l....R..bb..z.......t....>..k....n..e....T...}......)...*^.....................:Q......Nj...Q.._3......_3....y.}...j|.._..............-E...C..-E.....-E...a..L........a....$.>..,..&.......,n......C.......K..../..O....b..V#...c..n.......n.....k..x~..p...&.......$......Q....^..V......._...T-..t7..Y...(....=.....F2..<...`H..........Q......X...........3;..b....6.$....ac.'Z...\(.;_......L.....i.U5...,..z.2..3...Ji..yJ...........U.."Y...D......:...Sf.......U......|[.......D..e..#...=......=......7..G...PU.. ...N.......DD..@..8....D..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtdeclarative_ja.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):45301
                                                                                                                                                                                              Entropy (8bit):5.698459762069523
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:768:6U7Co6gFOOP04UhNglGVX0Oqo1okO/RFfXDZ+vIhLYKcW9IisiKpTpc:nrF04UhNGGVX0to1w/RFvDZ+giKcW9IK
                                                                                                                                                                                              MD5:B90131311A7909C38E9A2322191DD837
                                                                                                                                                                                              SHA1:ED58CB2CF372B3CE365E61E6F621801F602BCBF5
                                                                                                                                                                                              SHA-256:48510E832351AF8707FBA6DAC755B43D65182C7B826296805DB463F2F8431C69
                                                                                                                                                                                              SHA-512:18FC74AF5C491DAC265EC8615311C28D4B6152BF9C405675E37C29CD819928AEDC7C25D413950F268E0CF1B29B9BEF78BB23112F7D3BA257B2C5AD15A0418C1C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......jaB..........W...Ht..e...!n..|:..vS......zd.....(2...q6.T.n...0.[=...\T.^.....n.^,...GG.t.>...8......._..Md..........9#..d...\.......T...g..."......P...Xt..gn..1...g......^u..........|...........|....B..,..H!E...y.XJA...B._.s..7..j.R...c.u&...j..|)^..*...........I2..k....4..a...#...L....Y..........(........h...}..8....}..@...x.........]...<D..5......+..!g)..X..&Xd..aj./Xt..j..BW...F:.F.R.....Y.C..w=.rN...s.......&....$..m...l....X..bb..Y.......U....>..OT...n..J....T..d_..........*^..}~.................Nj...<\._3...o.._3......}...N..._....o......u(..-E...-..-E...0..-E......L........a.......a.....$.>..!..&....v..,n......C.......K....#{.O....H'.V#...I..n.......n........x~..R...&........$.._...Q...p...V....,.._...=...t7..A...(..........3...<...F.......`...Q.......X...........%...b......$....G..'Z...C..;_....Y.L....x..U5... d.z.2..%...Ji..Y4......qh...U...a...D.._...:...=h..............[=......rf..e......=......=...-..7..4...PU......N....4..DD../%.8....2..Q..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtdeclarative_ko.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):49579
                                                                                                                                                                                              Entropy (8bit):5.789790241643706
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:768:D9AZqzd0Vy7zk/is2saS7pPr9pW/OxDTBcnJjx:ZZd9TswS7pPC/OxDTBcj
                                                                                                                                                                                              MD5:C00B1C9F0AD0F9CF66B58BC34171FDF0
                                                                                                                                                                                              SHA1:9CEA2DB1FC727FEBAA6254FF3C080A6F17B7BEF0
                                                                                                                                                                                              SHA-256:C9696191BC98A97F8E2D338E474DBC3B186B562BE3185164C90EB204A4A084C3
                                                                                                                                                                                              SHA-512:210854A478325A3C7703B14A8ED2761312754FF152335E899CDEDDEF6009E7FBCDBB83E2FFCEA36553869AE302AD4A06F1C898BE3CDC346E4F4509EE2C928EBC
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......koB..........o...Ht...+..!n...E..zd..4W.(2......S{......W....W..[=...vf.^.......^,...\=.o2^..(a.t.>...7.......H..Md..........M...d...v.......j...g...9......f-..Xt......1....e.....z`..........|...4............B..A..7"......H!E..-..XJA....._.s..L/.j.R.....u&.........../...I2.......4..}...#...a......yV......Cp...}..L....}..U...s..f...x../......y...<D..J9.....A..!g)..p..%j....*.&Xd..}../Xt.....BW...[4.rN...........>....$...7..l...............bb..rL...)...l......mW...>..d....n..`....T..........5........B..*^...................5.:Q......Nj...P.._3......_3......}...d.......N..._...............-E...;..-E......-E......L........a...z.$.>..8@.,n....L.C.......K....:z.O....]..V#..._V.b_...j..n.....g.n.......{........x~..h...uu..?6..&........$..z...Q.......V......._...R+..&...t...t7..V6..(....9.....H...<...[...............|...Q...........<.......q...b......$....\..'Z...Y .6....._.;_......S....#F.U5...7..z.2..=C..Ji..p........+...U..0T...D..{...:...Q...............sA....

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtdeclarative_lv.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):53940
                                                                                                                                                                                              Entropy (8bit):4.611643276008973
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:768:TiTK9d2qc0jaNdFuuoEtUuzK/j6pqWPeRRV8PeuiGRPuL1K4Pul:GT4hT1PEtoGpqWPeRoPe6RPuLal
                                                                                                                                                                                              MD5:0C92EB9D23D32D908856851450A368B6
                                                                                                                                                                                              SHA1:F069C4D78018C09E5AF2D5B4CC303B6FA1F890BA
                                                                                                                                                                                              SHA-256:17ADE65CEB98DADA9828DAF8990472BFB8A8EA497BA8DEBE7D2722138984BA65
                                                                                                                                                                                              SHA-512:EE13DA755FE046BCA1A440E008C1EB6A086099EC7818B49E1CD582436A452E766378D83A857172281355E290CCAC51BB27B0E4629ECF890F6A5B37C065306421
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......lv_LVB..........i...Ht..{...!n......vS......zd..$..(2......T.n.....[=...oS.^.....m.^,...T..t.>...i.......,..Md...>......Dr..d...o.......f6..g...*......`...Xt..~S...D..le..1..........r........~..|...$............B..5..H!E.....XJA....._.s..B..j.R.....u&....V.|)^..3...........I2.......4..v...#...Z....Y..&.......0.......7....}..CA..x...l.....qQ..<D..@*.....55.!g)..j..&Xd..v../Xt.....BW...S;.F.R...y.Y.C.....rN.........../....$......l...........g....>.._a...n..Y}...T..z.......%...*^...E.................Nj...Hu._3......_3....C.}...^;.._............s..-E......-E......-E......L........a.......a.....$.>..(D.&.....H.,n....&.C.......K....+".O....U..V#...W..n.......n........x~..c...&....o...$..r...Q.......V......._...J\..t7..L...(..........>o..<...T.......u^..Q....Q..X...........-...b....C.$....U(.'Z...P..;_....o.L.......U5...'y.z.2..-...Ji..k........%...U...X...D..s...:...I...............n........=..e......=......=......7..?,..PU...x..N....)..DD..8..8....=..Q.......

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtdeclarative_pl.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):64190
                                                                                                                                                                                              Entropy (8bit):4.580664230973424
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:768:ZTc4CALkXqek2bL0uifGW10uOij9sbCnzJsQqO6phvosvEhrKn92e:Zo43LjQpsTj9scJRqO6phJD
                                                                                                                                                                                              MD5:613579C7EAE099B36B0EA0AA40F1D5D0
                                                                                                                                                                                              SHA1:5CF3C1E7A05E45DE18232C23384560190C3C6E11
                                                                                                                                                                                              SHA-256:A2BD73094DA6595EF58F48319694EEF36F07F76D014FDDD8A8C3546349691280
                                                                                                                                                                                              SHA-512:CCCBD181B1790FF940DD3FDF1FE2A3E4F57FE8EE9C4DBF23465C648F1F767091F47F5DD2864A699EE6BBD240CD7CB759D567F62D83A9BEDA7ABA22CF8049AE63
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......pl_PLB...@.......8..Ht......!n......vS...,..zd..>..(2....&.S{....!.T.n.....W....lF.[=....'.^......^,...sp.t.>...........%..Md..........`K..d...............g...F6.........Xt......1....B................|...?r...........B..R$.7"....B.H!E..6..XJA....._.s..^..j.R.....u&......|)^..P.......9...I2...C...4......#...y}...Y..B9......W......N.......Tq...}.._&...}..j...x..8.........!g).....&Xd...>./Xt.....BW...q..F.R...&.Y.C..........L=...$...0..l.......bb...w...).........../...>..~A...n..xA...T...e......@...*^...*.................:Q.....Nj...d.._3......_3....X.}...}..._....a..-E...d..-E...a..-E...J..L........a...t.$.>..C..&.....c.,n......C.......K....F..O....t..V#...v@.n.......n.....\..x~......&.......$......Q.......V......._...g...t7..j...(..........[Q..<...r...................Q......X...........JJ..b....:.$....s..'Z...n..;_....}.L.......S....,U.U5...C..z.2..J...Ji...........X...U..:....D......:...fh.......7.......t..e..:...=...R..=.....7..\"..PU..7...N....N.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtdeclarative_ru.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):67138
                                                                                                                                                                                              Entropy (8bit):5.172234333233121
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:1536:hEKkY6PcTUZ8Zyn4xUQ/Y3zmb72JBkoUjWBLozoU20SAY8r:OKBRY3zq7Ixm
                                                                                                                                                                                              MD5:65D100732E5F2B9F490D52B54C0A4F98
                                                                                                                                                                                              SHA1:255B4224966D683C264FD44415811A962464E20B
                                                                                                                                                                                              SHA-256:5AB39DABF085583A0BD4D98894CEFEC4B1D788E820BB51BB60851F8F50793196
                                                                                                                                                                                              SHA-512:1E0352A93054BBEE4ABD4C232F639C907D92E6464BD403F4630FC026C33E8EE7D560684F44762B57C0AA584DE09C811461113EB1872F2225AC2D0C7E7AFFDD68
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......ru_RUB..............Ht...?..!n.....zd..E..(2....;.S{......W....s?.[=....@.^.....U.^,...z7.o2^..7..t.>..............Md...~......e...d...............g...L..........Xt......1.....................|...F)......."...B..V..7"...%..H!E..=..XJA...._.s..d..j.R....u&...........@...I2.......4...+..#....c.............X....}..d....}..o...s...b..x..@..........<D..a5.....U..!g)...K.%j.....&Xd...S./Xt.....BW...x..rN..........S&...$......l...............bb.......)..............>...X...n.......T..........G:.......p..*^..................A.:Q......Nj...j.._3....k._3....z.}...........f8.._....$..........-E...q..-E......-E......L........a.....$.>..J`.,n....X.C.......K....MR.O....{].V#...~..b_....*.n.....].n......{........x~......uu..S...&........$......Q.......V.... .._...l...&....M..t7..q"..(........._2..<...y........u.......x..Q....(......P...........b......$....z..'Z...u2.6.....E.;_....9.S....1..U5...Iy.z.2..Q+..Ji...!.......m...U..@....D......:...kl.................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtdeclarative_sk.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):48654
                                                                                                                                                                                              Entropy (8bit):4.548235735945666
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:768:DrJXS+Wrwn2jxvoDpr6kkxC+WzzA+bxybPFCQCQRg0oyVgxdLX:D1XS+WrwnuvWor8zrxZQCQRg0VVm
                                                                                                                                                                                              MD5:8C2A3EDB1D046D6FE94C243DF19A1F93
                                                                                                                                                                                              SHA1:62769EB0CBA341DD40D5373A26B19034873AD284
                                                                                                                                                                                              SHA-256:F95360E7CF10169E2BB3373C4FA5153D35F1843474D7ECE4232E7030E945A9B3
                                                                                                                                                                                              SHA-512:BB22E423E227BBDBB08DA21F8BC2803CA041F54A283D2CBAC4B5F883CBCEDCAE23215B1CDEF3199292E91E518E2816406552D031EA8F75EB1B18705A09284119
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......skB...........?..Ht..(...!n..t...vS......zd...K.(2...dZ.T.n.....[=......^,...Yw.t.>..z.......=u..Md...8..........d.......4c..7.......3r..g...D..........Xt..+!...D.......D..iI..1...+.............../..|...........u+...B..L..H!E...f.XJA....._.s...J.j.R.....u&.../..v....$.|)^..K........?..I2..0....4..#....Y..@.......I.......N....}......x..........7..<D.........PN.!g).....&Xd..#'./Xt...h.BW...X..F.R...k.rN...f.......G....$..8...l................>.......n..]...........*^..v.......4.......5....4...6.Nj...j.._3...c..e....'..}...aD.._.......L....=..q...7a...a.......a.....$.>..B/.&....nv.,n......C.....:.K....EY.O....Z..n.....~.n........&........$......Q....N..V......._...k.......j..<...X......."k..Q....j..X...........F}..b...>..$....Y..;_......L....p}.U5...Ah.z.2..G ..Ji..........d....U.......D.. ...6N......:...kZ......?........z..e...6..=......=......7......PU......N...x...DD..Qt.8.......`.u..N..d.`...k.d.`.................[...>...P...>...go......6...Us..|...".

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtdeclarative_tr.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):69650
                                                                                                                                                                                              Entropy (8bit):4.61682450810444
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:1536:FkjDyoRPH151JiCeX8trHJ4zJnzqzAarfjMF3MYqFpSP+8GzXwyXPIIYmk/QpjAu:FkjDyoRH151JiDX8trHJ4zJnzqzAofjP
                                                                                                                                                                                              MD5:E8D7B3F12F90DD66356F5B07EEE3E726
                                                                                                                                                                                              SHA1:11F1AF22C312FB5218DFCF7071598B1385A2F9AE
                                                                                                                                                                                              SHA-256:67012FAFEC015B557098F9CEA26618B0E18B567C424455F9A3F35492437F9DE7
                                                                                                                                                                                              SHA-512:0E86FE8A376C087DE8D5FD97AE769464C7E0E4EDCF82A10270193ACDB301FE726D269C9FD4A4FC413634B77711BDC73B5EBEEC7703339912183B67224FB059E1
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......tr_TRB...p.......^..Ht......!n.....vS.....zd..E..(2....y.S{.....T.n.....W....p?.[=......^.......^,...v..t.>.............Md...t......c...d....h.......f.......M..g...L..........Xt...A..7.......1...................{..|...FO...........B..U9.7"...$..H!E..>,.XJA....._.s..b..j.R.....u&...........@...I2...n...4......#...~%.............Wl...}..b....}..l...s......x..@..........<D.._w.....T..!g).....&Xd...!./Xt...J.BW...u4.Y.C.....rN...........RA...$......l....*..........bb.......)...............>.......n..|....T..........Gf..........*^...J.......I.................:Q....=.Nj...g.._3......_3....*.}...........d,.._............T..-E......-E...g..-E...T..L....S...........a...l......R.$.>..Jd.&.....M.,n....F.4.....R.C......K....M`.O....w..V#...{..b_......n.....s.n.......x~......&....n...$...5..Q.......V......._...ie..&.......t7..nH..(....s.....]...<...v........'.......z..Q.......X...........P\.......C..b......$....w..'Z...r,.6.......;_......L.......S....2..U5...I..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtdeclarative_uk.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):63981
                                                                                                                                                                                              Entropy (8bit):5.191818337312617
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:768:ob0qDvWp6aREwD1TiZ+9Mw97DsAX4agiNEOcC4M6aqxmsm3tsDbT/r8UnpsfDv3i:obZD/+59X6a3jAK3NIuF5lBHpsJo7I
                                                                                                                                                                                              MD5:9AA6CE53C68384B3AA5CA91148A642C1
                                                                                                                                                                                              SHA1:D2D1AAE0E50C21DCD700E2CF2D468F79D140B6BC
                                                                                                                                                                                              SHA-256:87246C7A96252B0611DD03FC8F1F4591CBE4F10C28D49E45911FCA686DAD72C9
                                                                                                                                                                                              SHA-512:31F6BA572AAEBA63CCC01D13CBC756454EB7F7E354BB8AA332E7B6B4D10A31E926BD8FE70667F9396C4A24DF28B75D3D630B7BDD03889F45C332D3E39A82012F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......uk_UAB...H..........Ht......!n...z..vS...I..zd..=J.(2....`.T.n.....[=......^.....A.^,...s..t.>..............Md...J......`...d....4.......g..g...C..........Xt...l..1....*..............r..|...=............B..P..7"....B.H!E..4..XJA....._.s..^..j.R.....u&......|)^..N.......7...I2...'...4......#...y....Y..@.......K9......SP...}.._h...}..j...x..7S.........<D..\......P..!g)...x.&Xd...../Xt.....BW...r..F.R...].Y.C...k.rN...........I....$...&..l.......bb... ...........>..~6...n..xL...T..........>...*^.....................Nj...e.._3....v._3....?.}...}..._....X..........-E......-E.....-E......L........a....$.>..A..&.......,n....,.C.....J.K....Ds.O....t..V#...v=.n.......n....._..x~......&....k...$......Q.......V......._...g...t7..k...(.........Z...<...r........-..Q....9..X...........G...b......$....t..'Z...n..;_....o.L.....].S....*e.U5...@..X....R..z.2..H\..Ji...F...........U..8E...D......:...fv.......g..................e..8...=......=.....7..Z...PU..6I..N......

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtlocation_bg.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):42381
                                                                                                                                                                                              Entropy (8bit):5.295235540089978
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:768:y65z2WQA1k4wZHjUASCGJc01jKms91Z5xdDCsR1gua44vMeOJrxQ27FJIMSVveL9:y8zh1wZHjUtCGJc01jKms91Z5xdDCsR1
                                                                                                                                                                                              MD5:92FF1D699E95910056164F2C341BD3A2
                                                                                                                                                                                              SHA1:2F4E34F8FBAE5EC06C493F9423C09E7FE2FE6CED
                                                                                                                                                                                              SHA-256:EF1DDD08A34D1E33B448F52CC2616D07786C6FBAB98650002AF08B986737BF53
                                                                                                                                                                                              SHA-512:E73E4DD664AA02521630EB78759077030F06289CDADE93303B7C92A63168AAF9F4A9DD56E691D48ED61D9110892C64B75CEAB9D90FA07681A5F7E6AA4E3282B3
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......bgB..........D`......fr......GK...`...........H......X......\Y..H0.....Jc...f'.M......R....gd.S....K..Ui...R..W'....}.Zl...R..\dg.....l....`..m....`F.u....ae.w.....2.z....b..z...b..z....c1.}Ad..Y....D..B...l.......0D..$...!...H...?...dH...................n..........>.../...N..#....A..,.......ARt..&..O....?_.U?......X....N..jm......v....Nu.xU5.....|.%..xa.|...:....>..........R.......Kd..W...1........B..... ...J.......y$..^D.....Y...............t../b%..k].>.4..9?.L....[{.NI...Lz.P....D..fC...........2....%..v................2......>....h.._x..tT.........,P.+....Y8.9.b..J..Q....p..Z....{..s....o7.|lU..._.~v...Q=......@... .......{...........=....D..6.......8...i...W@..~...B..)........`..j...g...'i.3B......?*...[..B.....>.j"w.....l....9..m.... ..p4......|....4..~....,....,..........e.......|\......S...h...F....!..W.......F4..1N......a..8...^......z5.........UK..tt..P....@...R..e...&....Q..2J.+S...r..B.r.....QS......lI...h..m.......o....w..y=...........\...}.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtlocation_ca.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):46319
                                                                                                                                                                                              Entropy (8bit):4.597761631279893
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:768:wV4vjV1zxgEi5+3BVsulfli4RmpRsdeS6mXrJMFPT+ujX9tC1:wOvjV1zxgEi5+3BVsulhmpRsd/6mXrJR
                                                                                                                                                                                              MD5:99802CDA17418670BC2106F5EA93928C
                                                                                                                                                                                              SHA1:2F523297032F2BC2F413143968A86EF48A9D8A12
                                                                                                                                                                                              SHA-256:BB17AB4C76A6B995F1DC24DD06E1B1B72BA0DF98EA3CB20FC3D2997A9DC5CDEA
                                                                                                                                                                                              SHA-512:1732CD2F1F83B7600F070050399878811649A751DE70C3F429598B55A859F849EFD1DD55512FE41D7BCDF7A92FE4E6C3A9B950E9E8F714C5866F172A2D1EDBB4
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......caB..........N...............p.......Q....`...........X......b......f...H0.....C.....9.H.......Jc...p..M......R.......R....q..S....U..Ui...\v.W'....C.Zl...\..\dg.....l....j..m....j..u....k..w....&1.z....m%.z...m`.z....m..}Ad..d....D..L...l....z..0D../...!...S+..?...n....................n..........H.../...W..#....K..,.......ARt..1..O....I..U?......X....X..jm......v....XP.xU5.....|.%.....|...E4...>...:......\.......J......Uo..W...=..............*...J...&...y$..h......c................../b%..u..>.4..D..DD......D`T.....L....e..NI...Vq.P....Ot.fC...'.......> ...%..........%...............I....h..j&..tT...,.....7..........+....c\.0.......9.b..T..H.....J.Q....{c.Z.......s....y..|lU...Y.~v...[H......J........... ...#~..{...........G....D..B.......C$..i...a/..~..'E..)........`..u2..g...2p.07......3B..."o.?*...e9.B.......j"w.....l....D..m....+f.p4....n.|....@9.~....8....>.......,...........\......o........H......]...h...Q*...!..a.......P...1N..(...a..C...^...&..z5

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtlocation_da.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):44056
                                                                                                                                                                                              Entropy (8bit):4.687332406279301
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:768:XkkA299B7tfp89dGF9RfNIEoj4VnWZP8Ceun+LkyJEJPNdRcqmWwO2yBTZz7POmJ:XbA299B7tfp89dGF9RfNIEoj4VnWZP8u
                                                                                                                                                                                              MD5:F53C606AF261BDE88257C9C2901EB1C7
                                                                                                                                                                                              SHA1:185063DA37D32A37E5A1E86DC7A0DE83FB240471
                                                                                                                                                                                              SHA-256:E37E59E61D4987DEF2D4A7763086171B86AAFEB05FD0E64F6BA90A50C882503A
                                                                                                                                                                                              SHA-512:9EB942EAFA8101670DCDB87BB4C6D9FBFA1330976339BFA6DF43351DA211A3FD74CB60E2C908A22E35AF3E9CA67B629A149C2749DB99CDEEE5C977B2067B3985
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......daB..........L...............mY......O....`...........y......_f.....cH..H0.....C.....@.H.....G.Jc...m..M......R.......R....nI.S....S-.Ui...Y..W'......Zl...Y..\dg.....l....g8.m....gq.u....hr.w....#..z....i..z...i..z....j&.}Ad..`....D..J9..l.......0D..,...!...Px..?...k%.......f...........n...5......F1../...U?.#....Ig.,.......ARt.....O....G..U?......X....V1.jm....{.v....U..xU5.....|.%..~..|...B....>..........Y-......R...W...:W.............'...J...#...y$..e......``..............z../b%..q..>.4..Ac.DD....N.D`T.....L....b`.NI...S..P....L..fC...%'......;w...%..|.......#........O......F....h..f...tT...s.....4........!.+...._..0.......9.b..Q..H.....q.Q....w..Z.......s....u..|lU.....~v...Xg......H5.......... ... ...{...........EN...D..?;......@[..i...]...~..$...)........`..q...g.../k.07......3B......?*...a..B.....I.j"w...W.l....A..m....(..p4....{.|....=`.~....5....,..................ls..............Z...h...Nq...!..^\......M...1N..&...a..@...^......z5.........\...tt

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtlocation_de.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):47076
                                                                                                                                                                                              Entropy (8bit):4.624044967308464
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:768:svSE0+ZU3Avs4Np0cucNOzAFmvEZyQSA0E7imZLTznaz+gGr:sKE0+ZU3Avs4Np0cucNXFmvEZy9A0E7l
                                                                                                                                                                                              MD5:0E5F1FF24DFA1232E6A0C102291CE81E
                                                                                                                                                                                              SHA1:A75D0434F4A7F4D1B23C822412AC1A5674EB3DF8
                                                                                                                                                                                              SHA-256:A0EB0CFF31C137D321E3F1C0CDCEFBB4C52B86FDC31FA74C6975F2E4D9B6F23E
                                                                                                                                                                                              SHA-512:F8B68B4603CDB0EA74768D823B03DFCB11643A6E5F55AF34BBA0DC9F6F0578D87AFB8100E35FC0106C322974246680D41775D3A0679652370849A7AA081250A7
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......de_DEB..........U)..............y.......Xl...`..................k......o+..H0...%.C.....I.H.......Jc...x..M....f.R.......R....z..S....]&.Ui...d:.W'......Zl...d..\dg...D.l....r..m....s..u....t..w....+..z....uS.z...u..z....u..}Ad..l....D..S$..l....F..0D..4L..!...Z?..?...v....................n...$......N.../..._t.#....R>.,.....f.ARt..6j.O....O..U?......X....`n.jm....x.v...._..xU5...C.|.%.....|...J....>.."f......c..............\...W...B@............./:..J...+_..y$..q$.....l%.......?........./b%..~e.>.4..I..DD......D`T.....L....n;.NI...]..P....U..fC...,.......Cp...%...O......*...............O....h..rH..tT.........<..........+....k..0.......9.b..\..H.....Z.Q.......Z.......s.......|lU...9.~v...b.......P........... ...(F..{...........M....D..G4......H\..i...i)..~..,3..)....X...`..}...g...7P.07......3B...'I.?*...m..B.......j"w..#..l....J2.m....0P.p4......|....E].~....=V...>...l...,...w.......P......x>..............e...h...W....!..i.......W;..1N..-...a..H...^.....

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtlocation_en.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                              Entropy (8bit):4.0
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:j2wZC4n:CwZ
                                                                                                                                                                                              MD5:BCEBCF42735C6849BDECBB77451021DD
                                                                                                                                                                                              SHA1:4884FD9AF6890647B7AF1AEFA57F38CCA49AD899
                                                                                                                                                                                              SHA-256:9959B510B15D18937848AD13007E30459D2E993C67E564BADBFC18F935695C85
                                                                                                                                                                                              SHA-512:F951B511FFB1A6B94B1BCAE9DF26B41B2FF829560583D7C83E70279D1B5304BDE299B3679D863CAD6BB79D0BEDA524FC195B7F054ECF11D2090037526B451B78
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`...

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtlocation_es.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):23400
                                                                                                                                                                                              Entropy (8bit):4.567583097346024
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:q3nx9GUWU3ZGsh3x2WdOhhYhFZkxhv9eVFCsLqC3RIMg0Ky/Vgon2g1/WTJ2naBr:q3nPjwYWZ9eVFCsLqChIvfGCz
                                                                                                                                                                                              MD5:863538E2D271EF492290F47BB3D78696
                                                                                                                                                                                              SHA1:35D6714B96FA5857280956AC454942278BB19749
                                                                                                                                                                                              SHA-256:0312EC0AC787F1C09C9B0FF12C1338E9B55629C61719817A2B0068000ABC3093
                                                                                                                                                                                              SHA-512:287AF0A69FB9BA385A4FC49F3A8AA1548F044C53938004E2A7CADC743331D0301336C9FC9EAC8CA1976A0DA545F5A5F9DDD76ABC9F628894E2EFBA139B17881F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......es_ESB.......`..K.......A*..H0..B..M...A..W'...J..\dg..F..w.....@..l...H.......<.......U....n...y.,....P..P{... ..jm......xU5..E..|.%..3[...>..........S&..J.................../../b%..&Q.8Y......fC........%..1...............I^..tT..U..Q....+..Z....6..s....*+.|lU..>q.. .......{....A..~...V..)...R....`..%..3B......B....O&.j"w...A.p4........,..I...............78...]..$...1N......~....o..^......z5..:....@..:6.+S...-..B.r..J%.QS......m....M/.o....2...}...K........(..k....\..1N...\..(~......* .....'1N..L..I............,...(p..?o.....C...k...?...N...8.l.^..........R.......>.......Fr..2.......m...G....n......|...8:..B..N_..2...I..<P...H..Fy...I..duu..;Y..=...J....~.......Y..K...4...........*..-....;..-....D..v.U..<].v.U..D...L...O......."...z~...3.......X..t....\..}............'...~...c.#....B+.'.p..@..E.......H.......J....M..N....-..]....?..]....GE.lY...9..w....M...y...5.......T.......,..........&O......W....S..l....KP.vr...........=.......E.......HE...P..)....>.....

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtlocation_fi.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):43724
                                                                                                                                                                                              Entropy (8bit):4.684228399024422
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:768:GCUOfu0QRthPYygfkgP6u5Dz3xGnlrerwqmNoSd0Zcegn2i2UYxXZAhOghdd:GhOfu0QRthPYygcgP6ZlrerwqmNVd0Zi
                                                                                                                                                                                              MD5:45E8E7A5847D88EB4DE7088149F5EFF3
                                                                                                                                                                                              SHA1:58783F6E0A39A5534F719DE3D5C844790E559288
                                                                                                                                                                                              SHA-256:D0E2A47A4E99022AA612B88271FBFB4D6F309CDE28A972E3A83D349AAF5170FE
                                                                                                                                                                                              SHA-512:0EC77F96D80E9D63E4B90E1A2A274369EFFC4B566237E2E53CE4C58D0E0041E9118A0151FB227AC91B1712B6A38BDA8B3CD19EDDE6A6B032B51D681B87EB9745
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......fiB...`......K........'......m.......N....`..................`h.....d`..H0.....C.......H.......Jc...m..M....-.R.....j.R....n..S....S..Ui...Y..W'....T.Zl...Y..\dg.....l....hb.m....h..u....ip.w....$..z....j..z...j..z....j..}Ad..a....D..I...l....}..0D..-...!...P<..?...k....................n...e......E.../...U..#....I..,.....=.ARt../..O....F..U?......X....V..jm......v....U..xU5.....|.%..~..|...B9...>...C......Y?......R...W...:=.............(...J...$...y$..f......ad..............{?./b%..r..>.4..@..DD......D`T.....L....cn.NI...S..P....LS.fC...&-......;C...%..}.......$...............FN...h..g...tT...Q.....5F.+....`..0.......9.b..Q..Q....wn.Z.......s....v .|lU.....~v...Xg......G........... ...!...{...........E....D..>.......?...i...^...~..%...)........`..rQ..g...0..3B...!..?*...b..B.....?.j"w.....l....A..m....)..p4....[.|....=..~....5....,..................m........U......[!..h...N%...!.._N......M...1N..'(..a..@R..^......z5...i.....\]..tt..W....@......e...07...Q

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtlocation_fr.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):22158
                                                                                                                                                                                              Entropy (8bit):4.5544025106195605
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:Ljj4rBY5xbF9eoF1UzjixHKmKEGMvKVio5TcUR2/mxBliIWt7:LXJ9eoF1UzjixHKmKEG5wqi
                                                                                                                                                                                              MD5:6607B40522F5BE340CD7CBC908402F85
                                                                                                                                                                                              SHA1:4F6D0018E52563ABCDBDB5E2BCEE18C37E65CA95
                                                                                                                                                                                              SHA-256:4D617E74E9112FAB4BCA93C8546F3F2FA429CFE544658581D4C12AEE9598F3D5
                                                                                                                                                                                              SHA-512:BC674E07834EC402B49412D3D401789F396A6058D047424D99995BA5F7A79EE837D3B01A504CBFCD62547B8676636118EF73C7162E2DF6C92EA0E172ED8293D8
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......fr_FRB...X...`..Fz......<...H0..>..M...==.W'...E..\dg..BO.w........l...D%......9 ......Q|...n.....,....K..P{....n.jm....n.xU5..AJ.|.%.......>..........Nn..J...........*../b%.. ..8Y....H.fC....B...%..,........E......D...tT..Q..Q....&..Z....2\.s....% .|lU..:... .......~......)...M&...`.. ].3B......B....J2.j"w...&.p4....l...,..EN..............3....]......1N...;..~.......^......z5..6....@..6S.+S...(..B.r..E..o........}...GL..........k.......1N......(~...&..* ..)..'1N..H/.I.....W......'w..(p..;......?1..N.....l.^...{......M.......:X......A...2.......m...C....n...h..|...41..B..Ic..2...E..<P...C`.Fy...D~.duu..7b..=...F2...Y..F...4....v......%..-....8..-....?..v.U..8r.v.U..@E..L...J...........z~..........)7..t.......}....j...........~.....#....=..'.p..<=.E.......H.......J....H..N....(..]....;d.]....B..lY...5..w....H...y...1l......P.......'..........&O....N.W....N..l....F..vr...........9.......@.......C....P..$...k...*..(4~...Z.4....%..U.e..>~.o-...3...\..............

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtlocation_hu.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):23755
                                                                                                                                                                                              Entropy (8bit):4.704732362353833
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:+pfUUViBHKOFDWk5j5rM6eold12b3D2DlmxQNT3noecFU1ITgDsAIMiDoDpDcy2F:+1sBHKOFDWk5j5rM6eold12b3u5T3noJ
                                                                                                                                                                                              MD5:A1F46148F97BEEFA410DCDE6F3235623
                                                                                                                                                                                              SHA1:8F400D3DF4E70424FB85FA8A2AAED52E621C0F4E
                                                                                                                                                                                              SHA-256:C88E21DFE65A71EE01CFE5E83650B58F84FB18E67DE6BFB9A157688C5E492DAA
                                                                                                                                                                                              SHA-512:34E3EAD2DD0B019DB7FDC136CBD90E717F7899F31A7102CBDC79C4028F5D9F5035D740A67E5B92C71969BA94EE3DE56DD49A0A05F1D9625B6F5726D866BFC2BD
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......hu_HUB.......`..L.......B...H0..D9.M...C..W'...L..\dg..HR.w........l...J8......>.......Wn...n.....,....Qn.P{..."..jm......xU5..G[.|.%..5....>..........T...J...................1N./b%..(W.8Y...!..fC....'...%..3I..............J...tT..W..Q....-q.Z....8_.s....,..|lU..@7.. .......{....E..~......)...S....`..'..3B....(.B....P..j"w...K.p4....#...,..K_......!B......9....]..')..1N......~.......^......z5..<|...@..<..+S.../w.B.r..K..QS......m....N{.o....4a..}...M;..........k.......1N...v..(~...;..* ..0d.'1N..N..I.....J.......Z..(p..A9.....Eb..k...A...N.....l.^...\......T.......?.......G...2.......m...I!...n...U..|...:...B..O...2...K..<P...Ik.Fy...J..duu..=...=...LE...~.......Y..L...4....s......,..-....=..-....F..v.U..>..v.U..Ft..L...P.......%...z~........../...t....x..}................~.....#....C..'.p..B..E.......H.....>.J....OP.N.......]....@..]....H..lY...;..w....O...y...7.......V.......-........C.&O....U.W....U..l....L..vr...........?~......G.......I....P..+....>.....

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtlocation_ko.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):35336
                                                                                                                                                                                              Entropy (8bit):5.8436013348626235
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:768:yEttXNBW6InL7/qatvBSbCv5haVY6/gQTSv5OugGOs7xBXbVNxD:yEttXNBW6InL7/qatvBSbCmVY6/gQOv5
                                                                                                                                                                                              MD5:C5872DE86F4E259ECCF0F34FC1D000E8
                                                                                                                                                                                              SHA1:93EF51F097B78E5CBEAF552AD3223FEA6D51F80F
                                                                                                                                                                                              SHA-256:51B1DF77A487781E45DC4571DEB8996FD3F5C8872E895FAE618292EF6F9CE495
                                                                                                                                                                                              SHA-512:A7AC67201797A6920D7AB47F0F4577669078DDB8FAB17030AE681BFBEE35B1200BE7BFC1A179AA6DDEC473921C3FD01875041D4DCDED154A61AB7C7CF8588005
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......koB..........;...............WF......>R...`..v.......o6......K......Ny..H0..pA.C.....E.H.......Jc...W..M...o..R.....E.R....X..S....A..Ui...F..W'...vG.Zl...G..\dg..sP.l....Q..m....Q..u....R..w.....c.z....T..z...T>.z....Tu.}Ad..L....D..:x..l...t...0D..%Z..!...?}..?...Ub......l.......~....n..........7 ../...CV.#....9..,....z..ARt..&..O....7..U?......X....D..jm....<.v....C..xU5..r..|.%..d..|...4l...>..........F..............AG..W...........}......!...J.......y$..P4.....LQ..............bL./b%..[E.>.4..3..DD......D`T.....L....M..NI...B..P....<f.fC.........../....%..c...............uN......7e...h..Q8..tT..~......+#.......p.+....L..0.......9.b..@..H.......Q...._%.Z....gE.s....^..|lU..m+.~v...E.......8........$.. ....6..{....D......6s...D..2.......2...i...J7..~...I..)...|4...`..Z...g...'..07....%.3B....y.?*...Mo.B....z&.j"w.....l....3..m...."^.p4......|....0..~....+....>.......,..u...............V.......g.......G...h...=....!..J.......=u..1N.. s..a..3...^......z5

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtlocation_pl.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):42325
                                                                                                                                                                                              Entropy (8bit):4.764518966991693
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:768:wxhULHBGq3WCifK5ebOh475jJ+foxxo1KFyfDxdqWOBp6NjG8f7xua8i3:wxWTBGq3WCif1bOh475jJ+foxxo186vl
                                                                                                                                                                                              MD5:0E8B03FC79FFADB96DA64D7BD41B2CCC
                                                                                                                                                                                              SHA1:ACF17E370CB948BAB49546FE27C55FDEFC555D23
                                                                                                                                                                                              SHA-256:621B346772270F905CACA455C67CA7D720D7F5EAE4AFBD64328F37AB0301C307
                                                                                                                                                                                              SHA-512:66965C94731371B9FA48F5054294CE2F7EEDE7AE8753887312A4D672ED1833FC8836F1A689D544F311DBF0FA2DDF98DD15B336FD8ECA72BCCA557C6226E61595
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......pl_PLB..........B........l......d.......E....`...|..............V......Z...H0.....H.......Jc...dH.M......R.......R....e@.S....I..Ui...P..W'......Zl...PX.\dg...I.l....^H.m....^..u...._..w.....^.z....`..z...a-.z....ap.}Ad..W`...D..A...l....I..0D..$...!...G6..?...b........B...........n..........=.../...K..#....@=.,.......ARt..&..O....=..U?......X....L..jm......v....L/.xU5...Z.|.%..w..|...9....>..........O.......I\..W...1.............. ...J.......y$..\q.....W...............r../b%..h..>.4..8..DD......L....Y..NI...J@.P....Cm.fC...........3....%..up......................=p...h..]...tT...G.....,v.+....V..9.b..H..Q....m..Z....{..s....lH.|lU.....~v...N.......?........... .......{...........<:...D..6.......7...i...TX..~......)........`..g...g...'..3B......?*...X..B.......j"w...?.l....9..m....!..p4....}.|....4..~....-....,...p.......'......c.......|W......Qo..h...E;...!..T.......D...1N......a..8...^...S..z5.........R...tt..No...@...i..e...'=...Q..2R.+S...pn.B.r.....

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtlocation_ru.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):43278
                                                                                                                                                                                              Entropy (8bit):5.356168092610647
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:768:3rPTr1n/lB1XR9r4BzDFT5PAwkS0bgbUfxiFvFMF0FxqV3SuqJS/sORhSrXQFy9Y:3Xr1n/lB1XR9r4BzDFT5PAw39iabS/s8
                                                                                                                                                                                              MD5:996499BE80ED1C7CBEB5D5B7702AB13A
                                                                                                                                                                                              SHA1:85AF08A5FCA90F6F727629852C5B3491DC808E23
                                                                                                                                                                                              SHA-256:8A8E223275E037F778A298415E65E64AEEEBF6B7E9ADE2C14B948C7C9F4CABB7
                                                                                                                                                                                              SHA-512:A0D9D6EF2CA0DC4A3436833F453978176222DC772D2BF2A8CEB0C374A2902543FFC065E9FDB520ADC96A3C73BD376FC60921EEF5D1E0942573BB9F0FA55ED446
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......ruB..........I........t......k.......L....`...[..............^......a...H0...#.C.......H.......Jc...k..M....T.R.......R....l..S....Q..Ui...X..W'......Zl...XE.\dg...(.l....e..m....e..u....f..w...."..z....h/.z...hj.z....h..}Ad.._W...D..G...l.......0D..*...!...NO..?...i....................n..........B.../...SR.#....F..,.....T.ARt..,..O....C..U?......X....TJ.jm....X.v....S..xU5...E.|.%..}..|...?x...>..........W....... ......P...W...7........&.....&^..J..."...y$..c......_...............y../b%..p..>.4..>>.DD......D`T...}.L....`..NI...Q..P....J..fC...$.......8....%..{{......"#..............CE...h..d...tT...T.....2..........+....^..0.....~.9.b..O..H.......Q....u..Z.......s....t..|lU...K.~v...V.......E,.......B.. .......{....f......A....D..<"......=,..i...\]..~..#...)........`..p0..g...-..07....S.3B......?*...`o.B.......j"w...8.l....>..m....'f.p4......|....:{.~....34...>.......,...#..............j...............YV..h...L....!..\.......K...1N..$...a..=...^......z5

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtlocation_tr.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):44395
                                                                                                                                                                                              Entropy (8bit):4.811993619856308
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:768:qo0WASFFI4gKsCdIMPSYq/55dGLup8cYZnN41Tanp3STycZlwGWnSGDizmbTFH4x:qoxASFFI4gKsCdIMPSYq/55dGLup8cYI
                                                                                                                                                                                              MD5:DFD4B72D5171CE9A026FAA6F7B266E73
                                                                                                                                                                                              SHA1:320DB1B71411E1CD84C0F80A7DAB4AB7290CB678
                                                                                                                                                                                              SHA-256:8B7A2708F61ADD594061C5C32AC84471AE475DBF1F8E42E22B9CC84BF941E679
                                                                                                                                                                                              SHA-512:AE99BA5A272F4823D843BAE0A35EE750DDEA01432AA0362955D7D2B0E2BCD2C25EB1B1A3C9C63516903DF6D20ABCD3DB26187FCAB163E81A227CF3BF71E03E2C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......tr_TRB..........KQ.......l......mB......N>...`...m.............._......ci..H0.....C.......H.......Jc...l..M....F.R.......R....n6.S....Rd.Ui...Y`.W'......Zl...Y..\dg...`.l....f..m....g4.u....h;.w....%Q.z....i..z...i..z....i..}Ad..`....D..Il..l....8..0D...0..!...O...?...j........c.......B...n..........ET../...T..#....H..,.......ARt..0&.O....F..U?......X....U..jm......v....U..xU5...].|.%...?.|...A....>...D......X.......L......Q...W...:X.............)Z..J...%...y$..eB.....`........7......{4./b%..q..>.4..@..DD......D`T...a.L....b..NI...R..P....K..fC...&.......;J...%..}Y......$...............E....h..fn..tT.........5..........+....`B.0.....J.9.b..Q+.H.......Q....wA.Z.......s....u..|lU.....~v...X.......G^.......... ..."...{...........Dw...D..>.......?...i...^...~..&O..)....~...`..q...g...0..07....q.3B...!..?*...b..B.......j"w.....l....A:.m....*@.p4......|....=%.~....6V...>.......,...W.......*......l|..............Z...h...M....!..^.......M/..1N..'...a..@...^.....

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtlocation_uk.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):24159
                                                                                                                                                                                              Entropy (8bit):5.295904676831055
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:I1056AkImnecIYOQ06jexFfjDtCrHawvt59eWbDDMtGBKag0XJoynMS8Dde5VVo9:IvAkImnVjexFfjDtCrHawvt59eW/DcGa
                                                                                                                                                                                              MD5:3A8469C2443C98944C21A44BB67C2B95
                                                                                                                                                                                              SHA1:6E716D3F505D2538BA39872AFEB408557B715DD1
                                                                                                                                                                                              SHA-256:1910621CE710A23F2FCE603CB3B78DA24A24C9DF497B3F26505EDD4A738B00E4
                                                                                                                                                                                              SHA-512:5938F030F95092275AF828729B70DE039E1A19DEFF764DEA5E26FECCD73276786C0D727998D3C280A71EEBD681310623A985E6DF3ADAB519E99113F575962A4E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......uk_UAB.......`..N_......D...H0..E..M...D..W'...M..\dg..J&.w.....J..l...L.......?.......X....n.....,....S2.P{...!..jm......xU5..I%.|.%..4....>..........VH..J...................0../b%..&..8Y... k.fC........%..2...............L...tT..X|.Q....,..Z....8..s....+).|lU..Ao.. .......{....C..~...`..)...U2...`..&X.3B......B....R\.j"w.....p4........,..M/..............9....]..%...1N......~....Q..^...e..z5..=P...@..<..+S......B.r..Mq.QS......m....P[.o....47..}...O%..........k....F..1N...2..(~......* ../..'1N..O..I............-x..(p..B{.....F...k...B...N.....l.^..........U.......A.......I...2....>..m...J....n......|...:...B..Q...2...L..<P...KC.Fy...LG.duu..=...=...N....~...9...Y..N...4...........+..-....>..-....G..v.U..?..v.U..H...L...R.......#...z~...;....../0..t....&..}............Y...~..._.#....E=.'.p..C..E.....a.H.......J....Q$.N....-..]....B..]....J..lY...<N.w....P...y...7.......W.......-..........&O......W....V..l....N..vr....m......@.......H.......K....P..*....>...v.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtmultimedia_ar.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):11486
                                                                                                                                                                                              Entropy (8bit):5.268991075562103
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:20UQRn2sg91xzuera9bIWo6P5qIJtzi82337ui:2ri2sgj6E6P5qizPWLui
                                                                                                                                                                                              MD5:C0A0146E0F690E7CFFF468D9D2B23BF8
                                                                                                                                                                                              SHA1:4649CDF3C53E6012810F44D8A8903EE7606F4B35
                                                                                                                                                                                              SHA-256:5FC10414E168C1161B8590A5C173D140D31B17CF450F0AC93E666EBF7A2FF908
                                                                                                                                                                                              SHA-512:6AA319C3CC6CEC5F6F06BDAE653F97E6B31D49DEB012DB84EE816DE5A6FFD0DD7A1395A8D387557081D87A6D54BE31EE8083A13B6BCB030CEAF4D7247701DC22
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......arB.....X.A..#.................Q.......R.....H.W.>.........%....1..#h.C|......OY....I.c....'k..]>...k..]>...M..................t..&F................|......W.......[C......p....%...#..."....n..........!..................zn......*......:.....@.C......w\^...X.............)...TD...g..T................N.....q3....z...........U.......T..............b........1..........."...............e.........c.....I.l.E.....l.E...C.l.E..)...6...'............a..$x. ^>.........!Y...... -......>............(>.#......K.s......s....t......'...n...A....&...Z..............X5A.....q.C.....x.....9...^...G...N......L.......M..."I......B.......P.w. .....};...._...... ........)..J....|.........?.............|....(...Q5..._..KT...ri..).....6.F.3.B. .E.D.A.Q.'.*. .R.A.W. .(.(.D.'. .*.1.H.J.3.).)..........RAW (headerless) file format.....AudioContainerControl.......F.3.B. .E.D.A.Q.'.*. .W.A.V..........WAV file format.....AudioContainerControl.....0.(.J.'.F.'.*. .P.C.M. .5.H.*.J.Q.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtmultimedia_bg.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):13683
                                                                                                                                                                                              Entropy (8bit):5.206041252254424
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:rcVs16vrAWygoSWLyZ5aQVa3A3mMa83DB3eAsk:rcVs16vrAWyoWuZ5aQVa3A2Maq93eAsk
                                                                                                                                                                                              MD5:15EA6B38E1EF62ABC6AE030ED6C665DB
                                                                                                                                                                                              SHA1:4F541734690E100747A99D259D2DAB948BE0D68A
                                                                                                                                                                                              SHA-256:ADD8675FBC2351FB6C8397ED36932F98553782DD4CE0498EFC5B89B050AC8626
                                                                                                                                                                                              SHA-512:B34A1465E59F156F87879F83BA350AE7D632CE246C079BDE2976ED53B6DC6CDED1989CF6C80F53CA94498AD3EC8E573F0B60D21EEDAC742F81D0FF3C78634FF3
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......bgB.....X.A..+.......$.........Q.......R.......W.>...2.....-....1..+".C|....B.OY...%...]>...S..]>..!........j..........t...n.............-..|...%..W.... ..[C......p....-...#...*{...n..........)U.................zn...,..*......:....#..C....G.w\^.........%i......1y..TD......T....U...........N.....q3....<......&g...U...}...........T..............b........1...........R......$....... ........).c.......l.E.....l.E.....l.E..2...6.../\......#@...a..,^. ^>...o.....(.......'.......P............0p.#......K.s......s.........../...n............Z............@..\T.."..X5A.....q.C...j.x.........^.......N...c..L.......M...).................w. .....};....B......(........I..J..............?..........!..|....0...Q5......KT...|i..2s....@.$.0.9.;.>.2. .D.>.@.<.0.B. .R.A.W. .(.1.5.7. .7.0.3.;.0.2.:.0.)..........RAW (headerless) file format.....AudioContainerControl.....".$.0.9.;.>.2. .D.>.@.<.0.B. .W.A.V..........WAV file format.....AudioContainerControl.....2...C.4.8.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtmultimedia_ca.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):14877
                                                                                                                                                                                              Entropy (8bit):4.495618627792468
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:xWSMgD83O3Oesgu143Ik6f0w633EyAo3tb3Mb3y3CJ3Q3IF+P/F8NdEF3g033T3m:9M28+eesgY4npUyd9bsiSJP+Xu6Q03j2
                                                                                                                                                                                              MD5:F4ACB5614C77260B4C1177CDB350942E
                                                                                                                                                                                              SHA1:C53DA2DACF580A48D18E4BC36B513A6402147F4C
                                                                                                                                                                                              SHA-256:99AAE58CE729312B4ED38DB7D8AA42C770EAA4CC3F669626F9BEB9676BC21EF2
                                                                                                                                                                                              SHA-512:E736DD2B985F8E579598E9465C662E2D53427FC4ED05FFC1DD1580DBA485021581AD4D0700A58E971A48FF9D6455597BA486078DEDF72CEAB8B02E557FB9FA37
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......caB.....X.A../........7.Q.......Q.....2.R.....V.W.>.........1....1../..C|......OY...(..c....3...]>..!...]>..&y......................%...........t..2h.............,.......5..|...)..W....$..[C......p....1...#...._.......~...n...a..............-7.................zn......*.............:....'..C......w\^.. @.....)U......5...TD......T....Q......#J...N...g.q3............:......*]...U.."D...T..............b....[...1..................({......%U.........c.......l.E.....l.E...s.l.E..6...6...3l......'8..{4...}...a..0L. ^>.........,.......+.......`............4..#......K.s...I..s...".......47..n........2...Z..............=.......X5A.....q.C.....x.........^.......N......L....t..M...-...............Z.w. .. ..};...$.......+...........J.........../..?....g.....%..|....5`..Q5......KT...zi..6.....L.F.o.r.m.a.t. .d.e. .f.i.t.x.e.r. .R.A.W. .(.s.e.n.s.e. .c.a.p...a.l.e.r.a.)..........RAW (headerless) file format.....AudioContainerControl.....(.F.o.r.m.a.t. .d.e. .f.i

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtmultimedia_cs.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):15906
                                                                                                                                                                                              Entropy (8bit):4.737087172418041
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:RcPvbZYqjMvs1eEt86I3f4EwKiZU8UkFPU:RcPvbZYRvs1e76I3w+8UsPU
                                                                                                                                                                                              MD5:3BBF388844D5DB68FBE5EF1ABF01031A
                                                                                                                                                                                              SHA1:257CC6C095C67000D4DE8F832F3447E0F755905D
                                                                                                                                                                                              SHA-256:6F116E7A2FDEFE84A890DF1718D235E61D5731BF7C2E3E57A838F6EC9EEDE0FA
                                                                                                                                                                                              SHA-512:3F2328AADF5A8DFECE7DDED754CAA2C3FCC861564D135C6C1D0699AAA57A986E62B652EC41352EDC0353927A512F72844A124EAC3D8551AED794731B8B13C039
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......cs_CZB.....MJ....1.OY......X.A..6%................Q.....G.R.....s.W.>...i..D..........7...}q.......1..5..C|......OY...0Q..]>..(!..]>..-.......%.......T.Qz....m...t..8h............#...|...,@.W....+f.[C.......#...4...[E......'....t......:...n...L......3...........0$...Q..zn......*...&-..*...').:..../2.C......w\^..&......0...TD..#G..T...".......)....N...X..K....*......1....U..)!......(............T.."G....... ...1.......1.. ..6..................../.......+...........V......W......c.......l.E...,.l.E.....l.E..!...Z2.......~.......~......6...9E..........&A.......a..6....S...o. ^>...*.I}b.........3.......1.................... j..'.............#......K.s......s...)....N..........9...n........8..N........Z...............\T...-.X5A.....q.C.....x.........~...p...N......L.......M...4 .....$J.......5.w. ..'..};...*...o....h......2w..........J...._..J....J.......?.....$...?..........,...Q5..%...KT..!k..G.....i..:[....(.S.o.u.b.o.r.o.v... .f.o.r.m...t. .R.A.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtmultimedia_da.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):13659
                                                                                                                                                                                              Entropy (8bit):4.616849544167846
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:Xr0R2Psma1C9gNjFjOMFyp/vSR5p2h8klZBrNQ:XAR2PsmEFewyp/aR2ieZBe
                                                                                                                                                                                              MD5:34BB0ECE3C0DB02ED3E1E73AE1932719
                                                                                                                                                                                              SHA1:E23C7790CAFBA427A3E70F705B7B4CBE9F228DDF
                                                                                                                                                                                              SHA-256:39D902411064CC5C5FD45742F1768022A1AE7953700741B2F608E3807E19110A
                                                                                                                                                                                              SHA-512:9E1C462D2535D7262127AF3DF8028E27F57C3352E97EB28F6D4055516D453C9F60775283DD4A63EDD3ECB76C557F94F82988545B5016B764EE1DB8CA13AA87F0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......daB... .X.A..+.......`.........Q.......Q.....p.R.......W.>.........- ...1..+L.C|......OY...%..c..../...]>...A..]>..#........t..........................t...\.....................'..|...&p.W...."..[C......p....-...#...*............n...I..............).......*..........zn...X..*...........T.:....$..C......w\^.........&.......1?..TD......T...._...... ....N...M.q3....l.......:......'....U.......T..............b........1...........<......%E......"..........c.....i.l.E.....l.E.....l.E..1...6.../,......$0..{4...W...a..,p. ^>.........).......'.......*............0V.#......K.s...#..s... `....../...n............Z..............=.....<.X5A.....q.C.....x.....{...^...{...N...'..L.......M...*...............<.w. .....};...!y......(|..........J....x.........?.........."..|....0...Q5......KT....i..2.....2.R...t. .(.h.o.v.e.d.l...s.t.). .f.i.l.f.o.r.m.a.t..........RAW (headerless) file format.....AudioContainerControl.......W.A.V.-.f.i.l.f.o.r.m.a.t..........WAV fi

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtmultimedia_de.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):15006
                                                                                                                                                                                              Entropy (8bit):4.524251350180448
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:szJCssbW1tE1I2oaaVCDKEeNByOApdLowK18C3B/:sz0ssbQt3IQBNSfK+gB/
                                                                                                                                                                                              MD5:2EA100003233A563C03EC7B0A0C0D2ED
                                                                                                                                                                                              SHA1:EF56DB962FC5217A0DAB92BCC6CABB1CBE825A00
                                                                                                                                                                                              SHA-256:7D1541468BD09F4A34E78595DAEBDCFD7BF71715C34BF95C2DCCE41BF5484155
                                                                                                                                                                                              SHA-512:799271B682DAC7C9DB10B8EB3BE5237355199A30013E08C92024C68A01806710971B0A812CBFDF023F21FD2A5298F1E3F4BFF9850D5D7E357BC12CA1F7164462
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......de_DEB.....X.A..0........7.Q.......Q.......R.......W.>...B.....1....1../..C|......OY...)..c....4...]>.."S..]>..').......Z..............Y.......i...t..3V........................|...*h.W....%..[C......p....2...#.../3.......L...n..................-...............E..zn...r..*... .........:....(r.C......w\^.. ......*.......6...TD......T....;......$....N...M.q3............@......+#...U..#"...T..............b........1...........L......))......%..........c.......l.E.....l.E...y.l.E..7...6...4<......'...{4.......a..1.. ^>.........-I......+.......B............5..#....g.K.s...g..s...#.......5...n...+....3...Z....+.........=.......X5A.....q.C.....x.....C...^.......N......L.......M...................T.w. ..!..};...$.......,...........J..............?..........&U.|....5...Q5......KT...di..7[....:.R.A.W.-.D.a.t.e.i.f.o.r.m.a.t. .(.o.h.n.e. .H.e.a.d.e.r.)..........RAW (headerless) file format.....AudioContainerControl.......W.A.V.-.D.a.t.e.i.f.o.r.m.a.t.........

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtmultimedia_en.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                              Entropy (8bit):4.0
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:j2wZC4n:CwZ
                                                                                                                                                                                              MD5:BCEBCF42735C6849BDECBB77451021DD
                                                                                                                                                                                              SHA1:4884FD9AF6890647B7AF1AEFA57F38CCA49AD899
                                                                                                                                                                                              SHA-256:9959B510B15D18937848AD13007E30459D2E993C67E564BADBFC18F935695C85
                                                                                                                                                                                              SHA-512:F951B511FFB1A6B94B1BCAE9DF26B41B2FF829560583D7C83E70279D1B5304BDE299B3679D863CAD6BB79D0BEDA524FC195B7F054ECF11D2090037526B451B78
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`...

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtmultimedia_es.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):17046
                                                                                                                                                                                              Entropy (8bit):4.488067064247524
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:qTAb/kqIRnp2Psn41kjT22m8T+dEw0Zpe4Q6fn87wZ9OdDq3D:MAb/kqIFUPsnKWhwcpeuf89da
                                                                                                                                                                                              MD5:F2E05CF385B73830C66997878BBE96C1
                                                                                                                                                                                              SHA1:1E5D672AB83BFB84ADE3C808F9A792F74FD1394B
                                                                                                                                                                                              SHA-256:0866911BFD4C6E78D3517EA298DE653CAEF0B7248AEFACDBA5236E7565A9B2A5
                                                                                                                                                                                              SHA-512:4C84CED507C284D7D50107F4086F30267F9057880F34320F54289F4E37761A4B7ABFA12A0BD6AD64E13ED0A7640E0B97555BE9B1D7B44B3C606CB0F581BBCA5A
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......es_ESB.....MJ....).OY......X.A..8@..............G.Q.......R.......W.>......D..........9...}q.......1..7..C|......OY...1...]>..)...]>...4......&.......Z.Qz....;...t..:.............$...|...2D.W....,..[C....).p....:5..#...7...[E..........P...n...C......5......"........u..0$......zn......*...'M.:....02.C......w\^..'......1.......=...TD..$Y..T...#.......+....N...g..K......q3... .......2....U..*!......)............T..#m.......H..b........1...!...1..!{.6....................0.......-...........V......W....Z.c.....w.l.E...F.l.E.....l.E..#..l.E..>....~.......~......6...;......./....a..8....S..... ^>.........5/......3.......w............ f.....<.........#......K.s...[..s...*....N..........<A..n..._....;/..Z....W..........\T.....X5A.....q.C.....x.........~...d...^...%...N......L....:..M...6c.....%H.......j.w. ..({.};...+...o....~......4...........J............W.....%...?....).....-~.|....=b..Q5..&...KT..".i..>.....J.f.o.r.m.a.t.o. .d.e. .a.r.c.h.i.v.o. .

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtmultimedia_fi.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):13883
                                                                                                                                                                                              Entropy (8bit):4.587256778643159
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:5xqudvG/srvG1YOIDcz0dIwMrOH5exEeTD5+oDwYKtToV8qxh+upeSIraT0wYnf6:/qudvG/srvAYO04xtTlrzKWeGgD6
                                                                                                                                                                                              MD5:F9B40CF075E511A54ACF25CD301B2A05
                                                                                                                                                                                              SHA1:C84D587DAC38A7E1747E420854978D1FC27A925E
                                                                                                                                                                                              SHA-256:628BE72C1DC70652AB302E2F8CCB9F3C328E7FDDDF7D8D1C5CE21056A9BA84F2
                                                                                                                                                                                              SHA-512:6D6C968D5A0F7FA46867A182261509C145522F8EC059AA4C42F28C4B38EF40A32CF2913F03BC800845B14BBE76AC6ED7F96E97C7BC4122C2B6D293D1E102D2BD
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......fiB... .X.A..,.......f.........Q.......Q.....V.R.....^.W.>...F.....-....1..,..C|......OY...&..c....0?..]>.. ...]>..$m.......L..............u...........t............................|...'n.W...."..[C......p.....W..#...+w...........n...W..............*m.................zn......*....o......t.:....%..C......w\^.........'.......2...TD......T....;......!....N...O.q3....t..............(....U.. ....T..............b........1...........6......&E......#_.........c.......l.E.....l.E.....l.E..2...6.../.......%(..{4.......a..-.. ^>...'.....).......(.......L............1..#......K.s......s...!>......0...n......../M..Z..............=.....t.X5A.....q.C.....x.........^...{...N...+..L....|..M...*...............,.w. ...U.};..."?......)t..........J..............?....w.....#..|....1...Q5......KT....i..2.....>.R.A.W.-.t.i.e.d.o.s.t.o.m.u.o.t.o. .(.t.u.n.n.u.k.s.e.t.o.n.)..........RAW (headerless) file format.....AudioContainerControl.....".W.A.V.-.t.i.e.d.o.s.t.o.m.u.o

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtmultimedia_fr.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16502
                                                                                                                                                                                              Entropy (8bit):4.523787100967048
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:0zjDNrhYqqg7mPOnkq4wKAAEF8XDj7Ps7I1HzGetICvxbTV60PZtR2TeZm6Pynsm:07Nrhp3kCvsPs7am0bRPpEOOzB
                                                                                                                                                                                              MD5:DF28B5BCDEDC3FDEAD3749E6A0861F81
                                                                                                                                                                                              SHA1:7F64D46BD5D6BF7254242CF0DBDE179954123719
                                                                                                                                                                                              SHA-256:622FB2AB66D224C946BBBE8B4B06CCB45EA4B1368BA0E822A07BAD4B7C4BBD36
                                                                                                                                                                                              SHA-512:97D9053A6A236CA72D042597B4A150D703082810C1DE3542491938C93BFA871D2998A34C53F597913C80D5D02E0D7EF0E0CEB8D0609BB71B478E7E25A3317163
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......fr_FRB.....MJ....1.OY....'.X.A..6...............w.Q.....h.R.......W.>...0..D..........8...}q.......1..6T.C|......OY...0S..]>..(a..]>..-P......%d........Qz....E...t..:.............$...|...1..W....+..[C....c.p....8...#...5...[E...\..........n..........4...........0$......zn......*...&..:..../..C....#.w\^..'......0.......<'..TD..#...T...##......*S...N......K...........1....U..)e......)............T.."...........b........1.......1..!..6............. ....../.......,:.......'..V......W....\.c.......l.E...t.l.E...F.l.E.."U...~.......~......6...9............a..7|...S..... ^>...Q.....3.......2q......1............ ......;"........#......K.s......s...)....N...<......:>..n........9n..Z...............\T..-..X5A.....q.C...R.x.........~...b...^.......N.../..L.......M...5......$..........w. ..'..};...*...o...........3R.......-..J............W.....$...?..........,..|....;...Q5..%...KT..!.i..<.....H.F.o.r.m.a.t. .d.e. .f.i.c.h.i.e.r. .R.A.W. .(.s.a.n.s. .e.n.-.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtmultimedia_hu.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16463
                                                                                                                                                                                              Entropy (8bit):4.657374409195896
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:RtGHxItMx2ssKAo0MZZPPXlDtAxb+tceVYwG9s4VbnzKMy9J:RtGHxItMx2ssKAo0MZZPPXlhkb+tceV3
                                                                                                                                                                                              MD5:286A43C2C0699E792A63123EE3D11D89
                                                                                                                                                                                              SHA1:2611BA80FBEF67CBE0C61CA981D5B37FD2841AEC
                                                                                                                                                                                              SHA-256:589D857B96CB1C8E6DCB018C8CDAF71BF06D31AA1271867F8572183C9394F8D7
                                                                                                                                                                                              SHA-512:92A7865CD3FF0CF2277100368193ABBF5557B4CF4323EF60DB998B1DA2317B9663E5199ADD6F6CA2F873942B5BAA40588253DE7F1335F0526380A00C63F4DA5F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......hu_HUB.....MJ......OY......X.A..6D......Z.........Q.......R.......W.>......D....G.....7...}q...<...1..5..C|....N.OY.../...]>..'...]>..,.......$.......p.Qz........t..9.............#I..|...0f.W....+..[C....K.p....8W..#...4...[E..........p...n..........3......!@.......U..0$...Q..zn......*...%..:.....v.C....u.w\^..&>.....0.......;...TD.."...T..."u......)....N......K....J.q3...........1....U..(.......(V.......y...T..!........b..b........1.......1.. /.6..................../3......+........Y..V......W......c.....k.l.E...x.l.E...,.l.E..!..l.E..<K...~.......~......6...9............a..6....S..._. ^>.........39......1.....................*.....:.........#....?.K.s......s...)3...N...L......:K..n...5....9_..Z....1.......P..\T..-..X5A.....q.C.....x.........~...L...^...1...N......L.......M...4I.....#..........w. ..&..};...*V..o...........2........e..J............#.....$)..?..........+..|....;P..Q5..%...KT.. .i..<.....B.R.A.W. .(.f.e.j.l...c. .n...l.k...l.i.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtmultimedia_it.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):17194
                                                                                                                                                                                              Entropy (8bit):4.475777186094896
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:UC3TmO4QKfnqfbFgmLf6i5zmQjEPsT2i31ZG+f4YdzPXegWZQ3lQPmNEx4EzO31c:Uyrx0CaPsqkhjEeDUSBNs3h
                                                                                                                                                                                              MD5:74E75500E4026F2DB8FF298B548E928A
                                                                                                                                                                                              SHA1:085B10C64A4CF22444174805BCB6BA0AB5CCFC57
                                                                                                                                                                                              SHA-256:ACA8D4DD145E671D827E582496F20281DC559AC91E7E13F88CF508BC2D6301ED
                                                                                                                                                                                              SHA-512:6C20E99834D3033FC85FF23A9EFDD3D2DB4A40CDF24D69C04CA2470EEC4FF38469CDBE89DD62C4C620E9E3456D123F205A8A958E4FC717018BA832E9764BB2EF
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......it_ITB.....MJ....'.OY....U.X.A..8...... ........).Q.......R.......W.>...@..D..........:X..}q.......1..8T.C|......OY...2Q..]>..*3..]>../^......'0........Qz....I...t..;.............%...|...3$.W....-..[C......p....;...#...7...[E...j..........n..........6......#...........0$......zn...T..*...(c.:....1..C......w\^..(......2.......>o..TD..%e..T...$.......,=...N......K......q3...!.......3....U..+I......*............T..$w..........b....#...1.......1.."s.6.............P......1........,..........V......W....R.c.......l.E.....l.E.....l.E..$#.l.E..?....~.......~......6...<v......0....a..9....S..... ^>.........5.......4.......E............!d.....=n........#....O.K.s...Y..s...+....N...Z......<...n........;...Z...............\T..0..X5A.....q.C.....x.....5...~...R...^.......N...y..L.......M...7......&V.......>.w. ..)..};...,...o...........5Z..........J............U.....&...?.............|....=...Q5..'...KT..#.i..?g....J.F.o.r.m.a.t.o. .f.i.l.e. .R.A.W. .(.s.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtmultimedia_ja.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):14337
                                                                                                                                                                                              Entropy (8bit):5.741374393238018
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:zn1pQ8PxuF2WQMeOSJASTswQZs7WWdiTA6V8x:c8PxuF2WQMeOSJASTxQZs7WbTAWs
                                                                                                                                                                                              MD5:27259833BCDE1CA4438A41863C9345DA
                                                                                                                                                                                              SHA1:ECD2404A31215E2D814125D3DBD5ADC7C6D45083
                                                                                                                                                                                              SHA-256:F9A888586C42C22894CCB4180257C2DE70299FF5D540087BC334DA74A8DD5969
                                                                                                                                                                                              SHA-512:EA82A4CEB38CD6B134AB37A6257D88D6019D25B82D6B6E855A4ABA19A2403D18CBE9AA463CFB857EE221CA787EF47080336D9A1459F23F3582E5BD726A4BF84F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......jaB.....MJ.... .OY......X.A....................Q.....q.R.......W.>...q..D....h...../...}q.......1..-..C|......OY...)D.l........]>..#4..]>..'....... .........M.......Qz........t..1......{..........|...)..W....%..[C......d.....9.p....0r..#...-J..[E..............n.......1..........,F..........0$......zn......*...!..:....(W.C......w\^.."+.....).......3:..TD...h..T...........$....N......K...........*V...U..#.......#........v...T...........S..v....7..b........1... ...1.......1...}.6.....[.H.C..................(.......&1..........V....c.W....W.c.......l.E.....l.E.....l.E.....l.E...\.l.E..3....~.......~...........~..6...1.......'....a../....S..... ^>.....5.t.........+.......*..............F......=......%.....2}........#....h.K.s......s...$`...N...!......2...n......w...}....1f..................Z...............\T..'..X5A.....q.C...a.x.........~.......^.......N......L....%..M...,...... /.......S.w. .."..};...%C..o....w......+i.......L..J................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtmultimedia_ko.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):11006
                                                                                                                                                                                              Entropy (8bit):5.779927341401355
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:rtqk8es6911OXRidgBnSQyHu5SW18acLhn:ps69rOHnzSW+acLB
                                                                                                                                                                                              MD5:0161C0622AE59F0331FDE6C2D901327B
                                                                                                                                                                                              SHA1:BC497F30FA42A5F73D2B4917FC2C12496EAFEE78
                                                                                                                                                                                              SHA-256:F512A5E985535D0309F737E6156F5959AE9B6405E65FF76ABAE5A139332F2C7A
                                                                                                                                                                                              SHA-512:903135B6C0D329F92B3617725749C64D1B24A28673BE325C471221C36378B01752AB57FB308CC6A69CA8D832C9BA1B472579320A55F48C3958093BE215B67107
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......koB.....X.A.."l.......q.Q.......Q.......R.....".W.>.........#....1..!..C|......OY......c....%...]>...o..]>...........&..............+.......k...t..$.........................|....2.W.......[C....[.p....$...#...!g.......(...n...C.......*...... .......P.......k..zn......*....+........:.......C....9.w\^...z.............'...TD......T....U...........N.....q3........................U.......T..........."..b...._...1...................5.................c.....=.l.E...\.l.E.....l.E..'...6...%X.......X..{4...m...a..".. ^>...U..... ........-...................&T.#......K.s...;..s....R......%...n........$...Z............P.=.......X5A.....q.C.....x.........^.......N...g..L....z..M... .......t.........w. .....};....'..................J....f.........?...........Y.|....&...Q5......KT....i..'..... .R.A.W.(..T. ....). ...|. ..............RAW (headerless) file format.....AudioContainerControl.......W.A.V. ...|. ..............WAV file format.....AudioContainerContro

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtmultimedia_pl.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):12237
                                                                                                                                                                                              Entropy (8bit):4.698903308278698
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:ej9dNDgWPsRh14pT260/C5nwL8CCQhoTBsyX2+N8dfu3:e5fDgWPsRXGq6sC5wYCCQ3z+Gf8
                                                                                                                                                                                              MD5:2F3EA58057D8F5EE06B505B41079C981
                                                                                                                                                                                              SHA1:13D38D2B95CC473A5C5CD1D6A3BD9FF69B5351B3
                                                                                                                                                                                              SHA-256:3C4CB711F6A59E5B19E4ADC0D0A6BE63C0BB55F15626AD640DB1BFD1D1363664
                                                                                                                                                                                              SHA-512:B8D5BE73F0291B4A63603541A0174C9E59E9C3C7A5560471B28FEC08B65D1ADFFBE4D52516D3A611E4B81941199103A4367B7A936198F12F2AEDC4245C810A08
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......pl_PLB.....X.A..&I......6.........Q.......R.....6.W.>.........'....1..%..C|....J.OY......c....*0..]>...W..]>...........f..........t..(.................|... {.W.....Y.[C......p....(J..#...%.......#..................zn......*......C....c.w\^......... ......,...TD......T....7...........N.....q3....L......!....U.......T..............b........1...........H.......<...............[.c.......l.E.....l.E..._.l.E..,...6...)............a..&.. ^>.........#^......!.......T............+-.#....i.K.s......s...........*...n..._....)N.X5A.....q.C.....x.........^......L....X..M...$`................w. .....};..........."...........J..............?....]......=.|....+...Q5......KT...ti..,.....@.F.o.r.m.a.t. .p.l.i.k.u. .R.A.W. .(.b.r.a.k. .n.a.g.B...w.k.a.)..........RAW (headerless) file format.....AudioContainerControl..... .F.o.r.m.a.t. .p.l.i.k.u. .W.A.V..........WAV file format.....AudioContainerControl.....8.D.a.n.e. .d.z.w.i...k.o.w.e. .w. .p.o.s.t.a.c.i. .P.C.M

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtmultimedia_ru.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):14109
                                                                                                                                                                                              Entropy (8bit):5.264248799271436
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:QKqItPsF4e6V1gHrptgfwwstDEp6SdZ9ZAUfiYNFzF0XJyo9Ea56V8C7Q7+ESqbj:QKZPsKZgt8dwYWXfEatierSqzb
                                                                                                                                                                                              MD5:1841A70C30F9A2F3AA3F5BAEFF9208EE
                                                                                                                                                                                              SHA1:3C9594CF1F3E2E64A74C32094F3B9A032C7E7FB1
                                                                                                                                                                                              SHA-256:32C1118415F25A378D356CF01652393C8F9063145BC8F8A93C4F992166FA9D4D
                                                                                                                                                                                              SHA-512:1C6A6A2775109FA28717913E35370CDCA5BD60C229CFD5BD63066044964EB165D65634B32E5BC6BBC4D6CBFACDB9C35B5192295CFDB85A88A9FC0A6E71704CD2
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......ru_RUB.....X.A..-..........Q.......Q.......R.......W.>..........b...1..,|.C|....>.OY...&..c....1...]>......]>..$M......................#...........t../.........................|...'N.W...."..[C......p..../...#...+............n..................*...............{..zn......*...........@.:....%n.C......w\^...b.....&.......2...TD...;..T...........!P...N.....q3............<......'....U.. P...T...i..........b........1..._.......6......&.......#........g.c.......l.E.....l.E.....l.E..3w..6...0.......$...{4.......a..-.. ^>.........*.......(.......J......j.....1..#....O.K.s......s... .......1[..n...U....0...Z....C.......P.=.......X5A.....q.C.....x.........^...e...N......L....:..M...+=................w. .....};...!.......)p.......k..J...........s..?....5.....#..|....2`..Q5...A..KT....i..3.....@.$.>.@.<.0.B. .D.0.9.;.0. .R.A.W. .(.1.5.7. .7.0.3.>.;.>.2.:.0.)..........RAW (headerless) file format.....AudioContainerControl..... .$.>.@.<.0.B. .D.0.9.;.0. .W.A.V.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtmultimedia_sk.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):9896
                                                                                                                                                                                              Entropy (8bit):4.651417016192566
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:ymzlPsi1CPNRUNEjHE4YdKNoKBrbd8vFPe:1Psc6gEjHE4YdaNBH2vFPe
                                                                                                                                                                                              MD5:D9B73E1E553693BBE20729B972166E70
                                                                                                                                                                                              SHA1:6FBE8ACAF2671791C9043508D4FC6D8E5B804C7B
                                                                                                                                                                                              SHA-256:82F544F31FFB0CE80340F445AD2C8E2BA57969413EF9B5D10FE4322BB96A6851
                                                                                                                                                                                              SHA-512:BA376AE10C71C9770D60B6E3D177F5FE26C7A496B53E4F50686B6B538B71CB7D397B01012C334C26C85B2A62B436E7600B4CE847AF7D93F1514101DD9EF6175C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......sk_SKB...8.X.A.. q.].....N.....!....1.....OY.......]>...3..]>.....................+........t.."Z...A.......=......|....>..|......W........#....<..'............0..........*....5..*....=.:.......QM^.....w\^..........#.......'.......~...U...-.......i...............................Q.......0.........l.E...n..6...#?..........&A......b...D...a..!.. ^>......tQ.................. .........'....Z.#....h..s...........#...a...h.........nE........"..N.....$..Z....}..\T......y.......L....y..M..............w. .....};...............J....Y..?....y......4.nP9......Q5......G.....i..$A....".R.A.W. .f.o.r.m...t. .s...b.o.r.u..........RAW file format.....AudioCaptureSession.....".W.A.V. .f.o.r.m...t. .s...b.o.r.u..........WAV file format.....AudioCaptureSession.......P.C.M. .a.u.d.i.o. .d...t.a..........PCM audio data.....AudioEncoderControl.....0.K.a.m.e.r.a. .n.i.e. .j.e. .p.r.i.p.r.a.v.e.n............Camera not ready.....CameraBinImageCapture.......J.P.E.G. .o.b.r...z.o.k.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtmultimedia_tr.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):13295
                                                                                                                                                                                              Entropy (8bit):4.762391970296969
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:05P7BsqxeP7OZaiOkP+HxW6gt5wQha7JVjSprkcJmcM8:AP7BsqxK7OZ9ORHQdt5XhAJVjSprtJmY
                                                                                                                                                                                              MD5:E7E3EA251F76ED3C680CE40CB2C62250
                                                                                                                                                                                              SHA1:92625294D74741F479D28C2C3110DCF0C815DB2F
                                                                                                                                                                                              SHA-256:1C79A82DCD0314EBEC350293FFFE9E2CD35CCC6BD63C449C178D42EF1DA375CF
                                                                                                                                                                                              SHA-512:F7997F9424C65CC9F880D211919E06157073B9083BA54435BF7BAF2AD806104DEA4E985EB055998DFECD73D00613E42F1C62C799AA4BA505A0BDDF36C3AC8594
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......tr_TRB.....X.A..**.......C.Q.....f.Q.......R.....0.W.>...n.....+....1..)..C|......OY...$..c........]>......]>..!...................................t..,..............h..........|...$..W.... s.[C......p....,1..#...(............n...........|......'..................zn......*....%........:....#..C......w\^.........$g....../...TD...C..T............8...N.....q3....8..............%Y...U...X...T...c..........b........1...........B......#....... ..........c.......l.E.....l.E.....l.E..0g..6...-......."...{4.......a..*.. ^>.........'A......&.......F............/..#......K.s...Q..s............m..n...C....-7..Z....!.........=.......X5A.....q.C.....x.........^...g...N......L....|..M...(;......&.......r.w. ...#.};...........&........-..J....~.........?..........!I.|..../l..Q5...m..KT...@i..0.....8.R.A.W. .(.b.a._.l.1.k.s.1.z.). .d.o.s.y.a. .b.i...i.m.i..........RAW (headerless) file format.....AudioContainerControl..... .W.A.V. .d.o.s.y.a. .b.i...i.m.i.........

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtmultimedia_uk.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):15781
                                                                                                                                                                                              Entropy (8bit):5.306567482773278
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:1RamDXePsF0HwX1Rsd6ml+0HHCiwMmcrSWo2:XamDXePsF0HwXfsYm+0HHCiwM5SWo2
                                                                                                                                                                                              MD5:1E8E91CAD32A6610D54E838C803E93C7
                                                                                                                                                                                              SHA1:073965FDDD20601A8348B548DDB174B832D735B1
                                                                                                                                                                                              SHA-256:EBF67318490F70C765B50B6CC4EB3CD4C0EAB9FF10A19BC44A0489B24CECD834
                                                                                                                                                                                              SHA-512:29C1F790613F0B2D41685F0F6A6B910F66BD61C035F8A5B3CF4B18A7C92E4D221B1DC6C27DE67803E8FE654DE3B3BCEB2746F5B510D9CB79AC1BC943D1D73B38
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......uk_UAB.....MJ......OY......X.A..3.......j.........Q.....8.R.....p.W.>......D....C.....5 ..}q...4...1..3|.C|....V.OY...-...]>..&3..]>..*.......#t......v.Qz........t..6<............"-..|......W....)`.[C....;.p....5...#...2...[E..........v...n..........1...... ...........0$...S..zn...&..*...$..:....,..C....u.w\^..%.......7......8...TD..!...T...!Y......(....N......K....8.q3....p....../+...U..'3......&........s...T.. ...........b....{...1.......1.....6....................-a......)........]..V......W......c.....'.l.E...l.l.E...$.l.E.. ..l.E..9....~.......~......6...7.......,6...a..4....S...c. ^>.........1E....../...........................8.........#....}.K.s......s...'....N...D......7w..n........6...Z....u.......t..\T..+..X5A.....q.C...~.x.....9...~...H...^.......N......L.......M...2i....."..........w. ..%..};...(...o...........0...........J..................#...?..........*F.|....8z..Q5..#...KT....i..9.....@.$.0.9.;. .D.>.@.<.0.B.C. .R.A.W. .(.1.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtmultimedia_zh_TW.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):9951
                                                                                                                                                                                              Entropy (8bit):5.774304533562878
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:2RHL3+0SNWeYxupp/mptZFp4tiUIHuewNSrNSh5NBBVJV69tDxTZBm59bN/5yQKq:IrkrYsEt14q8YrYLBbJVGDL4xK8NfYI
                                                                                                                                                                                              MD5:0017FC26EB26E431C09349A310AD6208
                                                                                                                                                                                              SHA1:C37FC24AED1827F81D2B2B8C673DC9BDD5CE7676
                                                                                                                                                                                              SHA-256:981492BD3B7A83B280F7DE296BE80D55FC3150A45358F93745E4BE3DDEEC5CB7
                                                                                                                                                                                              SHA-512:55896D19DA1CDDE36201D9B0EE268298CE63CB1F7145762E66E426EACCDAC5F8333FD617986697937EC5F000274BF2F066F38E3CEE879649D35E75CFCC92F034
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......zh_TWB... .X.A..........v.........Q.......Q.....>.R.......W.>..............1...T.C|......OY....y.c....!...]>......]>..........................O...........t.. .........................|......W.......[C....5.p.... K..#................n...7.......r..............<..........zn...z..*.............:.......C......w\^...&............."...TD......T..../...........N.....q3....................s...U...r...T..............b........1...................#.......9.......m.c.....9.l.E...D.l.E.....l.E..#U..6...!p.......b..{4.......a...<. ^>...s.................................."R.#......K.s......s...........!...n...{....!...Z..............=.......X5A.....q.C...F.x.........^...i...N......L....2..M....]......D.......p.w. .....};....y.......^..........J....b.........?.............|...."...Q5...[..KT....i..#.......R.A.W. .(q!j..-.). j.hHh<_...........RAW (headerless) file format.....AudioContainerControl.......W.A.V. j.hHh<_...........WAV file format.....AudioContainerC

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtquickcontrols2_ar.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):640
                                                                                                                                                                                              Entropy (8bit):5.064844698059605
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12:lKcoAaCnY6CIyLmGP+MIfB/yq+Y/WJMI9Lntig3Kc6uvRIBUt21lyy/u:lKcoA2LLmGP65Kq+YeTBnPKUvRIU2vVm
                                                                                                                                                                                              MD5:1440AA7B6614116DB3D0B8ECBBEF4734
                                                                                                                                                                                              SHA1:B26EC8C3694715DE9F09C39430DD9BE14FCBD23D
                                                                                                                                                                                              SHA-256:C5CEEC934C9CCFE34F2DB92F9DDC37A2D3941D7EA3D7992422C341FD8ACF783D
                                                                                                                                                                                              SHA-512:F7A09C0FF113FB95F9F0C9B9B55E6719E9CE01989E382614F8E74EE8759F3E61CCE0D3EF7AF6B6BF12A981B0A7510A41C92DDC66207F5471A7832E8FFBA9C851
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......arB... .Y.......A%......9.......l<n....i...+....L.D.'. .J.E.C.F. .%.F.4.'.!. .3.J.1.H.1.). .E.F. .S.t.a.n.d.a.r.d.B.u.t.t.o.n.........+Cannot create an instance of StandardButton.....QQuickPlatformDialog.....6.%.F.Q. .D.i.a.l.o.g. .5.F.A. .#.3.'.3.J.Q. .E.,.1.Q./......... Dialog is an abstract base class.....QQuickPlatformDialog.....,.%.F.Q. .M.a.t.e.r.i.a.l. .5.A.). .E.1.A.B.)......... Material is an attached property....#QtQuickControls2MaterialStylePlugin.......%.F.Q. .U.n.i.v.e.r.s.a.l. .5.A.). .E.1.A.B.).........!Universal is an attached property....$QtQuickControls2UniversalStylePlugin...............$...*.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtquickcontrols2_bg.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):707
                                                                                                                                                                                              Entropy (8bit):5.046917980131797
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12:ks7hEPIyYUamGP+MI61UzHWJMImbVchstig3lpyVchkIBUt21l1:kbYHmGP66uyTrsPLFkIU2v1
                                                                                                                                                                                              MD5:69B7A99D8EDF9D37D7A06336F7E7AA35
                                                                                                                                                                                              SHA1:45FD45D045964181745718628A73E0B0A17A9940
                                                                                                                                                                                              SHA-256:E7F1855D2B969F6BD25FAE1161C148FDA7977D3863D466543EA70BB7159EA063
                                                                                                                                                                                              SHA-512:05CCBE19D392756BB1AE2AA60B307EC7072490C3C55D5F8AB36C39B8497428A42EFE9395D807002FD121410E9A53D791238E7608339B2B48EEBC6AAFF9BDA8DB
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......bgB... .Y.......A%......9.....K.l<n....i...{....r.!.J.7.4.0.2.0.=.5.B.>. .=.0. .>.1.5.:.B. .>.B. .:.;.0.A.0. .S.t.a.n.d.a.r.d.B.u.t.t.o.n. .5. .=.5.2.J.7.<.>.6.=.>.........+Cannot create an instance of StandardButton.....QQuickPlatformDialog.....<.D.i.a.l.o.g. .5. .0.1.A.B.@.0.:.B.5.=. .1.0.7.>.2. .:.;.0.A......... Dialog is an abstract base class.....QQuickPlatformDialog.....> ..M.a.t.e.r.i.a.l .. .5. .?.@.8.:.0.G.5.=.>. .A.2.>.9.A.B.2.>......... Material is an attached property....#QtQuickControls2MaterialStylePlugin.....@ ..U.n.i.v.e.r.s.a.l .. .5. .?.@.8.:.0.G.5.=.>. .A.2.>.9.A.B.2.>.........!Universal is an attached property....$QtQuickControls2UniversalStylePlugin........

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtquickcontrols2_ca.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):899
                                                                                                                                                                                              Entropy (8bit):4.438469959975275
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:LNo5lmRwmGP6XAK/9mQvT0i/IoU9w/+POj/qIU2v1:LmCRnGCX9/EQvT04c9+MQP
                                                                                                                                                                                              MD5:4859BBDD4DB35BB7887BEF441A671F60
                                                                                                                                                                                              SHA1:65247A8ABF572B199131168D9143F0CCA70ED679
                                                                                                                                                                                              SHA-256:AA2E815318F160EF24F942A67AC10F08EC3A4498582F9F42179F97CDC91B7DD3
                                                                                                                                                                                              SHA-512:1E22FB92777ED7A8DB24D0B087F3F8A4C606698EE1FEE7F94CDC562A9CF55E698BF8AD9CDB942F2D0AE3796DD1F51D5E8D64B50CED87E7114104D325ACE08258
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......caB...(.Y.......A%............Y.9.......l<n....i...3....j.N.o. .s.'.h.a. .p.o.g.u.t. .c.r.e.a.r. .u.n.a. .i.n.s.t...n.c.i.a. .d.e. ...S.t.a.n.d.a.r.d.B.u.t.t.o.n...........+Cannot create an instance of StandardButton.....QQuickPlatformDialog.....R.E.l. .d.i...l.e.g. ...s. .u.n.a. .c.l.a.s.s.e. .d.e. .b.a.s.e. .a.b.s.t.r.a.c.t.a......... Dialog is an abstract base class.....QQuickPlatformDialog.....D...I.m.a.g.i.n.e... ...s. .u.n.a. .p.r.o.p.i.e.t.a.t. .a.d.j.u.n.t.a..........Imagine is an attached property...."QtQuickControls2ImagineStylePlugin.....F...M.a.t.e.r.i.a.l... ...s. .u.n.a. .p.r.o.p.i.e.t.a.t. .a.d.j.u.n.t.a......... Material is an attached property....#QtQuickControls2MaterialStylePlugin.....H...U.n.i.v.e.r.s.a.l... ...s. .u.n.a. .p.r.o.p.i.e.t.a.t. .a.d.j.u.n.t.a.........!Universal is an attached property....$QtQuickControls2UniversalStylePlugin........

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtquickcontrols2_da.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):855
                                                                                                                                                                                              Entropy (8bit):4.398252531163999
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:X/fgAqt6WLmGP62TZTksoUjoAlLyPheRuWAlLGIU2v1:XwFtL6GCgZTJjoAqhOAd
                                                                                                                                                                                              MD5:3DEBE12BABA8DDB8C66337CBA56F2BFD
                                                                                                                                                                                              SHA1:20E01040905D715E544BB809899125F072E2F107
                                                                                                                                                                                              SHA-256:5383A65754524530DDFD461FAD7CF8A3F60A39C12B4A0A6D1F33DACC8E9240FB
                                                                                                                                                                                              SHA-512:B458F41CFF78A507B1EED1E709462160C87FA491A1B34E736481D8DDD4E4955CBC67DEF2D786D336F7D01077F94E3107466B3E9B7F79B0DAE6D209231706A0B4
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......daB...(.Y.....i.A%............9.9.......l<n....i........Z.K.a.n. .i.k.k.e. .o.p.r.e.t.t.e. .e.n. .i.n.s.t.a.n.s. .a.f. .S.t.a.n.d.a.r.d.B.u.t.t.o.n.........+Cannot create an instance of StandardButton.....QQuickPlatformDialog.....B.D.i.a.l.o.g. .e.r. .e.n. .a.b.s.t.r.a.k.t. .g.r.u.n.d.k.l.a.s.s.e......... Dialog is an abstract base class.....QQuickPlatformDialog.....@.I.m.a.g.i.n.e. .e.r. .e.n. .t.i.l.k.o.b.l.e.t. .e.g.e.n.s.k.a.b..........Imagine is an attached property...."QtQuickControls2ImagineStylePlugin.....B.M.a.t.e.r.i.a.l. .e.r. .e.n. .t.i.l.k.o.b.l.e.t. .e.g.e.n.s.k.a.b......... Material is an attached property....#QtQuickControls2MaterialStylePlugin.....D.U.n.i.v.e.r.s.a.l. .e.r. .e.n. .t.i.l.k.o.b.l.e.t. .e.g.e.n.s.k.a.b.........!Universal is an attached property....$QtQuickControls2UniversalStylePlugin........

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtquickcontrols2_en.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                              Entropy (8bit):4.0
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:j2wZC4n:CwZ
                                                                                                                                                                                              MD5:BCEBCF42735C6849BDECBB77451021DD
                                                                                                                                                                                              SHA1:4884FD9AF6890647B7AF1AEFA57F38CCA49AD899
                                                                                                                                                                                              SHA-256:9959B510B15D18937848AD13007E30459D2E993C67E564BADBFC18F935695C85
                                                                                                                                                                                              SHA-512:F951B511FFB1A6B94B1BCAE9DF26B41B2FF829560583D7C83E70279D1B5304BDE299B3679D863CAD6BB79D0BEDA524FC195B7F054ECF11D2090037526B451B78
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`...

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtquickcontrols2_hu.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):350
                                                                                                                                                                                              Entropy (8bit):4.492792182837576
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:CwZwl9pqyfDceCyUdnYtcIlRpkzGcpBWeYyUdnYt5I/o87Mq2Jt:1wl9pPDYvGvlRpkFpBWeYvG5I9Iq2v
                                                                                                                                                                                              MD5:5BD0CEDEAA3E3382A00F1DEE10D422B3
                                                                                                                                                                                              SHA1:CAAE15F8D807CEAE4B7E0F36990A02E9E7C7696A
                                                                                                                                                                                              SHA-256:F9AA79A149A1E9E40853A50151AF1A50D7541B3EDBFD9FB645DC0EE0A90B7EA9
                                                                                                                                                                                              SHA-512:4B680AC3E45A4315B2EA2038427387E5D93E330BABA14C7FFC24596FA7558959670ED4888A6930548E5AF760282422D10E01E6BF6F0BA6945E3E0B1DF122E29D
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......hu_HUB.....Y.......9......i...*....@.A.z. .a.n.y.a.g. .e.g.y. .c.s.a.t.o.l.t. .t.u.l.a.j.d.o.n.s...g......... Material is an attached property.....QtLabsMaterialStylePlugin.....L.A.z. .u.n.i.v.e.r.z...l.i.s. .e.g.y. .c.s.a.t.o.l.t. .t.u.l.a.j.d.o.n.s...g.........!Universal is an attached property.....QtLabsUniversalStylePlugin.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtquickcontrols2_ko.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):690
                                                                                                                                                                                              Entropy (8bit):5.273678493199002
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12:+NSIy0iamGP+MIS/WJMIelIqpzXGEoUJNXFtig3B/hXbIBUt2v:B0xmGP6SeTelHzXJoUJNXFPB/hXbIU2v
                                                                                                                                                                                              MD5:AE44D1F62EC84DC312C8BEDC0D7250D3
                                                                                                                                                                                              SHA1:F2C18B164E4007D819791F15E64502C4751B795F
                                                                                                                                                                                              SHA-256:4E477FAC4401B59D85867DF737E60F57FEFF0FCA913C3DEA1E51044FF89395F9
                                                                                                                                                                                              SHA-512:90A711353FC29F05674D88E73A84ADC624FA0539591A5D1C2B90E6C2F0D67404D3AA0FFFF9FD56FCE5E50482BAF3030BB2469E6DE322F28FC82B3D211A7BF4ED
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......koB...(.Y.......A%..............9.....q.l<n....i...i....:.S.t.a.n.d.a.r.d.B.u.t.t.o.n.X. .x..4..|. .... ... ...L.........+Cannot create an instance of StandardButton.....QQuickPlatformDialog.....$.D.i.a.l.o.g... .... .0... .t............. Dialog is an abstract base class.....QQuickPlatformDialog..... .I.m.a.g.i.n.e.@. ...... ...1...........Imagine is an attached property...."QtQuickControls2ImagineStylePlugin.....".M.a.t.e.r.i.a.l.@. ...... ...1.......... Material is an attached property....#QtQuickControls2MaterialStylePlugin.....$.U.n.i.v.e.r.s.a.l.@. ...... ...1..........!Universal is an attached property....$QtQuickControls2UniversalStylePlugin.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtquickcontrols2_tr.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):819
                                                                                                                                                                                              Entropy (8bit):4.598550011080922
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12:i82CIycXWmGP+MIcKOs/CJ/WWJMIcMTSEoUdylJAlyZtig3XWAly3IBUt2v:i82WoWmGP6GRTcwoUiAl0PXWAlsIU2v
                                                                                                                                                                                              MD5:085DA3BBE39EC4D508B1B7080D7CF92B
                                                                                                                                                                                              SHA1:FC09BB856F1B29C223C4224700D5AAE128592206
                                                                                                                                                                                              SHA-256:32844E80FB14809C9B8C901886FB83EA56355E2F9470FA5616CB96F87133629F
                                                                                                                                                                                              SHA-512:BF85B7E408C2AF4B49297376B016075DFD496EE30207D1A0C9B1DB998A389FB1B70875097C6A40A3DD7B1BA33D1FF98271F7DE7E41F6A2189BC8813D7694AF39
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......tr_TRB...(.Y.....S.A%............7.9.......l<n....i........J.S.t.a.n.d.a.r.d.B.u.t.t.o.n. ...r.n.e...i. .o.l.u._.t.u.r.u.l.a.m.1.y.o.r.........+Cannot create an instance of StandardButton.....QQuickPlatformDialog.....P.0.l.e.t.i._.i.m. .k.u.t.u.s.u. .s.o.y.u.t. .b.i.r. .t.e.m.e.l. .s.1.n.1.f.t.1.r......... Dialog is an abstract base class.....QQuickPlatformDialog.....6.I.m.a.g.i.n.e. .e.k.l.i. .b.i.r. ...z.e.l.l.i.k.t.i.r..........Imagine is an attached property...."QtQuickControls2ImagineStylePlugin.....8.M.a.t.e.r.i.a.l. .e.k.l.i. .b.i.r. ...z.e.l.l.i.k.t.i.r......... Material is an attached property....#QtQuickControls2MaterialStylePlugin.....:.U.n.i.v.e.r.s.a.l. .e.k.l.i. .b.i.r. ...z.e.l.l.i.k.t.i.r.........!Universal is an attached property....$QtQuickControls2UniversalStylePlugin.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtquickcontrols2_uk.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):9439
                                                                                                                                                                                              Entropy (8bit):5.311046235399906
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:h1lA4LYFL7DSLWg4/HaxleJWNugWGDsb5BG4sZ3z5H56kqhAWuADrTbnKKEX:htEF20HeUJmDw5BjMj1AHf4
                                                                                                                                                                                              MD5:BCE65372BD80E39DE81C69CB32F2592C
                                                                                                                                                                                              SHA1:57B064E83266F4337C6DAAC32CEB3052DC48D726
                                                                                                                                                                                              SHA-256:A5274DD4C4EDFEC9991B44FB4958DA546744D7B2A32E4276B286BD9CD91F0CD9
                                                                                                                                                                                              SHA-512:F9BA1FA927B562D155C7F06EE5CE226EC1C9C7CB87C8F986112B0747EAC29FCB535CA62E927EA06E616F94C425D955CCE462055C053C9FB3F1B2E8D504BD705A
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......uk_UAB...................J..................[`.......|...0...]...d...].......].......]...b..+....".........Bb......JlT...O.X.......Y.......[.%.....\.......\.....y.\.....).\.....=.s.N..............N...z..N.....*`......~....G...D...!..........en.....K.N.....Y....l.t........>.......].......^............................k....f.......2.......w...................... ...!......R......o.....i.z.....S..........N..............fd~.......~......X....F..g......9.....:...... P.v.5...(..P....a.......t..............=.<.%.....A.$..!w.e.....,.g........T~..........l............ ...."..............2....\..!^.......N.........!=.%......%....l.%......=2....?.G.....z.x.........N..........).7c......n.....G..e............O.e........{.......Pn....i..!.....(...=.4.8.:.0.B.>.@. .7.0.9.=.O.B.>.A.B.V..........Busy Indicator.....BusyIndicatorSpecifics.........8.:.>.=.C.T.B.L.A.O..........Running.....BusyIndicatorSpecifics.....L.'.8. .V.=.4.8.:.0.B.>.@. .?.>.:.0.7.C.T. .7.0.9.=.O.B

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtquickcontrols2_zh_TW.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):647
                                                                                                                                                                                              Entropy (8bit):5.2630314143437875
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12:6qMlfIyYmGP+MI617kWJMIEStEoU5katig3TmuIBUt2v:1MdYmGP661rTMoU5kaPTmuIU2v
                                                                                                                                                                                              MD5:F02E419522407C3D60FC51F458EA3053
                                                                                                                                                                                              SHA1:D17C874CCB90F6C19E077257E1B9E367A4A5EC0F
                                                                                                                                                                                              SHA-256:C6C8B3D2874D0ACFF369C286CFC4459064BF4B581CACDA6ECF70B44A849E3BE2
                                                                                                                                                                                              SHA-512:8B6DF317C5D3AB6538E9B087CA9FB3D222403A51DC4CDA4D3C21D8FB157C948B9524A1C9B8183641FDC7E0C7A0058C9DEB48B3151A7E90CA4EBD360ED3FB0C8E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......zh_TWB...(.Y.......A%..............9.....O.l<n....i...;.....q!l.^.z.. .S.t.a.n.d.a.r.d.B.u.t.t.o.n. v.[.O..........+Cannot create an instance of StandardButton.....QQuickPlatformDialog......\..qhFp.b..aW.y..^R%......... Dialog is an abstract base class.....QQuickPlatformDialog.......I.m.a.g.i.n.e. p..DR.\l`'..........Imagine is an attached property...."QtQuickControls2ImagineStylePlugin.......M.a.t.e.r.i.a.l. p..DR.\l`'......... Material is an attached property....#QtQuickControls2MaterialStylePlugin.......U.n.i.v.e.r.s.a.l. p..DR.\l`'.........!Universal is an attached property....$QtQuickControls2UniversalStylePlugin.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtquickcontrols_bg.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):30
                                                                                                                                                                                              Entropy (8bit):4.256564762130955
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:j2wZC4C/A/nt:Cwnt
                                                                                                                                                                                              MD5:5EFC7712DF77A83ABFC8AD129364076C
                                                                                                                                                                                              SHA1:1DD82E1B3C58E7352195094669711E8E6F0BEF1B
                                                                                                                                                                                              SHA-256:13EBA6EEE539FA4570A878495EEF38D0A7DD66865A1ABA6DEDDF28D7238BB373
                                                                                                                                                                                              SHA-512:3C7485957AC789137F6CAE0A1B4177BD600F24C399E93E1CF2A42965803A6BC1D549BDE5DA2F9DFD77E0FE16A14C89331A256B445AD0F37A9DAE6F7282109633
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......bg.......

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtquickcontrols_ca.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5113
                                                                                                                                                                                              Entropy (8bit):4.633717200180304
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:AQlRm0fHGCnc8EeBlOIK2jI1whPe5QwNGcY3Zb+mngox9oWE8Y7YMlCvE9o7dnvO:/RvXEcUIzI1OG51NrixgoZg7YMSJG
                                                                                                                                                                                              MD5:45E093DE3D685888F79ED1B2104B5F4B
                                                                                                                                                                                              SHA1:91275A98D7B8C7B622021DA2A63128E20103FAD8
                                                                                                                                                                                              SHA-256:BB5B0E11B4F425B08FA315F96EA0858E0CE9C71439E88639D22287593A9037F3
                                                                                                                                                                                              SHA-512:8AE291380EBA7F73A1120B695DE5F6099C1FB6C4A0410FB57DAEE7D1AE8BFACCE63CF978028FC3AF24077C681A3B898A2EB1E58CE730074F8D558BA77B2124FC
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......caB...(...;.......;...Q...;...!...O......O....s.._....r...$...............T.......0......f....,..f....Z...........................................e.....*.y.....+.....P.+......,.%.....,D......G.......H6......Hw9.....I'....Q.J+......J6....m.R.......S.......X.......X....T.Z.%...v..[......w.^...d.w.^..............[Y......I....4..I.......I.......I....,..f.......,....!..V....u.......z.;.......V.|......G%................... ...<.......|.....f2D......C........t...9..........t....................D.......[......].=........8....!.......^.......V..+%.....%.s....i..........A.l.f.a..........Alpha.....DefaultColorDialog.......C.a.n.c.e.l...l.a..........Cancel.....DefaultColorDialog.......T.o..........Hue.....DefaultColorDialog.......L.l.u.m.i.n.o.s.i.t.a.t..........Luminosity.....DefaultColorDialog.......D.'.a.c.o.r.d..........OK.....DefaultColorDialog.......S.a.t.u.r.a.c.i............Saturation.....DefaultColorDialog.....*.M.o.s.t.r.a. .e.l.s. .d.e.t.a.l.l.s................Sh

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtquickcontrols_da.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4917
                                                                                                                                                                                              Entropy (8bit):4.695512689471908
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:X60le+uGiuHrLlOvb/gwHVSoyEH9hGcXablkdiemLfv2M/UdbKgMr3fDb8R0v5h9:XZuILLUv0wHcVKPrBdWUSbfDL9Xm4
                                                                                                                                                                                              MD5:A8C5FF15237F6E08132E28F62ECF2E2B
                                                                                                                                                                                              SHA1:0FAF797AA72B4381FD07CBC30D1A4EDEE7BBD0CB
                                                                                                                                                                                              SHA-256:158E649F0509726821AA4575565BD98943C9EA9B5D39E3305E90F5607E2F43FC
                                                                                                                                                                                              SHA-512:47FCC30AED9783A9C3010E4C350F33F8F2B8BBE1FAAF3387B27E6F9FFAD7BE9DF56BC9668E11463E05308272825A2DE641B2B953A90FFD7BBBFC78C39E8C7A23
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......daB...(...;.......;.......;.......O...L..O....q.._........$...d.......E...T.......0......f.......f............................................a...e.....*.y...C.+.......+......,.%.....,D......G.....b.H6......Hw9.....I'....1.J+......J6......R.....^.S.......X.....).X......Z.%......[....e.w.^...f.w.^...t.......x..[Y......I....4..I.......I.......I.......f.......,....u..V............&.;.......V.|......G%...m...................<...}...|.....f2D...Q..C....3...t..............t............I......................C.=........8............D..........+%...+.%.s....i..........A.l.f.a..........Alpha.....DefaultColorDialog.......A.n.n.u.l.l.e.r..........Cancel.....DefaultColorDialog.......F.a.r.v.e.t.o.n.e..........Hue.....DefaultColorDialog.......L.y.s.s.t.y.r.k.e..........Luminosity.....DefaultColorDialog.......O.K..........OK.....DefaultColorDialog.......F.a.r.v.e.m...t.n.i.n.g..........Saturation.....DefaultColorDialog.......V.i.s. .d.e.t.a.l.j.e.r................Show Details

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtquickcontrols_de.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5198
                                                                                                                                                                                              Entropy (8bit):4.652984539313083
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:YFIXPWN2j819p4sskdbD1nOT7wVGcmb8ln/8lNPVKblmRxmjipVRC4QUieJUETgB:FPW2j8zbsGHtM8rHl/GpKjipmjeJ/c
                                                                                                                                                                                              MD5:68F6BB7CD10DB04EE9ACA44D194B57CB
                                                                                                                                                                                              SHA1:217859DB669E52BB2E5FC93B8EDE90A449BE0FBD
                                                                                                                                                                                              SHA-256:50472C2E995F5F3CC238FF118EC7DED9E22087B5A35F78671A0CE0CA856D30E9
                                                                                                                                                                                              SHA-512:594F5B92743CCEEB4AACC7F72C7E78E3B117CE3D9752BA067F3D47AF272BEFFEEE959F54F6E4C545F96B0F400F1630845F99FD932B56C1E3A142524E7958EAC9
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......de_DEB...(...;.......;...[...;...W...O......O....u.._........$...........;...T.......0......f....Z..f............................#...................e...W.*.y.....+.....t.+......,.%.....,D....'.G.......H6......Hw9.....I'......J+......J6......R.......S.......X.......X....^.Z.%......[......w.^...b.w.^...0.......:..[Y.../..I....6..I.......I.......I....H..f.......,....{..V............|.;.......V.|...#..G%...................F...<.......|.....f2D......C........t...=..........t....................n..............g.=.....0..8....................|..+%.....%.s...Bi..........A.l.p.h.a..........Alpha.....DefaultColorDialog.......A.b.b.r.e.c.h.e.n..........Cancel.....DefaultColorDialog.......F.a.r.b.t.o.n..........Hue.....DefaultColorDialog.......H.e.l.l.i.g.k.e.i.t..........Luminosity.....DefaultColorDialog.......O.K..........OK.....DefaultColorDialog.......S...t.t.i.g.u.n.g..........Saturation.....DefaultColorDialog.....&.D.e.t.a.i.l.s. .a.n.z.e.i.g.e.n................Show

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtquickcontrols_en.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                              Entropy (8bit):4.0
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:j2wZC4n:CwZ
                                                                                                                                                                                              MD5:BCEBCF42735C6849BDECBB77451021DD
                                                                                                                                                                                              SHA1:4884FD9AF6890647B7AF1AEFA57F38CCA49AD899
                                                                                                                                                                                              SHA-256:9959B510B15D18937848AD13007E30459D2E993C67E564BADBFC18F935695C85
                                                                                                                                                                                              SHA-512:F951B511FFB1A6B94B1BCAE9DF26B41B2FF829560583D7C83E70279D1B5304BDE299B3679D863CAD6BB79D0BEDA524FC195B7F054ECF11D2090037526B451B78
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`...

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtquickcontrols_fi.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5077
                                                                                                                                                                                              Entropy (8bit):4.665021224177485
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:5UqRTIjUcthczSVMcry1Q16qio0DiDG+P42ODMI17Dzw8QF/iLicazwoNYirH:5UqOU+czdcry1Q7i5OKoK7DzYRiLi7zb
                                                                                                                                                                                              MD5:89CF0D9A8E421EAA82464D4836C46116
                                                                                                                                                                                              SHA1:A77E3627951F4FA354155DE123DCD68A02982D14
                                                                                                                                                                                              SHA-256:9C29068BD39BB97154D561ED4382B9AAB077735BB1A9154E62ACCACE3D60F015
                                                                                                                                                                                              SHA-512:D2596DDF9F7F6A4247044EDA1DBB520B825DB1C9AC3ADBAE428E44468E12FCD96C047700E687DD112020762608A874ADB14172681D62ED7A8757EBC8315BE651
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......fiB...(...;.......;...5...;.......O......O....i.._....8...$...z...........T.......0......f.......f....2...............J...........................e.....*.y.....+.....&.+....i.,.%.....,D......G.......H6......Hw9.....I'....E.J+......J6....I.R.....|.S.......X.....g.X......Z.%...T..[......w.^...P.w.^..............[Y......I....4..I....}..I.......I.......f.......,.......V....S.......<.;.......V.|......G%.......................<.......|...n.f2D...u..C........t..............t....................(.......=......1.=........8............P.......@..+%...a.%.s....i..........A.l.f.a..........Alpha.....DefaultColorDialog.......P.e.r.u..........Cancel.....DefaultColorDialog.......S...v.y..........Hue.....DefaultColorDialog.......V.a.l.o.i.s.u.u.s..........Luminosity.....DefaultColorDialog.......O.K..........OK.....DefaultColorDialog.......K.y.l.l...i.s.y.y.s..........Saturation.....DefaultColorDialog.....*.N...y.t... .y.k.s.i.t.y.i.s.k.o.h.d.a.t &..........Show Details........De

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtquickcontrols_fr.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5532
                                                                                                                                                                                              Entropy (8bit):4.6501341239636895
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:LzHsNne/rsMxL3+Gr5XwU8tWZOKY54tYJwlD/HZL2D:LzM0rDLLrpwUVMKPnPZc
                                                                                                                                                                                              MD5:4B266D0C369409EB8CF44C3853B5487D
                                                                                                                                                                                              SHA1:DD5A0F5E32237C85E303D528A2C484832D278D3E
                                                                                                                                                                                              SHA-256:3757C038F447B475E19D22619B018EFB73D539870D075242983F4C3C66802509
                                                                                                                                                                                              SHA-512:7E3C38B9FDEA9032EECA82F3D5662352FCF5F9CE95074210776F6A53705758EE7F6F29E50D9347520D219851EA82B7C84F68D77B384709FE3B07EE31AC8AA6C3
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......fr_FRB...X...;.......;...7...;.......O......J.......O....q.._....|...$.......y...............T.......0......f....,..f....H...........................................e...).*.y.....+.....`.+......,.%.....,D......G.......H6......Hw9.....I'....[.J+......J6....E.R.......S.......V.....[.X.......X....B.Z.%...T..[......w.^...^.w.^...........*..[Y......I....6..I.......I.......I.......f.......,....9..,...."..V....e.......V.;.......V.|......G%......+........................<.......|.....f2D......C........t..............t....................F.......s..............M.=........8............b..........+%...c.%.s....i..........A.l.p.h.a..........Alpha.....DefaultColorDialog.......A.n.n.u.l.e.r..........Cancel.....DefaultColorDialog.......T.e.i.n.t.e..........Hue.....DefaultColorDialog.......L.u.m.i.n.o.s.i.t............Luminosity.....DefaultColorDialog.......O.k..........OK.....DefaultColorDialog.......S.a.t.u.r.a.t.i.o.n..........Saturation.....DefaultColorDialog.....(.A.f.f.i.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtquickcontrols_ja.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4356
                                                                                                                                                                                              Entropy (8bit):5.309069061081823
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:zPcYEKsp/y+ZqGcHNVfyhcRmsY7bkdHRcsQxz:zPcYA/nArtdyOEsY7bkLQ9
                                                                                                                                                                                              MD5:0A1831C8EE25BCA74A1241A8D75A5298
                                                                                                                                                                                              SHA1:B70CA988960BD62C2D4F3669C371FE382B423D34
                                                                                                                                                                                              SHA-256:23E5B44353FB87CD02CB52208814F5CEF3EFD8E5A53869FD1C780E10306F0576
                                                                                                                                                                                              SHA-512:BA9C20F41248631E041D38DD7891B63E1D3D2A6563AD4C589C685DE1F7211F51E7520F08C283B6392D3AB53F830B850BF0B1464B3497608F3CBC1C61E4091800
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......jaB...(...;.......;.......;.......O...z..O....k.._........$...........!...T.......0......f....b..f....................................]...........e...9.*.y.....+.......+......,.%.....,D......G.......H6......Hw9.....I'....g.J+......J6....g.R.....:.S.......X.....G.X......Z.%......[....}.w.^...0.w.^...f.......N..[Y......I....4..I....'..I.......I.......f....]..,....W..V....G.........;.....i.V.|......G%...).......,.......X...<.......|.....f2D...a..C....+...t...........x..t....%................................=........8.......................+%.....%.s....i.........0.0.0.0...........Alpha.....DefaultColorDialog......0.0.0.0.0...........Cancel.....DefaultColorDialog.......rv...........Hue.....DefaultColorDialog......QI^...........Luminosity.....DefaultColorDialog.......O.K..........OK.....DefaultColorDialog......_i^...........Saturation.....DefaultColorDialog.......s}00..hy:................Show Details........DefaultDialogWrapper......0.0.0.0.e.fB..........Accessed....

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtquickcontrols_ko.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4342
                                                                                                                                                                                              Entropy (8bit):5.3651324907203515
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:OIz75mecEg3S9ovMoonrHGcmR3qvstBMUBAkQiAoEh+Wd9kh4:O275Zcn38o0oMbrmsvstB1BQiA55vC4
                                                                                                                                                                                              MD5:A940D59CA6B068799F33148EA626618F
                                                                                                                                                                                              SHA1:F13282AB88F77BA9BD20D8881459BA4CA75895B2
                                                                                                                                                                                              SHA-256:8B111AC6FF6A437277F2E658FEFF96B3A2CBD112B5889702342C5318108528C9
                                                                                                                                                                                              SHA-512:DA6255FB9469BA14A532224D091B3E027AF23E2A9C3942ACED57AC41C6D071D48E29BEFE2EF9C9C8590D12347C2C849E4AD1B4E66FECDFE979926B139DCAC223
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......koB...(...;.......;.......;.......O...b..O....c.._........$...............T.......0......f....`..f....................................S...........e...+.*.y.....+.....v.+......,.%.....,D....y.G.......H6......Hw9.....I'....Y.J+......J6....M.R.......S.......X.....1.X......Z.%......[....e.w.^...(.w.^...R.......>..[Y......I....2..I.......I.......I.......f....I..,....K..V..../.........;....._.V.|......G%...........&.......H...<.......|.....f2D...W..C........t...........r..t............................w........=........8....................x..+%.....%.s....i..........,..............Alpha.....DefaultColorDialog....................Cancel.....DefaultColorDialog....................Hue.....DefaultColorDialog....................Luminosity.....DefaultColorDialog.......U.x..........OK.....DefaultColorDialog.......D............Saturation.....DefaultColorDialog........8.. ...0................Show Details........DefaultDialogWrapper...........\. ..............Accessed.....Defau

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtquickcontrols_ru.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5085
                                                                                                                                                                                              Entropy (8bit):5.238412383356313
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:UMNF/AKSYyH2LDLOAIy2dlGc+iO5cu27K6gObSFbyWnkz2VPVcutEDiR+wKg+UH:djL+BTrdh5gOb0fkiVKnbwAi
                                                                                                                                                                                              MD5:EA8EFDED618C510FDD563F4A8B551BCB
                                                                                                                                                                                              SHA1:A5D4F28F95FB8DD1A5374AC1968D4E99A0F11C50
                                                                                                                                                                                              SHA-256:3744E3549588DCC8E760264E3A78B8139DA8DA37062601DAFB17FACDE117EA2A
                                                                                                                                                                                              SHA-512:46A3D4280B2D94149AA6D4F3DAB4442910E219A8F292844376D980B95B6A23B075DD8BEF2250CD7656E4984C0F6B080E5F1C050D6360044FF46907EF1C527F59
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......ru_RUB...(...;.......;.......;.......O......O....o.._....2...$...X...........T.......0......f.......f....8...............B.......................{...e.....*.y.....+.....".+....].,.%.....,D......G.......H6......Hw9.....I'....!.J+......J6....;.R.....^.S.......X.....s.X......Z.%...<..[......w.^...\.w.^..............[Y......I....6..I.......I.......I.......f.......,.......V....K....... .;.......V.|......G%.......................<.......|...b.f2D...O..C........t..............t............w...............;......1.=........8............*.......2..+%...?.%.s....i............;.L.D.0..........Alpha.....DefaultColorDialog.........B.<.5.=.0..........Cancel.....DefaultColorDialog.........B.B.5.=.>.:..........Hue.....DefaultColorDialog......./.@.:.>.A.B.L..........Luminosity.....DefaultColorDialog.......O.K..........OK.....DefaultColorDialog.........0.A.K.I.5.=.=.>.A.B.L..........Saturation.....DefaultColorDialog.........>.:.0.7.0.B.L. .?.>.4.@.>.1.=.>.A.B.8................Sho

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtquickcontrols_tr.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4967
                                                                                                                                                                                              Entropy (8bit):4.771284931361378
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:4LUBg4Ynkg4f13rcX8g4EygKaRKiORg4Sd7zcM7+4l:WUcnE13rcXrygK8p7zcm+a
                                                                                                                                                                                              MD5:B7449CEC9D151BE6246E1E25C484ADF9
                                                                                                                                                                                              SHA1:F5C5E0903159F10713A835B152231E5F92C73D0C
                                                                                                                                                                                              SHA-256:C2BDFECF46BF829D2CA19D2458AF6E8EAB08AE4BF56EA3A4B49819EE776B2C43
                                                                                                                                                                                              SHA-512:025C797A523D1290BE1DF507838B3AED65194239DBFA9F1F8558B805F149C3694C5B4DB1219641BFC25B13E8955EA44A1084CCC4C752964C08B2314135D99313
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......tr_TRB...(...;.......;.......;.......O...>..O....q.._........$...f...........T.......0...s..f.......f............................................M...e.....*.y...m.+.......+......,.%.....,D......G.....F.H6......Hw9...~.I'....1.J+....J.J6......R.....Z.S.......X.....#.X......Z.%......[...._.w.^...Z.w.^..............[Y......I....4..I.......I.......I.......f.......,.......V............$.;.......V.|......G%...k...................<...s...|...$.f2D...U..C....C...t..............t............/......................G.=........8............6..........+%...+.%.s....i..........A.l.f.a..........Alpha.....DefaultColorDialog.......0.p.t.a.l. .E.t..........Cancel.....DefaultColorDialog.......T.o.n..........Hue.....DefaultColorDialog.......P.a.r.l.a.k.l.1.k..........Luminosity.....DefaultColorDialog.......T.a.m.a.m..........OK.....DefaultColorDialog.......D.o.y.g.u.n.l.u.k..........Saturation.....DefaultColorDialog.....*.A.y.r.1.n.t.1.l.a.r.1. .G...s.t.e.r................Show Deta

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtquickcontrols_uk.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5091
                                                                                                                                                                                              Entropy (8bit):5.223076055498268
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:6xSODo6SDvaO8b5l2QkGc1pzNOw76SOfWnXWTCz0xM62pM3rrbw:gSabi3rLNOw76hYmTC02f
                                                                                                                                                                                              MD5:A44F737BC4420F4E5D7D29DE7A5C0344
                                                                                                                                                                                              SHA1:3171D0B11E9095FC5CCF05FDCD16C5F3E1D36BD8
                                                                                                                                                                                              SHA-256:002FCEC6278B42C20E5A58FD9E449CF197CF4DE1251737190F5E7D2BD4344D25
                                                                                                                                                                                              SHA-512:6164D855EF9BB904BF4C13BECB2060CE798F5F76014337D5EFC72C8BA74B65A51A3B416566C4AA8142CA35B76EB0B3CFBE761FD86BE23CB9811C1DBF047BE293
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......uk_UAB...(...;.......;.......;.......O......O....u.._....4...$...z...........T.......0......f.......f....@...............R...........................e.....*.y.....+.....&.+....a.,.%.....,D......G.......H6......Hw9.....I'....C.J+......J6....M.R.....n.S.......X.....}.X......Z.%...J..[......w.^...f.w.^..............[Y......I....6..I.......I.......I.......f.......,.......V....W.......6.;.......V.|......G%.......................<.......|...f.f2D...s..C........t..............t....................2.......C......?.=........8............L.......8..+%...K.%.s....i............;.L.D.0..........Alpha.....DefaultColorDialog.......!.:.0.A.C.2.0.B.8..........Cancel.....DefaultColorDialog.........V.4.B.V.=.>.:..........Hue.....DefaultColorDialog.......!.2.V.B.=.V.A.B.L..........Luminosity.....DefaultColorDialog.......O.K..........OK.....DefaultColorDialog.........0.A.8.G.5.=.V.A.B.L..........Saturation.....DefaultColorDialog.....$...>.:.0.7.0.B.8. .4.5.B.0.;.V................Sho

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtquickcontrols_zh_TW.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4187
                                                                                                                                                                                              Entropy (8bit):5.281974574358389
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:WBudgLB73v3RrACfQh14vk4GcUXYpwvDaDC0CeGydGfNf1rDRwL:XOLBVACfQkXrUopwvDteGW2xpDG
                                                                                                                                                                                              MD5:7C08EF1EB08DD9A9BB371C9F08E368F8
                                                                                                                                                                                              SHA1:BA2DC2D4C1F8FC67709ECC549587AB7E09CBD1FE
                                                                                                                                                                                              SHA-256:BCABA0150BAB659308CBF03641C0F33EADB0277F8EFD9257DA6AC122454A8909
                                                                                                                                                                                              SHA-512:8B962C4EF43F51128E87258785EDBD69AFA63557E13C2F6AEB9D1B0C11C06A23E5966C88AFF4A86DEFE6A76DDD4BCB5C609EEDADF936FFD167ABFEA4EE8F6EBA
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......zh_TWB...(...;.......;...o...;...g...O......O....c.._........$...P.......}...T...M...0..._..f....,..f....................p...........................e.....*.y.....+.......+......,.%.....,D....a.G.....b.H6......Hw9.....I'....!.J+....R.J6......R.......S.......X.......X....>.Z.%...b..[......w.^...*.w.^..............[Y...{..I....2..I.......I....~..I.......f....1..,.......V..............;.......V.|...?..G%.......................<...-...|...J.f2D......C........t...-.......l..t............+........................=........8............Z.......&..+%.....%.s....i...........f.^...........Alpha.....DefaultColorDialog......S.m...........Cancel.....DefaultColorDialog.......r............Hue.....DefaultColorDialog......N.^...........Luminosity.....DefaultColorDialog......x.............OK.....DefaultColorDialog........T.^...........Saturation.....DefaultColorDialog.......oy:.s`. &..........Show Details........DefaultDialogWrapper......[XS.fB............Accessed.....DefaultFileD

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtserialport_de.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2487
                                                                                                                                                                                              Entropy (8bit):4.27753479149241
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:3kYi+mXbyPn3d1C4QVrOZ3pOkkXa93Uso45PQkK+7Dc9+NDkzsfgN:rm8NLQK3fkK9kso4VDK6Dkekz7N
                                                                                                                                                                                              MD5:5D3A2A6611C748317E9D86B576CD619F
                                                                                                                                                                                              SHA1:9894F3D41CD8705B7AE6FA24F4142F85DF2488E2
                                                                                                                                                                                              SHA-256:1D4D46A9CBF66D8313434CB6177D1E05CD93B61062307C704498DFD78AB6386C
                                                                                                                                                                                              SHA-512:C17CF936C81E86434676A013D76627E58E9DFFE0636EEDD3D7614F297CBCE68EE4F63227AF6C63C273012D97C68946219249E8BB21D2B4ABCC68AAE629816E2D
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......de_DEB......<....a.l.2.....G1^...........V.h~........^...Y.O.I..............!.......E...2...u... ........x.............w................i..........E.s. .k.a.n.n. .k.e.i.n.e. .b.e.n.u.t.z.e.r.d.e.f.i.n.i.e.r.t.e. .B.a.u.d.-.R.a.t.e. .f...r. .e.i.n.e. .R.i.c.h.t.u.n.g. .f.e.s.t.g.e.l.e.g.t. .w.e.r.d.e.n.........)Cannot set custom speed for one direction.....QSerialPort.......B.e.n.u.t.z.e.r.d.e.f.i.n.i.e.r.t.e. .B.a.u.d.-.R.a.t.e.n. .f...r. .e.i.n.z.e.l.n.e. .R.i.c.h.t.u.n.g.e.n. .w.e.r.d.e.n. .n.i.c.h.t. .u.n.t.e.r.s.t...t.z.t.........)Custom baud rate direction is unsupported.....QSerialPort.....l.B.e.n.u.t.z.e.r.d.e.f.i.n.i.e.r.t.e. .B.a.u.d.-.R.a.t.e.n. .w.e.r.d.e.n. .n.i.c.h.t. .u.n.t.e.r.s.t...t.z.t.........!Custom baud rate is not supported.....QSerialPort.....>.G.e.r...t. .w.u.r.d.e. .v.o.m. .S.y.s.t.e.m. .e.n.t.f.e.r.n.t........."Device disappeared from the system.....QSerialPort.....,.G.e.r...t. .b.e.r.e.i.t.s. .g.e...f.f.n.e.t..........Device is already

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtserialport_en.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                              Entropy (8bit):4.0
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:j2wZC4n:CwZ
                                                                                                                                                                                              MD5:BCEBCF42735C6849BDECBB77451021DD
                                                                                                                                                                                              SHA1:4884FD9AF6890647B7AF1AEFA57F38CCA49AD899
                                                                                                                                                                                              SHA-256:9959B510B15D18937848AD13007E30459D2E993C67E564BADBFC18F935695C85
                                                                                                                                                                                              SHA-512:F951B511FFB1A6B94B1BCAE9DF26B41B2FF829560583D7C83E70279D1B5304BDE299B3679D863CAD6BB79D0BEDA524FC195B7F054ECF11D2090037526B451B78
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`...

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtserialport_es.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2507
                                                                                                                                                                                              Entropy (8bit):4.141026731537408
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:qn2tc7kIAhTN/sy27CDlLpr8fZ5NFn/rsIqDcj7OccC3:qM3C88fZr1o2j7Occq
                                                                                                                                                                                              MD5:5B3E91AEDA2B933448464F6C2257024A
                                                                                                                                                                                              SHA1:0F5230208C8B2E8CB3D478F9DFCEACD5319972BE
                                                                                                                                                                                              SHA-256:460FC8A3BF5DB24CF570ED0CAF72C30D754A16859B3F80143ED6B9BB6A78370B
                                                                                                                                                                                              SHA-512:E2AAE44D48A5648F8A9B41F92BCA78AC725E69076F642BF6DF064FE5C5EDAE3E5961BFC5D2F3F6BD24433DFEAA9992C949527CD21FF520D101417F47302750DD
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......es_ESB......<......l.2.....G1^...........n.h~........^...[.O.I...........&..!.......E...<...u...`........x.............S................i... ......N.o. .s.e. .p.u.e.d.e. .e.s.t.a.b.l.e.c.e.r. .u.n.a. .v.e.l.o.c.i.d.a.d. .p.e.r.s.o.n.a.l.i.z.a.d.a. .p.a.r.a. .u.n.a. .d.i.r.e.c.c.i...n.........)Cannot set custom speed for one direction.....QSerialPort.......E.s.t.a.b.l.e.c.e.r. .u.n. .r.a.t.i.o. .d.e. .b.a.u.d.i.o.s. .p.a.r.a. .u.n.a. .s.o.l.a. .d.i.r.e.c.c.i...n. .n.o. .e.s.t... .s.o.p.o.r.t.a.d.o.........)Custom baud rate direction is unsupported.....QSerialPort.....f.E.l. .r.a.t.i.o. .d.e. .b.a.u.d.i.o.s. .p.e.r.s.o.n.a.l.i.z.a.d.o. .n.o. .e.s.t... .s.o.p.o.r.t.a.d.o.........!Custom baud rate is not supported.....QSerialPort.....T.E.l. .d.i.s.p.o.s.i.t.i.v.o. .h.a. .d.e.s.a.p.a.r.e.c.i.d.o. .d.e.l. .s.i.s.t.e.m.a........."Device disappeared from the system.....QSerialPort.....<.E.l. .d.i.s.p.o.s.i.t.i.v.o. .y.a. .e.s.t... .a.b.i.e.r.t.o..........Device is alread

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtserialport_ja.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1744
                                                                                                                                                                                              Entropy (8bit):5.55561281968907
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:7yyIKGiKGzwIQTbR4J0Xq4yeOE81pgBbeUs6Q7PQkdDcSDCTGmg:VIdidzwNR6yp3dMSBJs6ODdDcSH
                                                                                                                                                                                              MD5:149CBDCA3315BB180312FD06B215E29B
                                                                                                                                                                                              SHA1:61ADCB5F1B4C9F18090A724680D10CCDAB8E1201
                                                                                                                                                                                              SHA-256:9641CC7BC400A29EC3FC54F69C72AE25F190B199817DCD0B4F564FCF5B01D638
                                                                                                                                                                                              SHA-512:0775D3FC99AB2343D699543B7AE0BAD6B358CB5693B4E0D40B42301B051473B3B5487118541BAD6F34F2A7B84FE9AB81E994ED6B4A570971B0B114BF4ABB8878
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......ja_JPB......<....a.l.2...h.G1^.............h~........^.....O.I...C..........!.......E.......u..........k.x.............i.......y........i...,....0N.e.T.0`0Q..^.0.0.0.0.0.0.0.0Y0.0S0h0o0g0M0~0[0..........)Cannot set custom speed for one direction.....QSerialPort.....6N.e.T.0`0Q0.0.0.0.0.0.0.0.0.0.0.0.0Y0.0S0h0o0g0M0~0[0..........)Custom baud rate direction is unsupported.....QSerialPort.....00.0.0.0.0.0n0.0.0.0.0.0.0o0.0.0.0.0U0.0f0D0~0[0..........!Custom baud rate is not supported.....QSerialPort....."0.0.0.0.0K0.0.0.0.0.0Lm.Y10W0~0W0_........."Device disappeared from the system.....QSerialPort......0.0.0.0.0oe.0k..0K0.0f0D0~0Y..........Device is already open.....QSerialPort......0.0.0.0.0L..0K0.0f0D0~0[0...........Device is not open.....QSerialPort..... 0.0.0.0.0K0...0...0.0~0[0.0g0W0_..........Error reading from device.....QSerialPort......0.0.0.0.0xf.0M..0.0~0[0.0g0W0_..........Error writing to device.....QSerialPort......q!R.0j0.0.0.0.0.0nP$0g0Y..........Inva

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtserialport_ko.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1627
                                                                                                                                                                                              Entropy (8bit):5.657434741027078
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:8cxfV2frXvzfuThZwj47WqZp1lfeUsLPQkRFlNRe:8cxfV2frXLfudZw8qMTlftsTDR/a
                                                                                                                                                                                              MD5:AC6E653EEB49365F0D971C661E34008C
                                                                                                                                                                                              SHA1:E80E7A6C88E32A958E5F53942E26BDA905CB1145
                                                                                                                                                                                              SHA-256:9C8447F8C0699B318F8AE26EF53500B5E80CE06B615E1AF1A9205BA16F7F6DA0
                                                                                                                                                                                              SHA-512:C8A37926FCB1FB94FE8859802B4AD4DA18EBAB36DC76D270A30C3154E3D4E4B3C172BD074EF6EEA2A024300F086E40ECDD7CFFD028D553CD1088B66FF1639E79
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......koB......<....!.l.2...8.G1^...........j.h~........^.....O.I..............!.......E.......u..........G.x.....k.......Y................i........8.\. .. .)..<.\. ..... ...X. ....|. .$...`. ... ...L.........)Cannot set custom speed for one direction.....QSerialPort.....*..... ...X. ..... .)..D. .....X... .J.L.........)Custom baud rate direction is unsupported.....QSerialPort.....$..... ...X. ....|. .....X... .J.L.........!Custom baud rate is not supported.....QSerialPort........X... ....\..... .....(........."Device disappeared from the system.....QSerialPort........X... .t... ...8.L..........Device is already open.....QSerialPort........X... ....... .J.X.L..........Device is not open.....QSerialPort........X..... .}... ... .$.X. ..............Error reading from device.....QSerialPort........X... ... ... .$.X. ..............Error writing to device.....QSerialPort............ ..... ............Invalid baud rate value.....QSerialPort.......$.X. ...L

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtserialport_pl.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2002
                                                                                                                                                                                              Entropy (8bit):4.456120803288729
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:kTyjgtbFLpS0E9Ms9l0hpGi13mOPMDt/HZ:kpbnf3mO6
                                                                                                                                                                                              MD5:81B4056C1A7A148C4B4489BEAA35873F
                                                                                                                                                                                              SHA1:038FC24EA0A8777A2762983A1EBA88588D9F3D48
                                                                                                                                                                                              SHA-256:7D8200285797267BDEB2A630888100C35E0A06A6ACBD3C5254DCAB022765614F
                                                                                                                                                                                              SHA-512:6AFCFEEE5419C45362939D8887C2685F7FF3236B3F04A67C2EAE662CE51160819C26270D32B46562349704AAFD6B8AC23CB764753F3B8C4DB922A177F99F3AFA
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......pl_PLB...p..<......l.2.....G1^.....h~........^...6.O.I...........)..!.......E.......u...y........x.............N.......ri.../....r.N.i.e. .m.o.|.n.a. .u.s.t.a.w.i... .i.n.n.e.j. .p.r...d.k.o.[.c.i. .t.y.l.k.o. .w. .j.e.d.n.y.m. .k.i.e.r.u.n.k.u.........)Cannot set custom speed for one direction.....QSerialPort.....R.Z.m.i.a.n.a. .p.r...d.k.o.[.c.i. .b.o.d. .n.i.e. .j.e.s.t. .o.b.s.B.u.g.i.w.a.n.a.........!Custom baud rate is not supported.....QSerialPort.....:.U.r.z...d.z.e.n.i.e. .z.n.i.k.n...B.o. .z. .s.y.s.t.e.m.u........."Device disappeared from the system.....QSerialPort.....6.U.r.z...d.z.e.n.i.e. .j.e.s.t. .j.u.|. .o.t.w.a.r.t.e..........Device is already open.....QSerialPort.....6.U.r.z...d.z.e.n.i.e. .n.i.e. .j.e.s.t. .o.t.w.a.r.t.e..........Device is not open.....QSerialPort.....2.B.B...d. .o.d.c.z.y.t.u. .z. .u.r.z...d.z.e.n.i.a..........Error reading from device.....QSerialPort.....2.B.B...d. .z.a.p.i.s.u. .d.o. .u.r.z...d.z.e.n.i.a..........Error writ

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtserialport_ru.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2370
                                                                                                                                                                                              Entropy (8bit):5.047593865082558
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:ql5A1HrEoOHx9JkzQDfS9L5EsRfDR20G3:qfAdrE9InL5zPRw
                                                                                                                                                                                              MD5:B63CC167E464D1DC72FD9FE57973F063
                                                                                                                                                                                              SHA1:BC6CE99F77DA9FB39030286E9B3C204312874184
                                                                                                                                                                                              SHA-256:AA9069CA426240D035BA132F3F2B9CF2D55863466DFC745A1A156BDA1AF89565
                                                                                                                                                                                              SHA-512:6E779EEFE0017C0D81F10EC37E16EBBE67908B264F1D1919F3EC6361202E9FC76E098F32C09E47AECB6C36C52867A317723F0281EE9726143B9514B1A1E63474
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......ru_RUB......<......l.2.....G1^.............h~........^.....O.I...e..........!.......E.......u..........W.x.............................1i............5.2.>.7.<.>.6.=.>. .C.A.B.0.=.>.2.8.B.L. .>.A.>.1.C.N. .A.:.>.@.>.A.B.L. .B.>.;.L.:.>. .2. .>.4.=.>.<. .=.0.?.@.0.2.;.5.=.8.8.........)Cannot set custom speed for one direction.....QSerialPort.....v...0.?.@.0.2.;.5.=.8.O. .?.5.@.5.4.0.G.8. .4.;.O. .>.A.>.1.K.E. .A.:.>.@.>.A.B.5.9. .=.5. .?.>.4.4.5.@.6.8.2.0.N.B.A.O.........)Custom baud rate direction is unsupported.....QSerialPort.....T...A.>.1.0.O. .A.:.>.@.>.A.B.L. .?.5.@.5.4.0.G.8. .=.5. .?.>.4.4.5.@.6.8.2.0.5.B.A.O.........!Custom baud rate is not supported.....QSerialPort.....:.#.A.B.@.>.9.A.B.2.>. .C.4.0.;.5.=.>. .8.7. .A.8.A.B.5.<.K........."Device disappeared from the system.....QSerialPort.....,.#.A.B.@.>.9.A.B.2.>. .C.6.5. .>.B.:.@.K.B.>..........Device is already open.....QSerialPort.....*.#.A.B.@.>.9.A.B.2.>. .=.5. .>.B.:.@.K.B.>..........Device is not op

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtserialport_uk.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2424
                                                                                                                                                                                              Entropy (8bit):5.064131363064634
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:6d5MHAsFGmjR3pg/WrNKjMw2dGKuNs4dDQEKR+dCcVwn50J:S5MxHjRXUiyn5J
                                                                                                                                                                                              MD5:BE67D46B673901941FB9DC71A484C793
                                                                                                                                                                                              SHA1:42DA8F0CF8D317C9B5A80F5DCF71F6F0070EC476
                                                                                                                                                                                              SHA-256:965A71EF9B7E976EDE3483471D0727CB9F76D5F280D2B6A7FB543EA3DADEC99A
                                                                                                                                                                                              SHA-512:5CB1B4DDF2E626380BC6996E29D261FEE3D84CDABF37876D13ECE0F83C0FCDC79518D367479320120144987500220E192940AB50DCB6B2B29296AF38FD4A5BF5
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......uk_UAB......<....5.l.2.....G1^.............h~........^.....O.I..............!.......E.......u..........W.x.....O.......+.............../i........|...5.<.>.6.;.8.2.>. .2.A.B.0.=.>.2.8.B.8. .2.;.0.A.=.C. .H.2.8.4.:.V.A.B.L. .;.8.H.5. .4.;.O. .>.4.=.>.3.>. .=.0.?.@.O.<.:.C.........)Cannot set custom speed for one direction.....QSerialPort.........;.0.A.=.0. .H.2.8.4.:.V.A.B.L. .?.5.@.5.4.0.2.0.=.=.O. .4.;.O. .>.4.=.>.3.>. .=.0.?.@.O.<.:.C. .=.5. .?.V.4.B.@.8.<.C.T.B.L.A.O.........)Custom baud rate direction is unsupported.....QSerialPort.....Z...;.0.A.=.0. .H.2.8.4.:.V.A.B.L. .?.5.@.5.4.0.2.0.=.=.O. .=.5. .?.V.4.B.@.8.<.C.T.B.L.A.O.........!Custom baud rate is not supported.....QSerialPort.....0...@.8.A.B.@.V.9. .7.=.8.:. .V.7. .A.8.A.B.5.<.8........."Device disappeared from the system.....QSerialPort.....*...@.8.A.B.@.V.9. .2.6.5. .2.V.4.:.@.8.B.>..........Device is already open.....QSerialPort.....(...@.8.A.B.@.V.9. .=.5. .2.V.4.:.@.8.B.>..........Device is not op

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtwebsockets_ca.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):9664
                                                                                                                                                                                              Entropy (8bit):4.410941854365823
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:MdUTDLaio/iIpJi8990CXbiYZB/E7l5moz0f:VaioV3i8990CXbiY0x5mow
                                                                                                                                                                                              MD5:61A9C3C20D12647C70015C3DF7A81C36
                                                                                                                                                                                              SHA1:822AE4F3613C6B914C12004E9C15CE1C3E307B7F
                                                                                                                                                                                              SHA-256:BFC532A1E88E2064869EDDA4896DF24B744AD78E31F56006EAAA92CF82452AC0
                                                                                                                                                                                              SHA-512:F6DD5AFD39A5F268ED9F33EA0761BE3F23CE2AD59EE1A27FEAD49BB21ACB0EC7369DF533BA005EEFADB21C76920A4E54D1B919D5036961B5B5A6C964071740B7
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......caB..........#m...........N..... .......o...............R.Q......cn...!...N...a..-...........Y..\... q.`H......^.n..".......b..-....K.@.......T......Um......i........Z..."...........3......W.^.....f........C......Y/......8.......`n............'...n.......>...M.................0......)._...........N......!{.........1.....'.......S........s>..."..|........q........>...........6...~... .*.......x\....p..4....`i..$.....z.E.l.s. .m.i.s.s.a.t.g.e.s. .n.o.m...s. .e.s. .p.o.d.e.n. .e.n.v.i.a.r. .q.u.a.n. .e.l. .s...c.o.l. .e.s.t... .o.b.e.r.t...........2Messages can only be sent when the socket is open......QQmlWebSocket.....B.E.l. ...Q.Q.m.l.W.e.b.S.o.c.k.e.t... .n.o. .e.s.t... .l.l.e.s.t............QQmlWebSocket is not ready......QQmlWebSocket.....N.E.l. ...Q.Q.m.l.W.e.b.S.o.c.k.e.t.S.e.r.v.e.r... .n.o. .e.s.t... .l.l.e.s.t...........!QQmlWebSocketServer is not ready......QQmlWebSocketServer.......L.a. .c.l.a.u. .d.'.a.c.c.e.p.t.a.c.i... .r.e.b.u.d.a. .d.e.l. .s.e.r

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtwebsockets_de.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):10404
                                                                                                                                                                                              Entropy (8bit):4.447381304896757
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:jbrtfjIQdT3L8xex2HjdeATI3jH510B0W1EjwsxiitsMvf:DhjndTb8xex2HjdxCH58+jwsxt
                                                                                                                                                                                              MD5:C6F6F4A94C06E8D18C7D087749E6E3C5
                                                                                                                                                                                              SHA1:95ED5C2F7E9A3182C986C7D8EB4DA5FE30DA61D5
                                                                                                                                                                                              SHA-256:68757EAFC703F59C5C4C309E5408144DEBF302362E1F1628D5AAD610C7244A4C
                                                                                                                                                                                              SHA-512:F1FD265D41F56FD32F90CDFCF463A347BEA0AB076E088EF998E99CC75EBCE3EC7BE01CC18C0BDAE53EA4E5B362D313C591410711F7D06641DAF574BCD05C52F8
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......de_DEB.................&............N..... .......o...............R.Q...N..cn...]...N..!...-..............\..."..`H......^.n..%.......v..-....M.@.......T......Um......i........A~.. ...Z...%Q..........3... ..W.^.....f........C......Y/....)........8.......`n....h.......s...n.......>...Q.................0......)._...J......."......#..........1.......E....$......................#..s>...$..|........q........>..!n...........~...L.*.......x\.......4....Fi..&.......N.a.c.h.r.i.c.h.t.e.n. .k...n.n.e.n. .n.u.r. .v.e.r.s.a.n.d.t. .w.e.r.d.e.n.,. .w.e.n.n. .d.e.r. .S.o.c.k.e.t. .g.e...f.f.n.e.t. .i.s.t...........2Messages can only be sent when the socket is open......QQmlWebSocket.....6.Q.Q.m.l.W.e.b.S.o.c.k.e.t. .n.i.c.h.t. .b.e.r.e.i.t............QQmlWebSocket is not ready......QQmlWebSocket.....B.Q.Q.m.l.W.e.b.S.o.c.k.e.t.S.e.r.v.e.r. .n.i.c.h.t. .b.e.r.e.i.t...........!QQmlWebSocketServer is not ready......QQmlWebSocketServer.......D.e.r. .A.c.c.e.p.t.-.S.c.h.l...s.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtwebsockets_en.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                              Entropy (8bit):4.0
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:j2wZC4n:CwZ
                                                                                                                                                                                              MD5:BCEBCF42735C6849BDECBB77451021DD
                                                                                                                                                                                              SHA1:4884FD9AF6890647B7AF1AEFA57F38CCA49AD899
                                                                                                                                                                                              SHA-256:9959B510B15D18937848AD13007E30459D2E993C67E564BADBFC18F935695C85
                                                                                                                                                                                              SHA-512:F951B511FFB1A6B94B1BCAE9DF26B41B2FF829560583D7C83E70279D1B5304BDE299B3679D863CAD6BB79D0BEDA524FC195B7F054ECF11D2090037526B451B78
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`...

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtwebsockets_es.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):9679
                                                                                                                                                                                              Entropy (8bit):4.371356452938804
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:qEGfgjDpAFuls69JXCoqXAwnW+8iuEOBbQAPf:fYgjDl9JXCoqXAw5RfOxQY
                                                                                                                                                                                              MD5:0C5594458C800642DB69B3FC6B33D7F9
                                                                                                                                                                                              SHA1:9C9671E0102B3AD13BE6C242790E1FB1B01BAA16
                                                                                                                                                                                              SHA-256:8CCB4369029D62C51BBEE6D210A841337A8736382ACEA03D664A289FD6F12719
                                                                                                                                                                                              SHA-512:FF66AC628085687DBBEEFC37891003A6238CEBA46469E60E421EBF5533EB34947A198082EFDDB07F54B93C83BFAAC47EE444F10ED69E60B1E84A0DFCAF7C896A
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......es_ESB..........#............N..... .......o.............M.R.Q... ..cn...}...N......-...........i..\... ..`H......^.n..#..........-......@.......T......Um......i........Z..."...........3......W.^.....f........C......Y/....e.8.......`n....$.......I...n.......>...Q.................0......)._...f.......4......!..........1.....y.......U........s>..."5.|........q....C...>...........8...~...T.*.......x\.......4....pi..$.......L.o.s. .m.e.n.s.a.j.e.s. .s...l.o. .p.u.e.d.e.n. .s.e.r. .e.n.v.i.a.d.o.s. .c.u.a.n.d.o. .e.l. .s.o.c.k.e.t. .e.s.t... .a.b.i.e.r.t.o...........2Messages can only be sent when the socket is open......QQmlWebSocket.....8.Q.Q.m.l.W.e.b.S.o.c.k.e.t. .n.o. .e.s.t... .l.i.s.t.o............QQmlWebSocket is not ready......QQmlWebSocket.....D.Q.Q.m.l.W.e.b.S.o.c.k.e.t.S.e.r.v.e.r. .n.o. .e.s.t... .l.i.s.t.o...........!QQmlWebSocketServer is not ready......QQmlWebSocketServer.......L.a. .c.l.a.v.e. .d.e. .a.c.e.p.t.a.c.i...n. .r.e.c.i.b.i.d.a. .p.o.r. .

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtwebsockets_fr.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):9639
                                                                                                                                                                                              Entropy (8bit):4.399726739516741
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:Tuhw8Ah0rYOy8fmi9H+grrHFAuHeD/vI8nF+61/SwaLTxkOFUSzhbpAZggmp7EuM:TDUDmsPq8SOP5d2kp7Ee4Ej+2gv5
                                                                                                                                                                                              MD5:E5A6AEA6373B8C6E2AE8EED0F63331C0
                                                                                                                                                                                              SHA1:AC7984096A151A5D4D94A0502564964224A946ED
                                                                                                                                                                                              SHA-256:8543BE2F86936748D8BDA70F439D3854306FCE5AC5C94ACFD36A1FFA16EA1E71
                                                                                                                                                                                              SHA-512:16AAB2C0BAA5118EEAE8382B06194A696B534A70A8A2C0E7175B3C6679EF6A8A77802261BC339C7F6B3BC3E58A59B6E2B63E155EE40EAA5732EF52E19063FD53
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......fr_FRB..........#Q...........N..... .......o...............R.Q......cn...#...N...s..-..........._..\... {.`H......^.n..".......V..-......@.......Um......i........Z..."z.......v..3......H.$.....W.^...o.f........C.......`....=.Y/......8.......`n................n.......>...W.................0......)._..................!................7........s>..."..|........q........>...........,...~.....*.......x\....X..4....fi..#.......L.e.s. .m.e.s.s.a.g.e.s. .n.e. .p.e.u.v.e.n.t. ...t.r.e. .e.n.v.o.y...s. .q.u.e. .l.o.r.s.q.u.e. .l.e. .s.o.c.k.e.t. .e.s.t. .o.u.v.e.r.t...........2Messages can only be sent when the socket is open......QQmlWebSocket.....:.Q.Q.m.l.W.e.b.S.o.c.k.e.t. .n.'.e.s.t. .p.a.s. .p.r...t............QQmlWebSocket is not ready......QQmlWebSocket.....F.Q.Q.m.l.W.e.b.S.o.c.k.e.t.S.e.r.v.e.r. .n.'.e.s.t. .p.a.s. .p.r...t...........!QQmlWebSocketServer is not ready......QQmlWebSocketServer.......A.c.c.e.p.t.-.K.e.y. .r.e...u. .d.u. .s.e.r.v.e.u.r. .%.1. .n.e.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtwebsockets_ja.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):7270
                                                                                                                                                                                              Entropy (8bit):5.696245556869249
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:OWASAuv99X9MhLHL+la9uVd9WEnuiZjLB:O+X9t9cLHL+la9u9nui5N
                                                                                                                                                                                              MD5:64FC24764E356C4A7734FCE510E5F77E
                                                                                                                                                                                              SHA1:E4B235F2F6CFAC847381C3AF8C5631DE92A934A2
                                                                                                                                                                                              SHA-256:7DFE297C2752ADA9D11933F555D2A616FB92F4B4F3C27BBA783A83AB65B61F9B
                                                                                                                                                                                              SHA-512:D03D412C044B275E64AC2C602BA9AFD2939CB174CDDE99F69BCAC1F0934AA1BE6DF15FCC28189CCA60094BBA3AAEE04156D6FA78BB589DE41C4203CBB074C610
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......ja_JPB...........3.......4...N..... .....t.o...............R.Q......cn.......N...=..-...........9..\......`H......^.n.............-....9.@.......T......Um......i.....G..Z...............3......W.^...5.f.....1..C......Y/....I.8.......`n............_...n.......>..................7..0......)._...........................`.1.....I..............Q.s>....5.|........q....e...>...........N...~.....*.......x\.......4.....i........40.0.0.0.0.0o0.0.0.0.0L..0D0f0D0.fB0n0...O.0g0M0~0Y0..........2Messages can only be sent when the socket is open......QQmlWebSocket.....4.Q.Q.m.l.W.e.b.S.o.c.k.e.t. 0nn.P.0L0g0M0f0D0~0[0.0...........QQmlWebSocket is not ready......QQmlWebSocket.....@.Q.Q.m.l.W.e.b.S.o.c.k.e.t.S.e.r.v.e.r. 0nn.P.0L0g0M0f0D0~0[0.0..........!QQmlWebSocketServer is not ready......QQmlWebSocketServer.....l0.0.0.0K0.S.0QS.0c0_. .A.c.c.e.p.t. 0.0.0.0nP$. .%.1. 0L0.0.0.0.0.0.0n. .K.e.y. 0nP$. .%.2. 0hT...0W0~0[0.0..........DAccept-Key received from server %1 does not mat

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtwebsockets_ko.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):7131
                                                                                                                                                                                              Entropy (8bit):5.747159181039558
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:vtiS0wgLajxdctKtjtdtVtRSRARSfsEi7tD28hUB:1RgLalvSWRciR2T
                                                                                                                                                                                              MD5:AF507F561A307C883AFE57DE9E3517CD
                                                                                                                                                                                              SHA1:D6867299EA100E6EFD6F549CB34F491DBFCD2757
                                                                                                                                                                                              SHA-256:BF3B71EABB20BBCAC27C5F8671BB7060E9EAB7BC6821BA8F09D2D67EE82367B6
                                                                                                                                                                                              SHA-512:4DA1CDEB68888AF54166667185ACD092DEAEB6EBDE4876DBE59798CB6DBE6630D6EABD420BD282EDFC4B558637216059E418D43433BF4D919FE77209A5AE4624
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......koB...................,...N...T. .....p.o.............i.R.Q...L..cn.......N......-...........5..\....{.`H......^.n...G......L..-......@.......T....s.Um......i........Z...............3....S.W.^.....f........C......Y/......8.......`n................n.......>..................9..0......)._...b...............%.......^.1....................C.s>......|........q........>...........J...~...D.*.......x\.......4.....i..."....<.....t. ...$. ..D. .L.... .T.....|. .....`. ... ................2Messages can only be sent when the socket is open......QQmlWebSocket.....4.Q.Q.m.l.W.e.b.S.o.c.k.e.t.t. ...D..... .J.X................QQmlWebSocket is not ready......QQmlWebSocket.....@.Q.Q.m.l.W.e.b.S.o.c.k.e.t.S.e.r.v.e.r... ...D..... .J.X...............!QQmlWebSocketServer is not ready......QQmlWebSocketServer.....V..... .%.1..... ...@. .A.c.c.e.p.t.-.K.e.y... .t.|.t... .. .%.2.@.(...). ................DAccept-Key received from server %1 does not match the client key

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtwebsockets_pl.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):7599
                                                                                                                                                                                              Entropy (8bit):4.620143427827003
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:2UClh+jT0VAO9c5+T+GZHuHkgNvjWqdT7TZKymOcEzP9r5ubrC:LmHz9c4dZq966T7TZK9OcEzPl5qC
                                                                                                                                                                                              MD5:261B9B2B09C21DB6D226743C46AFAFAC
                                                                                                                                                                                              SHA1:39402B503838FDA027BE78B6DCFB19BD1948F6C3
                                                                                                                                                                                              SHA-256:4AF915DE2133AB4E936B4AC485CA19ED34EC08A3399F95765EE7A6F2B9E07461
                                                                                                                                                                                              SHA-512:5FEFFE357666808B1DA6B05A1FD24CAE655ED767E33E034EF1B598865E4E203A5ADA85EC1364C225CF39327791EC702F41000299E5761B91D3E297A8714A8098
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......pl_PLB...X...................N..... .....p.o...............R.Q...8...N......-..............\....*.`H......^.n...)........@.......Um......i................3....U.W.^.....f.....<..C......Y/......`n................n.......>...I.......{......c..0....t.)._...........................(.......;........s>......|........q..............*.......x\.......4.....i...$....|.K.o.m.u.n.i.k.a.t.y. .m.o.g... .b.y... .w.y.s.y.B.a.n.e. .j.e.d.y.n.i.e. .g.d.y. .g.n.i.a.z.d.o. .j.e.s.t. .o.t.w.a.r.t.e...........2Messages can only be sent when the socket is open......QQmlWebSocket.....<.Q.Q.m.l.W.e.b.S.o.c.k.e.t. .n.i.e. .j.e.s.t. .g.o.t.o.w.y............QQmlWebSocket is not ready......QQmlWebSocket.....H.Q.Q.m.l.W.e.b.S.o.c.k.e.t.S.e.r.v.e.r. .n.i.e. .j.e.s.t. .g.o.t.o.w.y...........!QQmlWebSocketServer is not ready......QQmlWebSocketServer.......A.c.c.e.p.t.-.K.e.y. .o.t.r.z.y.m.a.n.y. .z. .s.e.r.w.e.r.a. .%.1. .n.i.e. .p.a.s.u.j.e. .d.o. .k.l.u.c.z.a. .k.l.i.e.n.t.a. .%.2...........

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtwebsockets_ru.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):9562
                                                                                                                                                                                              Entropy (8bit):5.215210897076583
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:qY6k2c0M1Uwtjrldh1N1NUuAFjJ+SE+5oY6QS8:L6kd0M1UmX3xfUfhEr+5J5
                                                                                                                                                                                              MD5:69E98D5C7D772467515403F54AB47D98
                                                                                                                                                                                              SHA1:7AEA3408C1C90CC459D390337D51DFD5D83E1EE6
                                                                                                                                                                                              SHA-256:6C6E2E9914F25BAD087D82F5A0438BFAA9B8B965BCB15E6F1F69D7FF22E69E0D
                                                                                                                                                                                              SHA-512:D2ED55D6F79198DC701E7513A895A0272E4FA768BEE5ACA73BF85597824CDB4DAEB78FB2D65A1258BFF02E270B5B7C7601521DBA00D1A8DF5043CEC2A7376DDE
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......ruB..........o......"............N..... .......o.....W.........R.Q......cn...+...N......-..............\......`H....4.^.n.."Z......t..-......@.......T......Um....p.i........A~......Z..."........V..3......W.^...+.f.....?..C......Y/.............8.......`n................n.......>...+.................0......)._...\.........................1.....7.E....!k..................... ..s>... ..|........q....c...>...t...........~.....*.....P.x\....>..4....\i..#g....l.!.>.>.1.I.5.=.8.O. .<.>.6.=.>. .>.B.?.@.0.2.;.O.B.L. .B.>.;.L.:.>. .?.@.8. .>.B.:.@.K.B.>.<. .A.>.:.5.B.5...........2Messages can only be sent when the socket is open......QQmlWebSocket.......Q.Q.m.l.W.e.b.S.o.c.k.e.t. .=.5. .3.>.B.>.2............QQmlWebSocket is not ready......QQmlWebSocket.....:.Q.Q.m.l.W.e.b.S.o.c.k.e.t.S.e.r.v.e.r. .=.5. .3.>.B.>.2...........!QQmlWebSocketServer is not ready......QQmlWebSocketServer.......A.c.c.e.p.t.-.K.e.y.,. .?.>.;.C.G.5.=.=.K.9. .>.B. .A.5.@.2.5.@.0. .%.1.,. .=.5. .A

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtwebsockets_uk.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):9160
                                                                                                                                                                                              Entropy (8bit):5.203743355597705
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:KsuDSJlz/o4rQm9kG1T4zMmWMtnquu9+TC7ELM7xGPMuB8:JuDSlbo4rQm9jizMmWMthuwzLM7xGPMJ
                                                                                                                                                                                              MD5:43FEF171DFB7551C3F3395F0F431DB7C
                                                                                                                                                                                              SHA1:A30915BE271FBD601497DC6640128E9CD5497F8E
                                                                                                                                                                                              SHA-256:9734A5DFFB889911A5D9A6EB4EA8F81E5F78E48329CE2747E935BCDF7688D999
                                                                                                                                                                                              SHA-512:A9A6FC36464969656578AFFA80CB2349AD0BA6F8693E68BADA19928C98BC6AE93BEA65AF1E477B5C729CE2F2C3E84C1159E4E4174E5CFDE330B2058122A8E039
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......uk_UAB..........!........`...N...(. .....<.o...............R.Q......cn.......N......-...........]..\......`H......^.n..!..........-....k.@.......T....Y.Um......i........Z... ...........3....!.W.^...?.f.....Y..C....c.Y/....O.8.......`n............s...n.......>...=.................0......)._.............................1.............[........s>... 3.|........q........>...........6...~.....*.......x\.......4....bi..!.....z...>.2.V.4.>.<.;.5.=.=.O. .<.>.6.C.B.L. .1.C.B.8. .=.0.4.V.A.;.0.=.V.,. .;.8.H.5. .:.>.;.8. .A.>.:.5.B. .2.V.4.:.@.8.B.>...........2Messages can only be sent when the socket is open......QQmlWebSocket.....2.Q.Q.m.l.W.e.b.S.o.c.k.e.t. .=.5. .3.>.B.>.2.8.9............QQmlWebSocket is not ready......QQmlWebSocket.....>.Q.Q.m.l.W.e.b.S.o.c.k.e.t.S.e.r.v.e.r. .=.5. .3.>.B.>.2.8.9...........!QQmlWebSocketServer is not ready......QQmlWebSocketServer.......A.c.c.e.p.t.-.K.e.y.,. .>.B.@.8.<.0.=.8.9. .2.V.4. .A.5.@.2.5.@.0. .%.1.,. .=.5. .7.1.V.3.0.T.B.L.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtxmlpatterns_bg.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):112896
                                                                                                                                                                                              Entropy (8bit):4.997020376272047
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:1536:iBbBlkYXip2ldQufNHTowmxH/4AL3wJ1DVp3iOri8b1+rvfdHQdnEjUn3NOz2:iHflowmx/44wJ1DWu71+TdHQdnT3Yq
                                                                                                                                                                                              MD5:D3667421DE1F04AE65E9DB84C1A2BA50
                                                                                                                                                                                              SHA1:7B3601EA0B1FEC93A2F442D73F79FF01363B8013
                                                                                                                                                                                              SHA-256:A81D5D82308F771B280B4404B0D7BD57E83F124678EB01BCB69A6D70441949C7
                                                                                                                                                                                              SHA-512:0A37F6C1D66D2B9D9441DE32580EE9799A813A9F9E7B0AA32B51A063BF30289F2A4A9D2D8ABBB78D521B5F09168B58D7413D411EFEA31E2D71B7C31CEBC918F2
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......bgB..........;....Q..K...3...........JO.&S...X..*.....,.7....<..:9...p..M.~.....X.~..l..[;^...i.lG......rUN..:b..c...b:..W^..u(......K..........,...............Rn..;...T5......'...}...n......lN...........J.......d...>.....)9..............</...P&.A.......S...{T.X....j>.pE...9..p.N..V....N......I...L'..u...2........U......q...P.......0........N.."&..t....D..........e..............y#......^.._.......*.......@...~..K........W.=....x..@E....2.@V....H.B!...;@.W.~.....X........hN...I..%............%..9...........F...4...d...gN..C.................U...................#........z..^..........a.......B^......](.*.....f.+.N...x.6.......Ec.../..IQ....~.K~......\S~...Q.b....*..b....a(.m.n.....q.....G.{.>..]...R>..'.......................bh...>......+...@...,....v.........*>......S..........m>.......5..h..............O...q...-..........S...Cn..#....n..h...7^...,..0...s...H...&P..=...Z..0...n..5.>..w..8w......?....R0.BM......J.....=.R......^.......f.......r....l..s..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtxmlpatterns_ca.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):114190
                                                                                                                                                                                              Entropy (8bit):4.270947851538695
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3072:474u0NNhLPzC/YzuW9aF72/YjMYn6YsB+:KZ
                                                                                                                                                                                              MD5:48F3BA833DCCAE27909C74D51AF6BA3C
                                                                                                                                                                                              SHA1:1D709DE88DF0A6437419CE28F9A46CE2B0A42A9D
                                                                                                                                                                                              SHA-256:4AD435437D6B94696C40C2F1A949AC73F7A205F54371ED69AB92509D64036BC6
                                                                                                                                                                                              SHA-512:7E1D9C0BE4396E0B4A34F65A72D543A672732BDEB0593399430065F71642EB756AEF033D03C757012F2B7A4B20E9D67BE7D8FF72C6F17BBB051FCBBF155C653D
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......caB...(......<....Q..L...3...........KB.&S...X..*.......7....=..:9...tH.M.~...0.X.~..p..[;^.....lG......o.......rUN..?...c...g9..W^..u.......L.......@..,............-..Rn..AQ..T5......'....>..n......lN.......................>.....)9..............</...Q..A.....n.S....m.X....k..pE...:^.p.N..W....N......I...M...u...7...............r...P.......0........N..#...t....)..........e...........a..y#.......^.._..................~..Q6.......^.=....y..@E....w.@V......B!...@..F.R.....W.~.....X........hN...r..%............8..9...........K...4...e...gN..D.................U...................&........o..^..........b.......G.......]..*.......+.N.....6.......Ec.../..IQ......\S~.....b....+".b....b..m.n..!J.q.......{.>..c2..R>..(.......................c....>.....+...B...,..............*>...J..S..........m........6..h..............O...u...-..........T...Cn..'H...n..i...7^.. ...0...t...H...'...=...`%.0...oo.5.>..x|.8w......?....S%.BM....'.J.......R.......^......f.......r..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtxmlpatterns_cs.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):109606
                                                                                                                                                                                              Entropy (8bit):4.46612100380766
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3072:qv4x5nW1rIHoac0lMXQ13z4QTPfyjJDnk0UPfhfHP+x7JmdSjnO71YmkC:56Kp
                                                                                                                                                                                              MD5:266F405DB846839D79048AF37CCDF88B
                                                                                                                                                                                              SHA1:73E6EA7B89CB6B80132167822E62C458E19C24CA
                                                                                                                                                                                              SHA-256:37AAADA770EA1E9AA08D78E6B28D46CD2A39080985E945B07EC34227E1ADF0D9
                                                                                                                                                                                              SHA-512:FF763BA93532BC4ED742ABAF9C36F43FF5AB5792E608BFBCA81F24C1BB43B364E37DA3A844696E1A42795CDFF876C3A0C67260184771D5E172B320A83B475CEC
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......cs_CZB..........9....Q..Je..3...........I..&S...V6.*.....&.7....:..:9...c0.M.~.....X.~..^..[;^...Q.lG....&.rUN..1P..c...U...W^..rF......J......t`..,...............Rn..3"..T5...K..'...o~..n......lN..........wO...........>...1.)9....\.........</...O..A.......S...m..X....g..pE...7..p.N..UH...N..}...I...KQ..u...)...............o?..P....A..0........N...^..t...............e..............y#.......^..]#.................~..A........m.=....vS.@E...uu.@V...|..B!...2H.W.~...c.X........hN......%............M..9....F......<...4...b...gN..A..............]..U............................<..^..........._.......9z......Z..*.....B.+.N.....6.......Ec...-{.IQ....(.K~......\S~.....b....(..b...._..m.n.....q.....%.{.>..RE..R>..%........s..............`^...>.....+...>...,..........s..*>......S....n.....j...........h....|.........O...dg..-...........Re..Cn...C...n..f...7^...>..0...q...H...$...=...O|.0...lX.5.>..t..8w......?....P..BM......J......R.......^.....$.f.....?.r....j .

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtxmlpatterns_da.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1771
                                                                                                                                                                                              Entropy (8bit):4.627797023078565
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:Xg8ZJXPUiUKTmcgrUKTm8erMCDpeVy6DbKotb641pa3C3J2:XgeaxKTfgIKTvCDcVHfKotW418
                                                                                                                                                                                              MD5:0034512CC2FECD4C0BDE5EEA692642BA
                                                                                                                                                                                              SHA1:04DAA1E0D72CBAD8AC1466FFA8C98E40D43BA438
                                                                                                                                                                                              SHA-256:3E6716C2580F2FB877AD15B86A8120AD2C182275B6F6AA768B7DD1C5734BE6BD
                                                                                                                                                                                              SHA-512:0540E13D2B51684F3DBDC558277576F264D53AB9FC714D2B5C3CF7A808CF77B64741A386703BA52159710B0D7F1059E29EBA947E0995EFE1AD5B263117349ECA
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......daB...p.lG.......lN.......e.....F.R......%.......8....b.1.....y..l........~......U......v".....W.....8..I....;.K......i...S....l.".%.1.". .d.u.p.l.i.k.e.r.e.r. .e.t. .t.i.d.l.i.g.e.r.e. .r.o.l.l.e.n.a.v.n. .o.g. .d.e.a.k.t.i.v.e.r.e.s...........:"%1" duplicates a previous role name and will be disabled......QQuickXmlListModel.....4.u.g.y.l.d.i.g. .f.o.r.e.s.p...r.g.s.e.l.:. .".%.1."..........invalid query: "%1".....QQuickXmlListModel.....^.E.n. .X.m.l.R.o.l.e.-.f.o.r.e.s.p...r.g.s.e.l. .m... .i.k.k.e. .b.e.g.y.n.d.e. .m.e.d. .'./.'.........(An XmlRole query must not start with '/'.....QQuickXmlListModelRole.....~.E.n. .X.m.l.L.i.s.t.M.o.d.e.l.-.f.o.r.e.s.p...r.g.s.e.l. .m... .i.k.k.e. .b.e.g.y.n.d.e. .m.e.d. .'./.'. .e.l.l.e.r. ."././.".........1An XmlListModel query must start with '/' or "//".....QQuickXmlRoleList.....R.F.e.j.l. .%.1. .i. .%.2.,. .p... .l.i.n.j.e. .%.3.,. .k.o.l.o.n.n.e. .%.4.:. .%.5.........)Error %1 in %2, at line %3, column %4: %5.....QXmlPat

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtxmlpatterns_de.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):118069
                                                                                                                                                                                              Entropy (8bit):4.271846030676607
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3072:r3pEbButWD+nRsGJN0ZOvELSiocieMRuhmn2kzrcV4Vf:rZvZ
                                                                                                                                                                                              MD5:693FCFEF4283761AE07442EC81EF59A1
                                                                                                                                                                                              SHA1:59AC62380C806340C201B10A53231BEA6B2FAE86
                                                                                                                                                                                              SHA-256:150AE8A457D0B9D81847D71E19AD3B66674D723F3AC60B48A16537FA348B04EC
                                                                                                                                                                                              SHA-512:7096EFE28961C9B0BF334960502F43148DC59BA4300B17759F11FCBD6E7B9E6A9236432B93AFE430CCDA7BB1D727B581591667269ACFB900DC14E5226F10F1D7
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......de_DEB...(......@....Q..O...3....W......O..&S...]..*....(..7....@..:9......M.~.....X.~..}..[;^.....lG....y.o.......rUN..K...c...ta..W^..|.......P{......^..,............A..Rn..M...T5...f..'.......n...L..lN...................3...>...f.)9............[.</...UM.A.......S......X....q..pE...=..p.N..\o...N......I...Q...u...C........h......y@..P.......0....a...N..%...t... ...........e..........'...y#.......^..e4......;...........~..]D.......<.=.......@E......@V......B!...L..F.R.....W.~.....X.....\..hN...f..%............L..9...........X...4...k7..gN..G.......r........U...."......".......2........E..^...........g.......TK......b..*.....w.+.N.....6.....4.Ec...2..IQ....=.\S~...Z.b....-..b....gQ.m.n..,..q.......{.>..pP..R>..+,......................h....>...'..+...D...,..............*>......S....w.....t.......#...h....$......A..O.......-...........YT..Cn..2....n..o...7^..+...0...{O..H...)...=...m..0...u..5.>...l.8w....2.?....W..BM......J.....~.R......^.......f.......

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtxmlpatterns_en.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                              Entropy (8bit):4.0
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:j2wZC4n:CwZ
                                                                                                                                                                                              MD5:BCEBCF42735C6849BDECBB77451021DD
                                                                                                                                                                                              SHA1:4884FD9AF6890647B7AF1AEFA57F38CCA49AD899
                                                                                                                                                                                              SHA-256:9959B510B15D18937848AD13007E30459D2E993C67E564BADBFC18F935695C85
                                                                                                                                                                                              SHA-512:F951B511FFB1A6B94B1BCAE9DF26B41B2FF829560583D7C83E70279D1B5304BDE299B3679D863CAD6BB79D0BEDA524FC195B7F054ECF11D2090037526B451B78
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`...

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtxmlpatterns_es.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):114789
                                                                                                                                                                                              Entropy (8bit):4.206007696939753
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:1536:WR+SHTrv2ySsYwG6FR2rKFYMRY+0wiQn8JZegjqSY:WRBHTrv2ySsYIFR2roRY+0wiQn8J47X
                                                                                                                                                                                              MD5:49A3A61F88FBECA825E7E6454795645A
                                                                                                                                                                                              SHA1:C929CD5172A70469B8D8E17771B3581E736DCD2D
                                                                                                                                                                                              SHA-256:3A7E79139611AB4055CEDBD844B99561560B10B9C2E41A8EAEEB5A9A704D7C5A
                                                                                                                                                                                              SHA-512:58EC54D8AB466B73E5A3E9D1FD5C339ECD60D1A997AB0836ADF30F6415590510C9380B3EA577408FD171FC8A2853A0A2750BCCB69C17B1E9054BA45825454E2A
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......es_ESB..........:....Q..J...3...........I..&S...W..*.....\.7....;..:9...v..M.~.....X.~..s\.[;^.....lG......rUN..@...c...id..W^..u.......K..........,...............Rn..B...T5......'.......n......lN...................h...>...i.)9....\.........</...O..A.....n.S......X....j..pE...8..p.N..V....N......I...K...u...95.......5......r...P.......0........N..!J..t...........l...e..............y#.......^.._%......F..........~..R..........=....y..@E......@V......B!...A..W.~.....X........hN......%............e..9....0......Mc..4...eD..gN..B.......C.........U....}.......?......(..........^....a......b)......I.......]..*.....z.+.N.....6.......Ec......IQ....\.K~......\S~...-.b....)g.b....at.m.n..#..q.......{.>..e?..R>..&................!......b....>...0..+...@#..,...........r..*>...a..S....2.....m...........h..............O...x*..-...........S...Cn..)....n..iX..7^.."...0...tt..H...%R..=...b..0...o..5.>..x..8w......?....R..BM....4.J......R.......^.......f.......r....m..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtxmlpatterns_fr.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):115909
                                                                                                                                                                                              Entropy (8bit):4.236285230069747
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:1536:adL2T4A0nhOszafeF0rEUPryAvSelIXzdFnOshS7Rusm:eKYnhOszaf7rEUPhSelIXzdFnOsYUL
                                                                                                                                                                                              MD5:24D95EE203DF9728321F5BA52DD9857D
                                                                                                                                                                                              SHA1:F0E60063E6846F082559CB9BF8FFFFE1DE2A865B
                                                                                                                                                                                              SHA-256:FC5F279D5870BB244F70456C88B5E6A1E8BD990CBE4AD2EDD95BF3BC64913D96
                                                                                                                                                                                              SHA-512:D68BED242E4482C14205584A39333F5DC67D5A7BB76E9E71D40E35137E8043D3A565AA7F63765A461A46F9BAC433E5BECFDE6D8A076761EE0581CC83DBFC0136
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......fr_FRB..........='...Q..L...3....-......L).&S...ZV.*....#..7....>P.:9...z..M.~...q.X.~..wH.[;^.....lG......rUN..Er..c...m...W^..x6......M..........,...............Rn..G:..T5...[..'.......n......lN...........J...........>.....)9............`.</...R(.A.......S.... .X....l..pE...:..p.N..Y$...N......I...N...u...=...............t...P.......0........N.."X..t....4..........e.........."N..y#...P...^..aC..............t...~..W........i.=....|g.@E....&.@V......B!...Fl.W.~.....X.....{..hN...5..%....)..........9...........R...4...g...gN..El.............U..U....}..............-@..........^....K......d)......N......._B.*.....6.+.N...f.6.....}.Ec.../..IQ......K~....n.\S~.....b....*..b....c|.m.n..'k.q.......{.>..i...R>..(......................d....>.....+...B...,...........R..*>.....S..........o........3..h..............O...|...-....O......V...Cn..-....n..k<..7^..&...0...v...H...&...=...f..0...q`.5.>..z..8w......?....TV.BM....<.J......R.....V.^.....j.f......r....o..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtxmlpatterns_hu.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):115164
                                                                                                                                                                                              Entropy (8bit):4.37846370747933
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3072:7qmPpz/7DJAnwHE43DwgV92Necltm2vNEY5ihdhsEuaU9ouNJwQ3BKLf3xA4kP/R:Gqfil
                                                                                                                                                                                              MD5:112B7D3AB5215A58D759D05915C52DB8
                                                                                                                                                                                              SHA1:C3100996FF0C08E2743FC2D121A7410842A15877
                                                                                                                                                                                              SHA-256:561AE5F9C03221B5937D8E8E0C6F17A42ABB6E8C0DF78766D34F6DC8380BE5B2
                                                                                                                                                                                              SHA-512:95E9B61634939AB152D17CB4777A65732557ABFC2C2121D2AD3E83212A095BC567331FF2C989E9A3652ECCF383E503AB66BFBCAAF3B86825EEFE0F8E6BE75AE4
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......hu_HUB..........>....Q..N...3...........M?.&S...[..*....#..7....?..:9...x..M.~...i.X.~..u..[;^.../.lG....?.rUN..E...c...l(..W^..{X......N..........,...............Rn..F...T5......'.......n...;..lN...#...................>.....)9............j.</...Sv.A.......S....4.X....o..pE...<..p.N..Z~...N...,..I...OQ..u...=........}......w...P.......0.... ...N..#L..t...............e.........."...y#.......^..c..............4...~..V........G.=.......@E......@V....(.B!...F..W.~...).X........hN......%..../......._..9....b......P...4...iF..gN..G................U........... #......,........8..^....Q......f3......M.......a..*.....0.+.N.....6.......Ec...1..IQ......K~....^.\S~...}.b....,..b....eh.m.n..'S.q.......{.>..h...R>..)q.....................f....>.....+...DA..,.............*>......S....n.....rH..........h..............O...z(..-....;......Ww..Cn..-%...n..m...7^..&...0...y...H...'...=...e..0...t..5.>..~u.8w....E.?....U..BM....^.J.......R.....(.^......f......r....q..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtxmlpatterns_it.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5107
                                                                                                                                                                                              Entropy (8bit):4.44576456490991
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:CqqweDSxsfKsWF22r6ydGV8zjFKn5QRUoIJq:CqqweDSCKsB2raV8XFKn5sUoIJq
                                                                                                                                                                                              MD5:F470B2F1F5B7D35AA1A09BA8D0579E6B
                                                                                                                                                                                              SHA1:AC94FDDBA02387B2986C109519E02BEBE672A2A0
                                                                                                                                                                                              SHA-256:F601791B61265F2006CA7B7CCE0C27C6209F3DEA896CB90849ECF18ADB3BCDF4
                                                                                                                                                                                              SHA-512:D1D7CBCE11F9D5777DEF3B7CC888EBD7A0A47D4A39E1FDD8DE49AE54F48E06799F6FC1E38B80E377D4745789F92804785571AA4964CB8473BFB4AB22C60A4E52
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......it_ITB...(...Q...Q..3......&S....Y.lG....b..........lN.....S.......t....v...e.....W.~......%..............................at...x..8......1........hs......l....g./.......7.D...V..U..._..ON......b....[.P.....=.Z.....$.|........'N...M. .........n.....5.....I.W.......(.N...................c.K............<i........Z.E.r.r.o.r.e. .%.1. .i.n. .%.2.,. .a.l.l.a. .r.i.g.a. .%.3.,. .c.o.l.o.n.n.a. .%.4.:. .%.5.........)Error %1 in %2, at line %3, column %4: %5.....QXmlPatternistCLI.....&.E.r.r.o.r.e. .%.1. .i.n. .%.2.:. .%.3..........Error %1 in %2: %3.....QXmlPatternistCLI.....*.P.o.s.i.z.i.o.n.e. .s.c.o.n.o.s.c.i.u.t.a..........Unknown location.....QXmlPatternistCLI.....`.A.v.v.e.r.t.i.m.e.n.t.o. .i.n. .%.1.,. .a.l.l.a. .r.i.g.a. .%.2.,. .c.o.l.o.n.n.a. .%.3.:. .%.4.........(Warning in %1, at line %2, column %3: %4.....QXmlPatternistCLI.....,.A.v.v.e.r.t.i.m.e.n.t.o. .i.n. .%.1.:. .%.2..........Warning in %1: %2.....QXmlPatternistCLI.....8.%.1. .n.o.n. .p.u... .e.s.s.e.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtxmlpatterns_ja.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):81631
                                                                                                                                                                                              Entropy (8bit):5.614731932461831
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:1536:PabWYIhuaKWTfh4hcZBz6Ta6kCTSj6cnfio59etR0eL7nvThMk0gi0xO6:yjXaKWTfh4hcZATa6kCs7qo59etR0eL5
                                                                                                                                                                                              MD5:CCB8E1A0A333E63EF9E831EA6A202DDB
                                                                                                                                                                                              SHA1:B8FFE2E02A3BF126643C9F0B6E0231CA914261C0
                                                                                                                                                                                              SHA-256:A14796E1DDF516BE80AEC230047F653B760F756F21F8985FCC26BDFAD95CB2A6
                                                                                                                                                                                              SHA-512:6B15F43A23DE5C49A7C85680B035AE7C704F1B5F85B879F943401993433020E8CB2A3F618A547907C00B86743E30E2FFE3E128B4E38F2E0EC7657220C50432E6
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......jaB..........*....Q..53..3...!_......4..&S...>D.*......7....+..:9....7.M.~..y..X.~.....[;^.../.lG...+..rUN......c....X..W^..S.......5..........,...}........6..Rn...F..T5......'....Q..n..j...lN.......................>.....)9..............</...8..A...."..S....&.X....K..pE...)Q.p.N..=|...N..[...I...6...u..........b.......Q...P.......0...r....N...h..t...............e.............y#.......^..Cw......$.......H...~...u......n..=....U..@E......@V......B!.....W.~.....X........hN...a..%...............9...p..........4...H...gN..0J.....m..........U....................~..........^...........E...............B..*....{..+.N.....6.....y.Ec...!..IQ...x..K~... ..\S~..c..b.....Y.b....E@.m.n...;.q.....!.{.>......R>...y......................FX...>......+.......,..........*...*>......S...p&.....M...........h....?.....gx..O....B..-...........;}..Cn.......n..J...7^......0...RV..H....\..=......0...O..5.>..U..8w......?....:H.BM......J.......R.......^.......f.......r....Mx.s..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtxmlpatterns_ko.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):83097
                                                                                                                                                                                              Entropy (8bit):5.6930558797602435
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:1536:peCdoS2QaEsRUP1Iwc4aiJEGaDEcjd5Xc5I9iftDSRKNUAGiwyYIVEV7yiLoOst5:peCd8UP1Iwc4aivcjbzRAGi7YIuVGXnv
                                                                                                                                                                                              MD5:0974AB81D5AADCB12AEE5AC348871948
                                                                                                                                                                                              SHA1:9308E8D210403C781AEDAC008DA1A05FFF792FF4
                                                                                                                                                                                              SHA-256:E61F909698FE98BCF5BF399CF0E1A55E1854852D49543177B6B89C4938644940
                                                                                                                                                                                              SHA-512:F5C510BE25C0BA4295CED6FFCFCFAE36005666DE1C00043D78F74E628C94712C6D5966485E25EFD45D7B2FF938856C2C820DEEB4FAE648DB62565F186FE3B251
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......koB...(......-....Q..8...3...'O......7..&S...A..*.....S.7.....G.:9......M.~..~..X.~...}.[;^.....lG...0..o....&..rUN......c.......W^..W;......8.......$..,............]..Rn...I..T5......'.......n..p...lN...........C...........>.....)9....K.........</...<..A....(..S......X....OI.pE...+..p.N..@....N.._...I...9Z..u....&......g.......T...P.......0...w....N......t..........5...e...!.........y#.......^..F.......m...........~..........s..=....Y..@E......@V......B!.....F.R.....W.~...R.X.......hN......%...............9...v........J..4...KI..gN..3O.....r..........U....6...............9..........^...........I..............Ec.*.......+.N...[.6.......Ec...$..IQ...}!.\S~..hX.b.... ..b....H..m.n.....q.......{.>...0..R>...........l..............I....>......+...1Z..,..........08..*>......S...ui.....Q..........h...$......lm..O.......-...........>...Cn...|...n..N[..7^.....0...VK..H.......=....!.0...R..5.>..Y .8w......?....=i.BM.....J.....d.R.......^.......f.....~.r..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtxmlpatterns_pl.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):110977
                                                                                                                                                                                              Entropy (8bit):4.436969819934516
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3072:NO2wzbQXQszKuHIKJZtdIP10UKwrZjZ5ngqLq9dRV:NUgy+
                                                                                                                                                                                              MD5:2D06E4DE3CE387E78B4C776C156CE94D
                                                                                                                                                                                              SHA1:282E75F5565F66288B236DB7D3A314290D8F1A99
                                                                                                                                                                                              SHA-256:DE3B45F1CF7864FF3FB1C26DF3BDCA43374826C421E94227E641CB0D5935268F
                                                                                                                                                                                              SHA-512:B65506A6BD8E549500F8F89552DE1249671C2823EAD1141A2B5175862BE19AF3278EE7C034CD90EB916D979233A64B60A70105132E08BE6D75D99D3B26F5C465
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......pl_PLB..........;....Q..Km..3...........J..&S...X\.*.....t.7....<..:9...j..M.~...q.X.~..g~.[;^.....lG....E.rUN..7...c...^@..W^..u.......K......|...,............Z..Rn..9...T5......'...wk..n......lN...........>.......H...>..._.)9....z.........</...P~.A.....x.S...u..X....j..pE...8..p.N..WT...N......I...L...u...0q..............r...P....k..0....d...N......t...............e...........T..y#.......^.._...................~..H..........=....ye.@E...}>.@V......B!...8..W.~.....X.....y..hN...3..%...............9...........C...4...e~..gN..B.......#......{..U....k.............. ...........^...........b.......?.......]..*.......+.N.....6.....W.Ec......IQ....".K~....*.\S~.....b....)M.b....a..m.n.....q.......{.>..ZG..R>..&O...............y......c:...>...6..+...@1..,....F.........*>......S..........m...........h..............O...lN..-....Q......T9..Cn..!....n..i...7^......0...t...H...$...=...WB.0...ob.5.>..xA.8w......?....R..BM......J.......R......^.....P.f.....o.r....mJ.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtxmlpatterns_ru.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):107618
                                                                                                                                                                                              Entropy (8bit):5.05303500283018
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:1536:RMrjzYd5AxbcXBMhIKDIaWmS6QC2yMmlpPSMx2yD5B3jUuFswKj7D7TnFfwiKxvB:R5GAKDIaWmkC2yMi2k3jzQjn7TnEFgm
                                                                                                                                                                                              MD5:C14AD2A9E2AE1A2B842A484446630E91
                                                                                                                                                                                              SHA1:A4B2F475782E0952FB0C26F78E93B47238BCED26
                                                                                                                                                                                              SHA-256:A1D23444D4C12ED9C076C820058759D1A8D3B920AB1C2BB83F6DE0CF0C8DB1C3
                                                                                                                                                                                              SHA-512:A9707BC38E6CF18E700B33439AE159E8816F4D04A979272BDAB81D20992DB5C40639E43D307B276436819734DC5136B33456E861498885EF223DE15BC3977FCE
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......ru_RUB...(......:....Q..J...3....E......I..&S...V..*.......7....;u.:9..._..M.~.....X.~..\U.[;^.....lG....e.o.....i.rUN..-k..c...R...W^..s.......K......p...,....d..........Rn......T5...p..'...k...n......lN..........sO...........>.....)9....A.........</...O_.A.......S...j1.X....h{.pE...8D.p.N..U....N..~...I...K...u...&........p......o...P.......0........N..!...t....9......k...e..............y#.......^..]~.............]...~..=........N.=....v..@E...qo.@V...w..B!....M.F.R.....W.~.....X.....$..hN......%...............9....S......7...4...ce..gN..A.................U..............................^....j......`b......4.......[..*.....u.+.N.....6......Ec...-..IQ......\S~.....b....)D.b...._..m.n...V.q.......{.>..N...R>..&.......................a....>......+...?l..,..............*>...6..S....[.....ku..........h...}.......#..O...`...-..........R...Cn...*...n..gQ..7^......0...q...H...%...=...K..0...l..5.>..ul.8w......?....Q_.BM......J......R.....-.^.......f.......

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtxmlpatterns_sk.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):33325
                                                                                                                                                                                              Entropy (8bit):4.48355815890089
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:768:ENT2KN2MhsXRW737HTszECSZJuh3nhVKlsHyVv:ENf4XI737HTszECSyh3n/AfVv
                                                                                                                                                                                              MD5:7E2DB66340A1B4D8954296745A5EF012
                                                                                                                                                                                              SHA1:01845322376154DFB86F151B0750C119B26DB83F
                                                                                                                                                                                              SHA-256:5A3E47B6773BD53FEE967F5F1CE18395229A12AF11CABC9E22684E58BDC37872
                                                                                                                                                                                              SHA-512:224A158EE2812995EDE9648E1F139C4E40820162EB43068880AEFABD13B3CE7E3B0F7E3189DF4A16869F2412955C5C3778084A261E04B7B945965037CBBD0E78
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......skB.......Q......3...u^.&S......:9...l..X.~..h..[;^..:..lG...{...c...a{..........lN.......>..2..</....:.A....v..S...p..p.N......I....q..P...7D..t...=....e..........A...y#..0-...~..OU.W.~..;...%...........L.......H-......-'......#.......!..Ec....1.m.n..C..q....5..{.>..]...+....N.....{J..O...mW..........=...[..?.....`.^....*..s.....\..2....E..N...v?..at......8.......G>..i.......k_.._...W.......sf.&.......)......N.>../....n......n...@w.....wt..{...%"..m...V.. `...o..1....|c.T....Q..]........hs..AX......U........D..l....Y..C...1T./.....s.3....j8.42...8..7.D..pb.:....L*.I.N.....V7...'...VN..4s...N..by......=.......U..U..|...7...nT..v...r...e~..)...b......-....Sq.P....(..Z....?...J...QE......D...(...t%......z9..'N..F]..+>.._.......n..S.......Tg...........6?..)...&...F>...n..l~..... ...../.5....4..b....fH.w`N..xN..=...dV...n..&...>>..F..R....3..W....|..x.R..........M...r...'....N..J..v....N........|......c[......I...e...!h..hN..J&......e......Ew..Xt..Y....n..h.....

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtxmlpatterns_uk.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):7942
                                                                                                                                                                                              Entropy (8bit):5.134546755837269
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:JcUZDdKhrMc5nsy2JPkvj27hDASMrkcWPflvkdQdUbuIxn9b:JcUNdKhrMc9s7JPkvj6UBkdp0R
                                                                                                                                                                                              MD5:04115F8A9231BD56A887F90F567271A6
                                                                                                                                                                                              SHA1:D6AD140609AFFC70D5FDE13CD4F0B41841DF9A7E
                                                                                                                                                                                              SHA-256:6E5430B1F1A492E750EBC023984DF45E9A88F3DBA7D68BE49EFE1299958D59EF
                                                                                                                                                                                              SHA-512:6B4BBC7D8FB036A995B6187543E6B179C0A8D552A8FBCFDF2D617858FCA231BDD5A2DF19372B3FC4D5B40D52FE37503BFB707117B6361EB2B6A4E9A04B4BA25E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......uk_UAB.......Q......3............:..lN.......>.....S....Z...e......%............1.................8.......G>...e.O.>......m......1.....p.X.....n..h.......l....U./.......7.D.....nW............:..U.....P.....~.|........(.......'N...Y.......Z..)......<.........n...h..>>.....5.....6.j.........N...m.......6.......e..Xt.....#$....L.%.n.....(.N.....C.n...................-.K................4^..........~i...H....R...>.<.8.;.:.0. .%.1. .2. .%.2.,. .@.O.4.>.:. .%.3.,. .?.>.7.8.F.V.O. .%.4.:. .%.5.........)Error %1 in %2, at line %3, column %4: %5.....QXmlPatternistCLI.....&...>.<.8.;.:.0. .%.1. .2. .%.2.:. .%.3..........Error %1 in %2: %3.....QXmlPatternistCLI..... ...5.2.V.4.>.<.0. .?.>.7.8.F.V.O..........Unknown location.....QXmlPatternistCLI.....V...>.?.5.@.5.4.6.5.=.=.O. .2. .%.1.,. .@.O.4.>.:. .%.2.,. .?.>.7.8.F.V.O. .%.3.:. .%.4.........(Warning in %1, at line %2, column %3: %4.....QXmlPatternistCLI.....*...>.?.5.@.5.4.6.5.=.=.O. .2. .%.1.:. .%.2..........Warning in

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\Qt5\translations\qtxmlpatterns_zh_TW.qm

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Qt Translation file
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):30964
                                                                                                                                                                                              Entropy (8bit):5.804820691669804
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:768:vTsdLKjhq50m22GtmG/fRHnQjacd2DNYZ:71w5n2ltmofdnod2DNe
                                                                                                                                                                                              MD5:49CFDEEE8838029F9D2E39FBC0153609
                                                                                                                                                                                              SHA1:F336B7EE575AFAD175EB692A7F5FCA3A56551BB1
                                                                                                                                                                                              SHA-256:56C7F131446FC96E0F1BD7B99373C3630A392C833F973EDDD83EAFE68EDCAB79
                                                                                                                                                                                              SHA-512:C8E076DAD8C299B52E8C562E23EAE7B4D40786D4D5515C4413F57DA68EAA73B4D599864D959E01062814266FCEAF60BA1EB7902430BBB5FB5B76C0DF17C1501D
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:<.d....!..`.......zh_TWB.......Q......3...j..&S....C.:9...a..X.~..^..[;^..:Y.lG...q8..c...Y...........'...g...lN.......>..4..</......S...fw.X....!R.p.N......P...8...t...=Z...e..........?...y#..2....^.......~..LV.F.R...V.W.~..;..X....;<..%...........I...4...........E.......,...^...0................m.Ec....^.b.......m.n..Aw.q....7..{.>..Wh......%...........+....C.....p...O...a...-...(....n.. ...7^..A...=...U..?.....5.^....'n.s......../^..G...2.......at...W......6...r...d...8....v..G>..`?......`..._...S.......h..&.......)......*.4..#&.N.>..-..dI..._..g...........,....n.........l...{...........;...m...S.. `...dV.)...(..,8...l..1....q..T....Nl.].....8..hs..?.......Rf..........-n..c...l.......C...3L..2.......?...[j.'V...Q../.......42...8..7.D..e..:....H..I.N.....V7...$..w....!....~......VN..5...L>../....N..Z=..............2..U..r...H...>.......M...v...hP..ON..<...e~..&{..b......-....O..P....%n.Z....?/.`.N..K...J...M.......B8..(...i.......o'..$..."h..'N..CU..+>..X.......c8.S.......

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtBluetooth.pyi

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Python script, ASCII text executable, with CRLF, CR line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):84809
                                                                                                                                                                                              Entropy (8bit):4.951965781716854
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:535NcNYurHCmGLh3cFVms/KB975W6noGnCJnRsOTn8jl1c/CmhvjkytJ67RfIDUB:5znCVmujDU8YOE
                                                                                                                                                                                              MD5:34E5284FCF12EB35C22D0BE2F0CCADAA
                                                                                                                                                                                              SHA1:6408ECA068BE12D87829C44D49FD6D3E77844A2F
                                                                                                                                                                                              SHA-256:2BE2758A722EAA254A20C1C9B2842D47EEFEFAF47F0B16E74A24627E202F70BF
                                                                                                                                                                                              SHA-512:B2F0A9D7702F77E40BB3F17E52C9DB0BD2C9FEE22858A7D47D3126BC763C1D0D94A04A034B5B3C9EBD7A4FBA56B2F0FCD3B8586C4ED442050044AD0F238C1DEC
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:# The PEP 484 type hints stub file for the QtBluetooth module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import QtC

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtCore.pyi

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):495176
                                                                                                                                                                                              Entropy (8bit):4.932633856236813
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3072:h95rWpIxGnQJVyFnuFBSXLjSFBiRrmYtIB6mkS6XjCX92+Ui+86hn4wuD0Fmdk97:z5CdUQ22jUyZ/WTLs2h26e
                                                                                                                                                                                              MD5:5F08DF315D78DD033788FBFD8EE2E98D
                                                                                                                                                                                              SHA1:EB0F1C0729CEB4ACA6026AF80EE7EB74771C4FFE
                                                                                                                                                                                              SHA-256:E837DB1174523E3068C02C926769FC33343B318E462713B7FAC9E04294AD9165
                                                                                                                                                                                              SHA-512:A1E8018DADB0E91C5FAB991EEC2D2E3B7A0A32CA9E78B6BD1BD401AB26F973823507C96C371B130D38D28A2F513B5063CBB0EE7D52F4502A365004C868AFC7A2
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:# The PEP 484 type hints stub file for the QtCore module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....# Support for QDate, QDate

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtDBus.pyi

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):28766
                                                                                                                                                                                              Entropy (8bit):5.027613478694707
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:768:e5yXI92S5yXI92E5yXI92LQydXBDEcSVI:e5yXI92S5yXI92E5yXI92TXBDEcSVI
                                                                                                                                                                                              MD5:829F7B83EAD1B98575F2227CA54FB8B0
                                                                                                                                                                                              SHA1:B474673324AB31DDAA1318865646756E11736315
                                                                                                                                                                                              SHA-256:25772D981197EA8F2DD8ECEAD576FC5F40982542F504D3201C5BF8F1F41BAFED
                                                                                                                                                                                              SHA-512:8B63E12B03188FEF035810F41BBB7CA7DE62E35574E5FA9937D69BB89A33B8C10FC3B5328DBA82DA485C926975976714D89824FA1DDE66F18FFBA0A9C793D933
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:# The PEP 484 type hints stub file for the QtDBus module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import QtCore..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtDesigner.pyi

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):25935
                                                                                                                                                                                              Entropy (8bit):5.0208351623574226
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:768:B2RtKsRv7hDRY4O02Q2oaRwjBV19KQJWr:wRtwQJWr
                                                                                                                                                                                              MD5:4F55711649C09BA22EC2A22E49FB0173
                                                                                                                                                                                              SHA1:E0016B858A90357CC904A4A528F314C9960E617F
                                                                                                                                                                                              SHA-256:710CEE1AFCF8CF07AE0AF711492E912EF2072620B786E2BFEC4B29FCBF23CC55
                                                                                                                                                                                              SHA-512:E013AE5ED1AA4942FE784725984C9D5288C5222808FA833B648DB69874DA9E1FA22AA724825F0AF387A653F4FE31606D35154C8CE4EFD1955E90D75A7A866334
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:# The PEP 484 type hints stub file for the QtDesigner module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import QtCo

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtGui.pyi

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Python script, ASCII text executable, with very long lines (483), with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):481338
                                                                                                                                                                                              Entropy (8bit):4.996193093600954
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3072:f1R8ch3vZb/mzz40i09+HEebWH9oraU4SRy4i4GW7PpDJwmohcr3/7v2516lYwzB:f1Cknv416lhR4jNC
                                                                                                                                                                                              MD5:2DFCBCF3071D54E6F34ADE6665B967CC
                                                                                                                                                                                              SHA1:3012DB2FDBA0535746905AA8CFBFA9BD184CF27C
                                                                                                                                                                                              SHA-256:14FF718AE3306202AA53988DD52311BF96D3CB64DDC41BE839BBCDCE4CBCC336
                                                                                                                                                                                              SHA-512:B6D855C3C81BDD94C8B3C2600A2B970FED945EB917A45F25E82A7EEA0041C5FB86D6A7600EF226AE28EF3EAD9263C97AA70AFB9E4E5192CF4341F323B504E64A
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:# The PEP 484 type hints stub file for the QtGui module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import QtCore...

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtHelp.pyi

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):14678
                                                                                                                                                                                              Entropy (8bit):5.041367871169897
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:Fi/KV/7VEAAMXtJzKiOwQxqS9tg7gMMRqk3XuLlhaQojsoLUuSCAerNtuHIYL4/X:g8f5UqSEwQlui1q
                                                                                                                                                                                              MD5:5E957CFFD00D2E1913B314BCCD7528C8
                                                                                                                                                                                              SHA1:28353854ADFD99DE1C68835AC28B54890D53163E
                                                                                                                                                                                              SHA-256:3EB59B181403BD016E235C2B52673F0E4B03D5BEB1E8FF96446832C867CCBA4E
                                                                                                                                                                                              SHA-512:90ACB61ED07EAE45589BBE1E1CB8F46C1046517F02037848BA035163F45EDF6374F95B1DC1356F52F52A37E4C9D412EBDDFBC043E783CA5F77982AEE1CB1044E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:# The PEP 484 type hints stub file for the QtHelp module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import QtCore..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtLocation.pyi

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):69136
                                                                                                                                                                                              Entropy (8bit):4.959766689017327
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:V6iqKakPkW0bM9GhEGmFAzG/IYWmRMpZgU1819X6FikXVHLePt2+ut3d7Wn8ncTw:V6N8gPLwmRt
                                                                                                                                                                                              MD5:2434E56FE3C0D1DD85E44A0DE1D85950
                                                                                                                                                                                              SHA1:0EA939A34DFB495E63644942341672D68124007E
                                                                                                                                                                                              SHA-256:8E03F5E8CFDF71D8E4AE477051D14277E8FFBA407F322DB4C41D1E864AEBB6D6
                                                                                                                                                                                              SHA-512:7DE8B018AEA7B11153899FACAEE6DEE2BED84CE74B493A353CAF01B3E702CED5D19A7D784B4906052E6F3204A54CAD37F0BC2ECA82796B5B50841D34CF27F237
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:# The PEP 484 type hints stub file for the QtLocation module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import QtCo

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtMultimedia.pyi

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):127575
                                                                                                                                                                                              Entropy (8bit):4.988563612449011
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:768:rh7g7shAmEmwph8rwuh/JOJsPOSwPnNfCN4im0UglSJl8MUx6EUBee2gGT8Rkcnu:rh7g7sOmEmwNNf6Q7YxwtQfGBS/lzb7
                                                                                                                                                                                              MD5:59C04D87115F6992B7E0F683DE12D135
                                                                                                                                                                                              SHA1:983D461973A62A46591491616ADF0046640F1118
                                                                                                                                                                                              SHA-256:320292EA9399CCCF766F2DEBBE6653EAE2F718F8BA9D50892E2A5896A9F50866
                                                                                                                                                                                              SHA-512:D646FABAB4AA7D636C85BE6A920401DF0B1797AAE7E6E58061875E5201696A26F81411BD238F0A8A5C3877A48694B70244B795337DFB5F7774C2A1B3091650F7
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:# The PEP 484 type hints stub file for the QtMultimedia module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import Qt

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtMultimediaWidgets.pyi

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):6265
                                                                                                                                                                                              Entropy (8bit):5.091298640947261
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:fn98WQ+zPv6y9Vc0Mo7XtgrpnBW632UBmWW8mT79mDZOtL9Yoada5LFYRdozmV6b:fQ+rzMoTtgJ/8//t5J2zozmVtK9rl
                                                                                                                                                                                              MD5:F170F9318340992F8FD8293C1724AB0A
                                                                                                                                                                                              SHA1:FD3C8218278A71E9296D38BC24D4817C653C5F53
                                                                                                                                                                                              SHA-256:2E1C90200B56B15E316EA892459A6506FD95494317680943CFD7D9AF523EF7BE
                                                                                                                                                                                              SHA-512:B533B43CD05327B7D0E20B74D0F2E6C93D35C13425B68B5096C13E026601D8BE31911169223C1374626C84B5CCBC8D576A24A2069500A025BF5B52F8F66EE342
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:# The PEP 484 type hints stub file for the QtMultimediaWidgets module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 im

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtNetwork.pyi

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):120247
                                                                                                                                                                                              Entropy (8bit):4.996746424487988
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3072:rGjshDiKohL8aww+hIn1M8SlPjuFuEAfue4pO4vOD:Eo
                                                                                                                                                                                              MD5:A241E980292483E3391B656FC2877527
                                                                                                                                                                                              SHA1:CE32F9ECCF32653B5F41CCF57D3994F40F1645C3
                                                                                                                                                                                              SHA-256:DD9B0564835A32A262F01378FAB2D72B7F10402411CB8D9BD05460A53E53F50E
                                                                                                                                                                                              SHA-512:FF68636EBE65995699114ADA62043B9D2CBBCF1DE8CE83CD8DA09F95A5BD40FD3140845EFA99A7495B5AECD8EA8419DBCEEBB3D6B60F2226EB780733E598F32D
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:# The PEP 484 type hints stub file for the QtNetwork module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import QtCor

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtNfc.pyi

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):22944
                                                                                                                                                                                              Entropy (8bit):4.961460069474576
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:NeDwXhIlhbSMTZjopjSdYBOsBFhGA3re+brB7FhsDPTrFFhHFhQsMm:ioM1S+jopjSdjsTkA3pBp6DPHXDR
                                                                                                                                                                                              MD5:9A1BC2995B2084C8E67638AC183B4370
                                                                                                                                                                                              SHA1:D28E23439C0F1466D1F89164730BB84347C68B8E
                                                                                                                                                                                              SHA-256:4C058A3E36389868074E26DC20DF3B6B3640045F97EC64E40F85D5BAAE27E757
                                                                                                                                                                                              SHA-512:8D04DEC9B9E815967E9F4F8F93D73DF302F288145ED3D36520FBBF6DD4250ECAA60BEC9BFF7183613113D061DD4B05115882899855531C939C85BBBD2FDD1918
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:# The PEP 484 type hints stub file for the QtNfc module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import QtCore...

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtOpenGL.pyi

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):18966
                                                                                                                                                                                              Entropy (8bit):5.001019475276939
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:didFhkeOJFhahIUVCE54XolgUDrUU8gVyFhWW4+dnO+OnOC4+db1838DGz5:C6eObwxCJIVM5RdnO+OnOCRdbmMDGz5
                                                                                                                                                                                              MD5:F94A9F69A9D424688CC218CB607AB393
                                                                                                                                                                                              SHA1:7C4B975F0C82FFA14EE7D995C0DFE326A758FF68
                                                                                                                                                                                              SHA-256:781A4A4D4EBD2581CB33C3171752F818365BE3638C0F30911092DCF16F96A827
                                                                                                                                                                                              SHA-512:1E777C0A232E03635DC7934450733C0D4501F90827C02BB9A4022F73B621A4FA6F636A7A4284A063E6D9C4705F2574740DBE5290C60EE06850C98657B00F5CF9
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:# The PEP 484 type hints stub file for the QtOpenGL module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import QtCore

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtPositioning.pyi

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):28425
                                                                                                                                                                                              Entropy (8bit):4.909609153248318
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:UHdl6TD0peZJlXMqOhsHAM/M7XMGME133w:jnldgycf9m
                                                                                                                                                                                              MD5:45ECA7C2A16B9628B1FB0D472AB97338
                                                                                                                                                                                              SHA1:DA2792BC29E3A51367DA5B50DBB09318DC4DE14A
                                                                                                                                                                                              SHA-256:91B46711B582EC848460FA90002CC092EC4936EE4A1F8635BC2EA5510C27F8C2
                                                                                                                                                                                              SHA-512:8C599AD8A3935F820C34C3FB5B16E5C7EE559270610A82447785899030F810C486C2F4DD18FD988BF52C0908DF6890FD2B6BD117C1B491A435F8B81D1743A1CF
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:# The PEP 484 type hints stub file for the QtPositioning module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import Q

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtPrintSupport.pyi

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):22042
                                                                                                                                                                                              Entropy (8bit):4.9103398738389075
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:wi6eFhKCqls1MsH0eJAE2JzBSOyxpcUqBhQ6aO4PejFg1FjGxYd:dgczHGxdUq7QxbGjF+Fj/
                                                                                                                                                                                              MD5:9F7E136367076DBCFDE1E8A9565C5FC4
                                                                                                                                                                                              SHA1:F037FDF6615E7131FB22D6DFF635947C8A6CCF42
                                                                                                                                                                                              SHA-256:894AA8BF8AF20A917225C0B4C754BAB6D4755648BB82BF573832D6080BA18552
                                                                                                                                                                                              SHA-512:9B8478EDB07DE13F8A1B2FE2542276C396EA8F9B9BB65E4B2C4A7BC6BF751BB5C80F440078518419316401F39460542AFC6B9E9010B0F556514377A86240EE70
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:# The PEP 484 type hints stub file for the QtPrintSupport module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtQml.pyi

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):34234
                                                                                                                                                                                              Entropy (8bit):5.025179562647691
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:WAfFhPDOUrrLOmNAJnUHU5UnRU/5MaV78/bAUWHZiiFhsi2ui2zi2Ki2hi2ei2Ie:XfrLdeJnU0KiCoD57c0QzF9RUPU8bb3
                                                                                                                                                                                              MD5:738B05E8766BDA08C9F06014743414E0
                                                                                                                                                                                              SHA1:56FD9BD51A0B6A020A780B416DCB83EE8B67DFAE
                                                                                                                                                                                              SHA-256:4499542F4C33E6F63798F0BCA568D413F3EC47F30CB16E1D2768C23227A58622
                                                                                                                                                                                              SHA-512:3A0C07FE025E56C0BBADBA772499FE3525A63F4D33C42A76E411EFED34D75D5BFFA1084B3FD3DFA01FBE4D3282905C6205E62A53ADAC6D55AA9DFFBA8589B28C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:# The PEP 484 type hints stub file for the QtQml module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import QtCore..f

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtQuick.pyi

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Python script, ASCII text executable, with very long lines (314), with CRLF, CR line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):94321
                                                                                                                                                                                              Entropy (8bit):5.032666661993892
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:1536:JR70Tv04Gknkj+EFEqKEqxEqYEqNEqiEqMZ1TLE56E3NSE+NM8xVAVj/1O1Tz1To:JR791J25Evk
                                                                                                                                                                                              MD5:99436C7E7BE27A413EA4DC9C8CD6E5A5
                                                                                                                                                                                              SHA1:AB28037C1BFBEF6C97766FD9942FCD7DD216ADEC
                                                                                                                                                                                              SHA-256:1272F4BE16E7F67F25292DB2489888ED8CC6F1A87D2781C0833DCF97DFA05FA2
                                                                                                                                                                                              SHA-512:4CCD0DFDDCE84E33157F936310BB469E4B8A46B5E4B2292A2F2B84F0D74815D99AA90FFCF0015851C521BB19EAE091517C3C8BE2F9ABA0D205932A6B512E65D7
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:# The PEP 484 type hints stub file for the QtQuick module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import QtCore.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtQuick3D.pyi

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5694
                                                                                                                                                                                              Entropy (8bit):5.06152388938038
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:DQ+rzMoTt6/pT7BV/6haFQ/3G+Ya+FQ+Fp+Fl+FI+FB+FmH+IFzQvZ4iGR0+oWYX:sJPXKWfSmi+AB
                                                                                                                                                                                              MD5:F8EF22B3DAE8A3D46633AF6BA95FC86B
                                                                                                                                                                                              SHA1:DF6354CAB95326781D85716053834E0305AE2DCA
                                                                                                                                                                                              SHA-256:E44987E9AD84D12ED394F11644ADE63D05848E5DEC62EDF5C1F816A754E1B1AF
                                                                                                                                                                                              SHA-512:B2F484D25AF343C243DCF185DAB1547BE78F2CEDD1FD30F4FC9558591F8C36C611C061796086765A582826749D85E0EF567B64E519F9F53C981604CBA45A9062
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:# The PEP 484 type hints stub file for the QtQuick3D module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import QtCor

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtQuickWidgets.pyi

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5205
                                                                                                                                                                                              Entropy (8bit):5.1499975332010255
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:FQ+rzMoTt1kJ/4MAI578GJckNsNMbzOo26uq:C5QM9ckNsNMbzZ2o
                                                                                                                                                                                              MD5:3F73154D4024B9150A11F6E7D7EC8987
                                                                                                                                                                                              SHA1:42B7ED01AD838A20D837680AC1C2C8056D0F7C73
                                                                                                                                                                                              SHA-256:F51C144038DE8954F1155D64858DF450A786CFA0A56D3D7B2D99E4386520CF81
                                                                                                                                                                                              SHA-512:1E429C2DDFB77714286C5E07608DBA98396CCA32D5F02EFCF84FB185D8A7B5D1898A8BAF7D48342B52A8C427369385A436492DBFCF99D573496AA9424752B2A7
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:# The PEP 484 type hints stub file for the QtQuickWidgets module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtRemoteObjects.pyi

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):9713
                                                                                                                                                                                              Entropy (8bit):5.037952296677492
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:6ecoBLo5MUy1cpks65q5LzcMacZc/P1leLoBEE7/pLjnT9XNVcPD01c6FxVExscM:OCL5eDaUwXNVesfR3uXuy+n
                                                                                                                                                                                              MD5:9DBA0D943E7B7ED4B5332843885A895D
                                                                                                                                                                                              SHA1:AEFD95D16F1A47B39562F0D31468E04246C41944
                                                                                                                                                                                              SHA-256:4DFECD3C34F0435CD396ABEC72C6724E873A6CF03BB5F3E34A238F74DF711E26
                                                                                                                                                                                              SHA-512:CF2C489A5BF45421A994776ACBB66C6DA4EB85310448E0F7331B14C154875B7A936885C12E00A28A789E2A58D62D928090D7F2DC1474DD07A2043A9653CB12BD
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:# The PEP 484 type hints stub file for the QtRemoteObjects module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtSensors.pyi

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):21995
                                                                                                                                                                                              Entropy (8bit):4.960948031686204
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:7LgdC3K65bwVmlbGrhJsO4INy/0GcOuYH3UrNr6v8RV0bedxqsn:7LVKYNO4INy/0GcOuYH3UrNr6v8RV0bQ
                                                                                                                                                                                              MD5:903F99DB861617FCAFE92E2A38A01041
                                                                                                                                                                                              SHA1:F6E4FC589427C6AB25599FD44CE7CF551564D900
                                                                                                                                                                                              SHA-256:D9FCD545246777C829BF7889C644D03F5DE481D07EE7A04E8161D71391AD73A7
                                                                                                                                                                                              SHA-512:D164066F3B0DB637D9E898E9F14FDC453512C3CE723C19D03F0D4AC5952E415C12FB1DC86A23AC967FD209A7A01086814E069B695F3FB73D4CD448B0E06032AE
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:# The PEP 484 type hints stub file for the QtSensors module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import QtCor

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtSerialPort.pyi

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):12820
                                                                                                                                                                                              Entropy (8bit):4.912132590676314
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:VewYCb033MDLLkSX2QNyoslSnO38MLpFhEFh2IDDSBEUBS:PYCb033MDLLkSXBAAfZ
                                                                                                                                                                                              MD5:B7903C0B12A83E8D81EC038C9EDB0B8C
                                                                                                                                                                                              SHA1:E8C6110A3D27B9BA9D2BBBDAC1021E4537CFC72B
                                                                                                                                                                                              SHA-256:12396CB4CE078CF2DBD45EDEEAAEFA35DBA2938883F6484F236787E8E50A1C96
                                                                                                                                                                                              SHA-512:7D8EE4B62A37E58F5862A6067C9476A2BCC284AEB8F765594545DFB944066640875C3BE7D153739006CA8D5EC03EC5DC8D78032D3D8F945CCD6BDC2F01BAEED2
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:# The PEP 484 type hints stub file for the QtSerialPort module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import Qt

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtSql.pyi

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):32373
                                                                                                                                                                                              Entropy (8bit):4.941939889619284
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:EfO4d+Rhrr/A+AoI5zAmB1zowecKynTosaqE2g1xd0QDudkbcnutO:k0n/A+hI5smLo+K0BGNxd0QyT
                                                                                                                                                                                              MD5:5F7173E1FF4DD35C0C776766F2175714
                                                                                                                                                                                              SHA1:C2454C41B30C926505120CA8CE783A9F1287D33C
                                                                                                                                                                                              SHA-256:97821529CA098F74BFF89CBA08DDA03C7B85354000D6D356291442C5E8B5FEAC
                                                                                                                                                                                              SHA-512:81AA806B2260FB98082031408F72F436CCE3AB084A4F111777179BE4EE828464DC8E0E17422D1F97F93657CBD0B6D4F8778A83B82AEE66A6B30200FE6F5B1DB9
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:# The PEP 484 type hints stub file for the QtSql module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import QtCore..f

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtSvg.pyi

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):6756
                                                                                                                                                                                              Entropy (8bit):5.06031973303669
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:75Q+rzMoJ/smjbozd6o06ohBIfurLQAIFhwXDuIueKlXfomGYbjb/EXe9I+DPdA:7GiToB6o06ok8QfPojr
                                                                                                                                                                                              MD5:E138C39B94E2298AE8939265EA28C9F4
                                                                                                                                                                                              SHA1:25B7268CF0C1CB375D05C9AA39929EC91D868B26
                                                                                                                                                                                              SHA-256:7F0F276D3F17A981048A6C6165B7403BF2E433F5A5A2CB2D9077A449ED9AEB80
                                                                                                                                                                                              SHA-512:C4880FCD609F0074CEEF770C9974634CFFF1C1F166469A9A2D653F20D4D39E0B2BB0CBD359E195E44BB6014FB9401E557644802BC97AF577B49A073B2D27B6BE
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:# The PEP 484 type hints stub file for the QtSvg module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import QtCore..f

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtTest.pyi

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):12275
                                                                                                                                                                                              Entropy (8bit):5.015337159407925
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:eidHpEdUDrEd2EdGEdIEdG07EdVEdBEdLEd/E2EbEkELE0EBEKEkE7E6EVEvESE2:VEd2EdGEdIEdG07EdVEdBEdLEd/E2EbC
                                                                                                                                                                                              MD5:24E8FB31B7D6B8DFE43D819CB8D1AA8D
                                                                                                                                                                                              SHA1:420C356FA1CC5AC0F1D00DC4463B7A5232A5491F
                                                                                                                                                                                              SHA-256:5DF9599FD28AF3ED9BF4D1F16DCEA8143C4E45D9670E5162B2EFA4F00F39F0A7
                                                                                                                                                                                              SHA-512:5C210E58D8B542AA626DEE49B70692A699D851CC139F8B96D7B0AAD6E7F0047B9B450E2654CEEC1A26546594D9DD5986AC9283A8F404D8F5EA7E613C645B54BD
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:# The PEP 484 type hints stub file for the QtTest module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import QtCore..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtTextToSpeech.pyi

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3875
                                                                                                                                                                                              Entropy (8bit):5.027750253690006
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:KCn98WQ+zPv6y9Vc0ppnBW63/MKKRyby/yzL6cOzBTN46+Vd/hxIAd1HGtQ1LF32:ZQ+rzLWQXy6dpiNhv+TExaflhW
                                                                                                                                                                                              MD5:A3139DC8DA4CE6B127868567FFB2D187
                                                                                                                                                                                              SHA1:D62F9686D2B9E72CE61238EBC2EF1EEBCA9A2CD0
                                                                                                                                                                                              SHA-256:18056DC9429F0D27E9456BDF0E49EB07E292BDF1B3D4D741C59F968622D42F98
                                                                                                                                                                                              SHA-512:817589393604966911A143E726D0EAC3F6DF2E573E540628827B9C5DCDE6EA1910D2E15DB37F8E23A3D5199814796FBADA09ACDAB3C142C16D15A758FAD1B4B3
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:# The PEP 484 type hints stub file for the QtTextToSpeech module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtWebChannel.pyi

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2587
                                                                                                                                                                                              Entropy (8bit):5.207600000477432
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:gn98WQ+zPv6y9Vc0ppnBW63h+6YjLeQXFywaywwqGwdFk+6Jf4:gQ+rzL4JjLeQX9o7fBg4
                                                                                                                                                                                              MD5:578931209938E053D9FDC515983FF9A2
                                                                                                                                                                                              SHA1:7C0450C5B6EB23D569F0875AE7FBD29CA5C3DD06
                                                                                                                                                                                              SHA-256:D97DC265667BDC62B88544B73125126D915C545AD22AA6124E68F09DE80A8973
                                                                                                                                                                                              SHA-512:5F13DC372A42784333911005DB18C3A7930904623D40336AC3ACA05DB0E10191BF120A196B6884B6692C7B7B757EEE4704B8087C0E6188EEE062EE8EA7898F50
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:# The PEP 484 type hints stub file for the QtWebChannel module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import Qt

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtWebSockets.pyi

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):10204
                                                                                                                                                                                              Entropy (8bit):5.016476288539208
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:yAFoDmSnMiaZEa7+EJj+9ZfKf0fGqfDf9f2f3fSf9fXf/+fZBGqJ90Jox:noxaSAZ+9ZfKf0fbfDf9f2f3fSf9fXfi
                                                                                                                                                                                              MD5:4FF86EC29159D2EFB6398BD554CD9AAB
                                                                                                                                                                                              SHA1:386A4058E80F49FD61B77308DA142B0D93A07689
                                                                                                                                                                                              SHA-256:EA5400870E58E037AE83AC0DBD1513EE65E527E240E17B407DBA5081FFCD9192
                                                                                                                                                                                              SHA-512:1D925EB880C24EBB042926955410E4B1F062B71DC9911FC3D27E276CC6DE58A47FFD4138FD77C6EA7AE7C2A56CD694321840C5B42B1CCF5D4C2C46FCBDA623E0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:# The PEP 484 type hints stub file for the QtWebSockets module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import Qt

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtWidgets.pyi

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):587886
                                                                                                                                                                                              Entropy (8bit):5.0030759619457585
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6144:SpawJCbDnILvizVu+UqmLVbLxjpcQML1PDx:ZVPU4
                                                                                                                                                                                              MD5:C6138CE3A0E50F37A070034B6B77649B
                                                                                                                                                                                              SHA1:0FFB2191730C8BB04240ACEE102E1CA58666BC73
                                                                                                                                                                                              SHA-256:1A2862CF9EDB9DFE47D95AACA46003AAB29F629D8B8D70950F741177DF85F535
                                                                                                                                                                                              SHA-512:26AA7445F99E643E7B7FA1B901DAE893E22D1C985AC335230A30C358077F35461F5CC096C117F7308AA9C33087E6BFE7D7EC56F11AF85130B2C39F6C0816E684
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:# The PEP 484 type hints stub file for the QtWidgets module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import QtCor

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtWinExtras.pyi

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):15183
                                                                                                                                                                                              Entropy (8bit):5.077387695983443
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:GQ+rzMoJ/pACzhmzoplhUzuE8WA1AqzA5zA8zA3zA0u4jtX220bs1UxKeQThsu6n:tihpSObzWztzczBs/Arw5KA
                                                                                                                                                                                              MD5:432866EE3C2910D70D3F239230FCCA8E
                                                                                                                                                                                              SHA1:DD56DDDFAB83CA7896748EC55B7E314CDDEE560D
                                                                                                                                                                                              SHA-256:6CF6566B5EF43670E2691C0B643BE104815BAFEF91031D3E05267A7856B0D5A0
                                                                                                                                                                                              SHA-512:8D6BFEF5C8DDEE9B6CEDA287173B68BDC5D1D61AC4CAA12A592DE476B7CD6F74D0FA09C9CAE8605060C09140323E2E3DC7853C3BB9732B44D4520EB5DFAD27BD
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:# The PEP 484 type hints stub file for the QtWinExtras module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import QtC

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtXml.pyi

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):33492
                                                                                                                                                                                              Entropy (8bit):4.9707398424905165
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:RBkq4VpaKosO9v+SIEVFqZjjmMeljjmMeu:CzOQSIEVFqq
                                                                                                                                                                                              MD5:1978468FDEA44844C4A8655D0C029065
                                                                                                                                                                                              SHA1:78D2EB61ED12812D4665AB04CCE7ED339083E0B9
                                                                                                                                                                                              SHA-256:CBCF4AA2BBC36C7EFCCFD3E2091A14489DE05F1E6DDA901591C96118284CF801
                                                                                                                                                                                              SHA-512:AE8E6D115CEC8F27B7A850A324F56BA6F8D5109564770ED2A6910C4FEC04284C6F181495BBBB1026C63929D6C28FD960F61F65A27D801DE675AFD9E79AFC651E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:# The PEP 484 type hints stub file for the QtXml module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import QtCore...

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\QtXmlPatterns.pyi

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Python script, ASCII text executable, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16763
                                                                                                                                                                                              Entropy (8bit):5.02527440494503
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:OAGBlh9YKuFzJplhnXlhqQBcoF/6uqeNWj3NW1:UTXYKuFzJ7F1TBc+/6uqeNWj3NW1
                                                                                                                                                                                              MD5:2EF86974FCC818E8BB3A0F32077652A4
                                                                                                                                                                                              SHA1:55BEB70B9A08C6FBC1BFC61C40F1151BFA309DD3
                                                                                                                                                                                              SHA-256:5009AC5DDBC52C55DFB316A9CF8B08233DE0EF347368A04D74085C8DC2AC4D42
                                                                                                                                                                                              SHA-512:3A87A38D597DF4A94B50B609F7267226C1677A5EAF011740104D89351378736827A042CEDD12614F39CBE01E4D7DFD3A64C203471470CB13D714DEF451B769E7
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:# The PEP 484 type hints stub file for the QtXmlPatterns module...#..# Generated by SIP 6.8.6..#..# Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..# ..# This file is part of PyQt5...# ..# This file may be used under the terms of the GNU General Public License..# version 3.0 as published by the Free Software Foundation and appearing in..# the file LICENSE included in the packaging of this file. Please review the..# following information to ensure the GNU General Public License version 3.0..# requirements will be met: http://www.gnu.org/copyleft/gpl.html...# ..# If you do not wish to use this file under the terms of the GPL version 3.0..# then you may purchase a commercial license. For more information contact..# info@riverbankcomputing.com...# ..# This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..# WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......import typing....import PyQt5.sip....from PyQt5 import Q

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QAxContainer\QAxContainer.toml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):187
                                                                                                                                                                                              Entropy (8bit):5.10913643589626
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:SZ3GMiyT8QQCQIMQDKN10AX4MKxwehyIWWMKxtHO+Cm4o6Mvk/dkC1WiE4yn:SZDim82QIRG1iNthyIXo+Cm4o6Tdk6An
                                                                                                                                                                                              MD5:89FCFF59AA07C4969EAA443C0FDD421B
                                                                                                                                                                                              SHA1:604A9E24DE7B028758ECB5BF941ACB6DB4CED31B
                                                                                                                                                                                              SHA-256:960208CC05BDFEF80BD26BE3BA48729C3E4CABF93812E23566144C8412FF6345
                                                                                                                                                                                              SHA-512:4BE879A51EB477DC9B4B0B387DD506290F82079266683CE095C0518ACE4A2A23919BEC6EFA2E7A28F20906BAE80AE4CAE6D02F70451C5212B6B312DDF21525B8
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:# Automatically generated configuration for PyQt5.QAxContainer.....sip-version = "6.8.6"..sip-abi-version = "12.15"..module-tags = ["Qt_5_15_2", "WS_WIN"]..module-disabled-features = []..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QAxContainer\QAxContainermod.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2010
                                                                                                                                                                                              Entropy (8bit):5.167007495376369
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:WpHG98mXIpmNDzVZRURU2SnOkNlSI986wiND/fZR02ASBOk/KVijhs:Em98RszhJhNJ98tAzhAS//O4s
                                                                                                                                                                                              MD5:5B30383932D4315A0E6A388B7858E403
                                                                                                                                                                                              SHA1:E205D870FD04C61308C02D9922E26F99A433466E
                                                                                                                                                                                              SHA-256:09F13AF28C5B6118B8D63A7FD437693770730962AD621DCBAD2AE018AA006477
                                                                                                                                                                                              SHA-512:268A790404B6E8492181B256E3271A9E5E3321732034B81C0684038A5872534AAB457F145B8D99B9EED22B8C445A4A734CFB71E14CF16B18267BD890D3D4EE95
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// This is the SIP interface definition for the QAxContainer module of PyQt v5...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%Module(name=PyQt5.QAxContainer, keyword_arguments="O

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtGui\qtransform.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5217
                                                                                                                                                                                              Entropy (8bit):5.052015838102628
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:ATszAo/JGeKXngigABqJKT3OijrYHRYelmMp3+YRnQAFYvdgwHCRJG:KLo/JG/Xng2bYxYelmG+YRnQyYoJG
                                                                                                                                                                                              MD5:36CFFC1B4EE2B7CDF869C6578D3F2EF7
                                                                                                                                                                                              SHA1:7EB318A801209FC142A7E8BD1E790792FF4F5411
                                                                                                                                                                                              SHA-256:22C0B829A7D529CFC68D51DE516214B7BFD1ABB6000934CCEC272B1624987D05
                                                                                                                                                                                              SHA-512:570F3085E055F1B1B65A107FEA38E863D952F89C449151E67744B9FE2BE70DC273C4FDBF7732C943A160A7D35D0F04B31F4796A3719C5D06EBDC1F832A199DC8
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qtransform.sip generated by MetaSIP..//..// This file is part of the QtGui Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%ModuleCode..#include <qtransf

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtGui\qvalidator.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3939
                                                                                                                                                                                              Entropy (8bit):5.085081677203163
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:raTsz6eAv8VpR83h7woX9OGRz94hpcP70GRzacgU1hJsn0GRc4hMHD/GRi:4beAv8VpR83h7w24GRz94hpcP70GRzai
                                                                                                                                                                                              MD5:A5C118BD89AA6A795B03B61B9A0F9621
                                                                                                                                                                                              SHA1:FD7CA654F86FF4B92E982E857A645DB94B34672D
                                                                                                                                                                                              SHA-256:1A75713824734883A5B0DAE852394992413DFD4FC6D88B0F926E2325BA7F0CAB
                                                                                                                                                                                              SHA-512:9C107846177395CA1FA0349298AA7C6A6ACAA46071624E05A6D4B2260342B7E49C674000BABA19ED8FD0A6E51547C002FBD4D80522F345710D96226C33265133
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qvalidator.sip generated by MetaSIP..//..// This file is part of the QtGui Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QValidator : public QObj

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtGui\qvector2d.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4173
                                                                                                                                                                                              Entropy (8bit):5.15372230103185
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:X098RszhJhxfgyA5KFl7AXlaa/bx/aQ6QF5cPg152OOxSSgmdofKZSE1u1iDtIBX:XTsz/SY9A1dTpNMrhQKGpNQpFY8U
                                                                                                                                                                                              MD5:F075A485C883EE2A58FE010C0D92A72E
                                                                                                                                                                                              SHA1:941C6D473DE3DBC4328FA221751037ECB8DCC452
                                                                                                                                                                                              SHA-256:3B0758F50F1CE8A4428FD3538744CA89380A10C9A7BC42857ED8EBBDB3E73B68
                                                                                                                                                                                              SHA-512:55D148394B2C4B6D31A883678A25B53874AF835064DA7081249FAB5E902204B77C57ECA1A57065F48D2E50A0F4E09722B5FB8DADA6E865BBE17FC5D13F2CDB84
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qvector2d.sip generated by MetaSIP..//..// This file is part of the QtGui Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%ModuleCode..#include <qvector2

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtGui\qvector3d.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5245
                                                                                                                                                                                              Entropy (8bit):5.124295298401552
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:8TszD7JFNh0BMWjriMUdgMrS4bnbPQKFY7U:WW7IsM/T4bnbPQwYg
                                                                                                                                                                                              MD5:61BE3E5835B0839FDEEAE04420F8D758
                                                                                                                                                                                              SHA1:0FFA28D4C41426599BA2117F8169DA41578C64B7
                                                                                                                                                                                              SHA-256:2F453AFC2BB28E2F210C37930B8A755220DD2E6776C2C2DF3B7CA9543507C620
                                                                                                                                                                                              SHA-512:160A5DE412BD6B98596F1BD50323AB7B7FF7BDCEAD516C2CA5D9D563B8363D43AEB54EBC0A8B1DBD8BF15A457B26D540BB4C3D602980D622003F5712B2614026
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qvector3d.sip generated by MetaSIP..//..// This file is part of the QtGui Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%ModuleCode..#include <qvector3

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtGui\qvector4d.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4816
                                                                                                                                                                                              Entropy (8bit):5.1504665437076484
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:x098RszhJhvZKyAp/rgBXwOX7y/ajR/LRx3cCaQ6El66Kv0cPgk6O152u58emPSn:xTszDwmAOAO9CVDkrLoQkhZQnFYWU
                                                                                                                                                                                              MD5:3C393367C579C03B754BE89CA719E3D9
                                                                                                                                                                                              SHA1:FF8A3FB0D2526C3DF8764888804D557CC20C8799
                                                                                                                                                                                              SHA-256:F236141F8E20C03A428447019A6DEDA413A98D96D63EE0BDB792404BCF4F3359
                                                                                                                                                                                              SHA-512:19C6006689B6AB21818BE266A0184A22E1E1A4BEBD69610880D5C75320DFA6361DCA2A3C1A0A99671A4BBEAE3172AB7740C1614DAC7F8A0F7008841E29116FA0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qvector4d.sip generated by MetaSIP..//..// This file is part of the QtGui Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%ModuleCode..#include <qvector4

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtGui\qwindow.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):7637
                                                                                                                                                                                              Entropy (8bit):5.012482123059047
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:qSMk92zG5OkJjs4g+HRqRK8XihD5vx3GadzDn:7Mk922O6js4g+xMK8XihD5vx3Gah
                                                                                                                                                                                              MD5:CA419C0580DAEC33C1F210E9D1403E0A
                                                                                                                                                                                              SHA1:EA837B2520EB824F0E24E1D43E8737EE383D3E1F
                                                                                                                                                                                              SHA-256:DAF0ACDF2B7124BFF6B3520824635A1484E67289D4D27F26809E413ECF2DF494
                                                                                                                                                                                              SHA-512:0FE2ACAC37F76D0E62E666FE2CA41446DAC367A856B2B0086336F17C69BB78996DBB6092072F20BC6FC0F968BD439EF39BCB7FBED34315FB776C0CFCDB9CF7F0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qwindow.sip generated by MetaSIP..//..// This file is part of the QtGui Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QWindow : public QObject, p

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtGui\qwindowdefs.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1033
                                                                                                                                                                                              Entropy (8bit):5.0933078553483355
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12:jG8EyD9wFX0dJxnOILsBIYFCIX54B++NDK2OsjbojvEZRURuHahLs2aRHAUDOkkX:yyK098mXIpmNDzVZRURU2SnOkD+v
                                                                                                                                                                                              MD5:49BEC1CE91CA126D0DFB037A441EB10D
                                                                                                                                                                                              SHA1:7268A985590F8FDF70C35B1A3818421DC8EFD6E2
                                                                                                                                                                                              SHA-256:A2BF042C4E7714EF8BFA83D3C40831AB27E21DA5B8E9A1850144090C3050E9DE
                                                                                                                                                                                              SHA-512:6BC72FBF9863AF648D5DF9AB95B1FD6168AAE7BF14D95985DB20D02CFA23838153F39FD377DEEFC3A4E29C840EA1607BF8B20CC7730144A3CD70FF45A2A5AEFA
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qwindowdefs.sip generated by MetaSIP..//..// This file is part of the QtGui Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......typedef QList<QWindow *> QWin

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtHelp\QtHelp.toml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):181
                                                                                                                                                                                              Entropy (8bit):5.098831449919977
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:SZ3GMiyT8QQCQIMQDKNpsQ1MKxwehyIWWMKxtHO+Cm4o6Mvk/dkC1WiE4yn:SZDim82QIRGGWNthyIXo+Cm4o6Tdk6An
                                                                                                                                                                                              MD5:CBF29E3A5897E99A1876EAC0D9F19EBF
                                                                                                                                                                                              SHA1:A6F165925EF5C8CD372EBCA947D855E04219847E
                                                                                                                                                                                              SHA-256:008F6D5AEE858D11CB9FBBA039D78A823286243745357104F55E6A6C770C3187
                                                                                                                                                                                              SHA-512:03935A643EA42E95E2320417815FBAD01D14C91FCB3B172E68C4E2618516E23E010A13A6EF671F1BD3DCAC6F764FD7151E005B20077169FDBADD009556462399
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:# Automatically generated configuration for PyQt5.QtHelp.....sip-version = "6.8.6"..sip-abi-version = "12.15"..module-tags = ["Qt_5_15_2", "WS_WIN"]..module-disabled-features = []..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtHelp\QtHelpmod.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2402
                                                                                                                                                                                              Entropy (8bit):5.142853836169494
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:7098RszhJhKX98tAzhAS//OetFgfhP+R1oE6s:7TszZAleetRj6s
                                                                                                                                                                                              MD5:84C36E0CA6002D15B1B035B3240510D2
                                                                                                                                                                                              SHA1:B5683CEEC59018D0E2612BF5665BB86170A2FF17
                                                                                                                                                                                              SHA-256:B6C1C03BA008FF799B7F180CC085B853589E03DD164A916D456D2B83B30E005C
                                                                                                                                                                                              SHA-512:507F1E90100BDD4DCC95B9783EC2461F1652FA733FBF624F080004D307659DC6B6BBC90DA4606F2C519B9167A40A0EABB1BACB70B99F016CFE5311762D4EC54A
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// QtHelpmod.sip generated by MetaSIP..//..// This file is part of the QtHelp Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%Module(name=PyQt5.QtHelp, key

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtHelp\qcompressedhelpinfo.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1522
                                                                                                                                                                                              Entropy (8bit):5.165630345398623
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:nI098mXIpmNDzVZRURU2SnOkp7MDYOfp6NnZu0ZCAckPXDz:I098RszhJhposOh6Nn5ZCAckPXDz
                                                                                                                                                                                              MD5:1850EAC98AF606F985A1923AF9E4BA14
                                                                                                                                                                                              SHA1:2B49179EAF4EF619C4943DEB12170FFBFC416639
                                                                                                                                                                                              SHA-256:56AB3B11AD900C53C134D5BCBF1F929F54A1102C410F7AAB674018B9FC4C6A55
                                                                                                                                                                                              SHA-512:8E1A4037147E9DFA642B2048B7011E1473F84A469E3C494919D3FBB42D7F1FFA7AD258661A3C27BBC00E55D8CBA910719E70C34F1B32FEADBD2B7ECC8A38358F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qcompressedhelpinfo.sip generated by MetaSIP..//..// This file is part of the QtHelp Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_13_0 -)...

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtHelp\qhelpcontentwidget.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2438
                                                                                                                                                                                              Entropy (8bit):5.072984873889959
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:jOD098RszhJhpB0qyKLZZneUs6t08qSuSQQqEQag8QmQ+Q48595q1vaMv8t:jODTsz/BmK/ad+NbqnagPlNnaSMkt
                                                                                                                                                                                              MD5:4911F68D2A0420ADD02A7826B34A056C
                                                                                                                                                                                              SHA1:B3A2E7AB2A14B3C37FCB984988D9C83243A1ABF0
                                                                                                                                                                                              SHA-256:8D6DD35A98A68CA9CC56014F93C02A5B551C3609D4EDFA84A5FD75F2D63702E5
                                                                                                                                                                                              SHA-512:F9978D28E9D3868A8669CB9251E005B16CE2E97EAC19816B35A0EF6A6A92EE21EEB3F0E079533E61F3CEB0D9354F53E5FB83EFFDB6B9B85DE12A619358A4DEA2
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qhelpcontentwidget.sip generated by MetaSIP..//..// This file is part of the QtHelp Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QHelpContentIte

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtHelp\qhelpengine.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1405
                                                                                                                                                                                              Entropy (8bit):5.146185266603026
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:jLNsI098mXIpmNDzVZRURU2SnOkTDi8WzLEnYEs9SWvWGp7k:jL7098RszhJha8Wzg/s9xOGp7k
                                                                                                                                                                                              MD5:FF2497959813B7881533105E00FB5879
                                                                                                                                                                                              SHA1:0A28D9634F86A16F949E736D894C0C20F36FBC81
                                                                                                                                                                                              SHA-256:060528EA20E692D079F569FD867C1778EC66F038D0B6036C60A75AE2663BB867
                                                                                                                                                                                              SHA-512:A296AD789149452A1BBB79FCF06443227CC9B3B2262E66A5C5A62C0FFB4AD636B116197A4C335EFBAD11932E8626CC920A5B16502E11345A2E4C4471ACE3D3BD
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qhelpengine.sip generated by MetaSIP..//..// This file is part of the QtHelp Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QHelpEngine : public Q

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtHelp\qhelpenginecore.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5476
                                                                                                                                                                                              Entropy (8bit):5.121641418452089
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:jATsz1A8FN+gblHsUxqkd8Et8HibKgNg0yUYSrqMNOdVgiU3+u7OWn:jKqA8FNfhHsUxqknoimgNgCPUdVg1+in
                                                                                                                                                                                              MD5:59AD7561C93361335E442FE1559E5F0A
                                                                                                                                                                                              SHA1:BAA33D71D021A981B8F58CD068ECE8BDFBB0A70D
                                                                                                                                                                                              SHA-256:4401E3CB5E3427B91A2F1E1FCBFCB7AF728EA88D492D2C838E211CE95868696C
                                                                                                                                                                                              SHA-512:616F04CC6B21ACDCCF1C279E0B1E6F2AF139D1AB95B7476E58E2CD65F8E133925678B442C7B4DFD68169BBF3B24B41317B4F46F98E62592CB5597243B403E14A
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qhelpenginecore.sip generated by MetaSIP..//..// This file is part of the QtHelp Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QHelpEngineCore :

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtHelp\qhelpfilterdata.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1498
                                                                                                                                                                                              Entropy (8bit):5.161218602683952
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:jTGI098mXIpmNDzVZRURU2SnOkpQ6cM164QIf9Y4ZWdpBzjS:jTb098RszhJhpZcs6Qf/8vBzjS
                                                                                                                                                                                              MD5:F1C89D802022D9AAEE1078CB788D6264
                                                                                                                                                                                              SHA1:C52A8D56D4C66104EF7C58CBA789C6ECAD60FD18
                                                                                                                                                                                              SHA-256:6C7E46A8B288892FE6190BEA0F2CB42D824E558BA670AD0F30C14922FC76947B
                                                                                                                                                                                              SHA-512:944832D54EDEADDBF5DC0800B8053D8622755C918D060F7A1188DA6EAEB0686D12514A8C3A9313872B17FF7E75CCFDBD41A0317BDB36872E32CF190E30594BCD
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qhelpfilterdata.sip generated by MetaSIP..//..// This file is part of the QtHelp Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_13_0 -)....cla

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtHelp\qhelpfilterengine.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2051
                                                                                                                                                                                              Entropy (8bit):5.157925253456421
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:jTV098RszhJhpRG5pMZ+ZX4DanWVKhoWIs31MrA1MrCDz:jRTsz+AyIH8oHNrlrCz
                                                                                                                                                                                              MD5:E142C34C65A19BE9B0772E8EFB3398AE
                                                                                                                                                                                              SHA1:3EB1F6C30F59408AEE57082A6DC3794EFE8936B1
                                                                                                                                                                                              SHA-256:FC86939649134B5C16FBBEE140255272D6E288ED393AE69CF785188482E871F3
                                                                                                                                                                                              SHA-512:2CECADBA0BBAD1E9A79AF65BA5FB23C907276D7DB72619E3BCA709FA65B8822EA69BC775A0DDB10DB9F1BC3822ACC667F0F8698AD6C0DB69CBB0E1D34D6C00BD
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qhelpfilterengine.sip generated by MetaSIP..//..// This file is part of the QtHelp Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_13_0 -)....c

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtHelp\qhelpfiltersettingswidget.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1529
                                                                                                                                                                                              Entropy (8bit):5.1519765915840585
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:jT++I098mXIpmNDzVZRURU2SnOkpOB268qrsWjGDYO6ZBdHSS:jT+D098RszhJhpsX8qrTja6MS
                                                                                                                                                                                              MD5:CCC617AE83F06EC5E71EAB1C18F0F3ED
                                                                                                                                                                                              SHA1:0AE0BC8767492CED737AD8E1B147EE9FD9EA4E47
                                                                                                                                                                                              SHA-256:1C6079ED5666E33F402D338FD3662CDB038861B764E2BA0DD18B8843A772711A
                                                                                                                                                                                              SHA-512:A3B5AB7A58F7B6C087C9C3FE91E87D109282A603D7F2C3BEDE841A67F0B7D8C1A33F82D58DF62B33AA73FB8CA28CDD96D95AB61C8A337821E8AB5EDD7CC5DA1A
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qhelpfiltersettingswidget.sip generated by MetaSIP..//..// This file is part of the QtHelp Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_15_0

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtHelp\qhelpindexwidget.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2219
                                                                                                                                                                                              Entropy (8bit):5.220240467758467
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:j/D098RszhJh2qkcsZP2BcowqAM8x9TUjMC0NS:j/DTszQkAMa9gBMS
                                                                                                                                                                                              MD5:DE094961E78CF1A8C8810D8E1B8402A2
                                                                                                                                                                                              SHA1:3555E7067857DAEB0EF3DAD9907222F33E461F93
                                                                                                                                                                                              SHA-256:AF61D3A110CC62999FE4647B858E86BB6FF789400924C2DB81FEB2365B0ABF11
                                                                                                                                                                                              SHA-512:C0A8B624BC985350A413C26E4F0599D6745CEB26904B771127F13A9B1FDF7EADBC80B7BD71393536FCA9B93D12BEABB40B964B492F42553BD20CB190C12A4867
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qhelpindexwidget.sip generated by MetaSIP..//..// This file is part of the QtHelp Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QHelpIndexModel :

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtHelp\qhelplink.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1108
                                                                                                                                                                                              Entropy (8bit):5.1579682694754485
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12:j3PsD9wFn0dJxnOILsBIYFCIX54B++NDK2OsjbojvEZRURuHahLs2aRHAUDOkkaj:jPsI098mXIpmNDzVZRURU2SnOkpfD82T
                                                                                                                                                                                              MD5:CB6CDA865D8035A7E5A5F2741C6A8F7A
                                                                                                                                                                                              SHA1:60664DE010D6BE9B2869BC19C6574E811204B814
                                                                                                                                                                                              SHA-256:1CD7255DBD2AF9161C4F69586364A81245062DBBE1410804F0AEA3ECE288F5B4
                                                                                                                                                                                              SHA-512:0FAF07D95F4B3740B85FADD60E4E7743B5BA2F17037B4946DE5AEF8B6440906126EE0FD916166006CCD4C9594CCC6FA46FF045F1461297E3D019E96CA9ECA221
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qhelplink.sip generated by MetaSIP..//..// This file is part of the QtHelp Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_15_0 -)....struct QH

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtHelp\qhelpsearchengine.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2821
                                                                                                                                                                                              Entropy (8bit):5.170141189364538
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:jn098RszhJh57afvddCWbKkpqA0upuOi85G68F/6+MjK0ff8/1z8WV1H+EBMyVHi:jnTsz2fvYyqAHuOLL8FA+k8R8WX9w8p8
                                                                                                                                                                                              MD5:FA54167385C728A80A9732F22698CC4D
                                                                                                                                                                                              SHA1:E1937B0A8389681D415F2CA42C2231ED78BF4D3C
                                                                                                                                                                                              SHA-256:DF70609314943D0246095C140BC617A42F9E2FEF0B5CFBEBF693224C12A079D7
                                                                                                                                                                                              SHA-512:A0A3C1D6A4A32C9F60A6FF9DA413A23B2A266CEA9F9D4584661A890D1BD62981F83B296D4217096FB448BD021889335C2D32299F9B64FBFA56400A36ABD53CCF
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qhelpsearchengine.sip generated by MetaSIP..//..// This file is part of the QtHelp Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QHelpSearchQuery

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtHelp\qhelpsearchquerywidget.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1921
                                                                                                                                                                                              Entropy (8bit):5.258219728656808
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:jPD098RszhJh56Jqk2r+0qNjK+H5WI/Dx1BH+E1wxyn:jPDTszyd0O++H5WI/Rtn
                                                                                                                                                                                              MD5:1AF556D70BF4791C632C018C3704EC9E
                                                                                                                                                                                              SHA1:93E28791B4D06F3B024090EF408B2028F2AF260C
                                                                                                                                                                                              SHA-256:FEAA9FCB921DF8755E5737CFD5C676FA69D39F511B844A87FF5DA84A553AD6F4
                                                                                                                                                                                              SHA-512:CDC226615C38A18A0F4B08B78E7152D99DD77969D5C575D263FF0A116021A1B9E25EC27D5309D3C843561F4E6543F6F83E978475B467B6D4B71E4C576E4FB0E0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qhelpsearchquerywidget.sip generated by MetaSIP..//..// This file is part of the QtHelp Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QHelpSearch

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtHelp\qhelpsearchresultwidget.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1264
                                                                                                                                                                                              Entropy (8bit):5.145696436683309
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:j0+I098mXIpmNDzVZRURU2SnOk5689JfZqSR8hWUzsKLWBu:j0D098RszhJh568RqSR8QUz5iu
                                                                                                                                                                                              MD5:974E9CE0CF9CA7952E815A55F9A68483
                                                                                                                                                                                              SHA1:F288F690D1AD33943733DAE90F7E595EA91FA394
                                                                                                                                                                                              SHA-256:C822D6534B5844697653EB37903F51D1ADC4D8843E324C508AB44F3409173F51
                                                                                                                                                                                              SHA-512:168143BB0FE8855C4C3D499296FAE04BC7225CF749A013DBFA6C6DDDA135702CB0EB5D3A2540158813CF7EEB0D60F9B8F936AAC4A4863BAB1DB8906A93CDDCE4
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qhelpsearchresultwidget.sip generated by MetaSIP..//..// This file is part of the QtHelp Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QHelpSearc

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\QtLocation.toml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):185
                                                                                                                                                                                              Entropy (8bit):5.083394086980918
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:SZ3GMiyT8QQCQIMQDKNtb3wvAMKxwehyIWWMKxtHO+Cm4o6Mvk/dkC1WiE4yn:SZDim82QIRGrNthyIXo+Cm4o6Tdk6An
                                                                                                                                                                                              MD5:EF43E892D81991DDD41F161AE5D5572D
                                                                                                                                                                                              SHA1:4EDB922000AE14559550B71D959FD8A2E3B6678C
                                                                                                                                                                                              SHA-256:7876534470F1B1F5F9C7DC7F09087E9818FC446B2627A76D4F9835203DD48FAE
                                                                                                                                                                                              SHA-512:3C2BA6995B4DC11DC0C52470B0A269D1AA512EB8E322F72C9BA1A00B3DE4E973972F0EAB8B49A20D623B125918AFC45D5EBB81C520A3B6323B27F4D1356734FE
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:# Automatically generated configuration for PyQt5.QtLocation.....sip-version = "6.8.6"..sip-abi-version = "12.15"..module-tags = ["Qt_5_15_2", "WS_WIN"]..module-disabled-features = []..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\QtLocationmod.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3199
                                                                                                                                                                                              Entropy (8bit):5.062937126941617
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:z098RszhJhWt98tAzhAS//Ou7euOElnLNHroE:zTsznAleeJoE
                                                                                                                                                                                              MD5:1ABCA352AD3DFD294CA49752F8BCC3B3
                                                                                                                                                                                              SHA1:9546281EB74C515B497B14C6E8A9DD39C10265A0
                                                                                                                                                                                              SHA-256:01D6B0A30B9D2F48C4362A0C0320BC995A5DE35C39043C293FDFF846B98560E8
                                                                                                                                                                                              SHA-512:21031447221DFB155B6A796E4423D83B3749C05C1B5FE456EFB108CEAAA266E629C5A1F6A19C17B878B16D0E31FB0E4DFBC9594CCA85BA0D35544FC9CAE72EDF
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// QtLocationmod.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%Module(name=PyQt5.QtL

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qgeocodereply.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2416
                                                                                                                                                                                              Entropy (8bit):5.0866506152227435
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:+098RszhJhprAvmBWNzypH6ZUagmpd3DHQe5CXy9+rq4uU:+Tsz/Aaoy5uUaBU+CAh4uU
                                                                                                                                                                                              MD5:38D0FA13F9444655607001AA621E97AB
                                                                                                                                                                                              SHA1:701D3D83C47E89E26531B859FFE18659DA34ADDB
                                                                                                                                                                                              SHA-256:301A5BE52F1ACFA2F0EBF77D433935BF719E37C136CB8EA9147CCA1CA790D384
                                                                                                                                                                                              SHA-512:DEBBB4D4DB895F40E0DA52E637ECC615A928F84B7FEE059F1E36BB9EF2158F5E86155ED5ACE9B8CE8ABBF30EF32483572E13B59BD8AB9EB50FEF2510B3260966
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qgeocodereply.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....cl

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qgeocodingmanager.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1835
                                                                                                                                                                                              Entropy (8bit):5.151360124505369
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:A7H098RszhJhpQ5qSFdCUALTCGcLQeGc5OGDwce2JaCxb:oTszarFUJLT8LQsQOaCd
                                                                                                                                                                                              MD5:429BAE8C75FBEAA80EE51DF05D390428
                                                                                                                                                                                              SHA1:25484185E0EA5B071FD199F6233BC8C4F40697CB
                                                                                                                                                                                              SHA-256:C362968FC30497133D3FD56A63A65927B2E5A3A424E08B2F09F6F1246D160A26
                                                                                                                                                                                              SHA-512:74FC4BA15817EAA12F736A272204539642D5A33CF481FF7F7C933A6394220D04FAE067111740BFE5E658443CFD49062E89CA2880B11A09AFDC8523C02F70702C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qgeocodingmanager.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qgeocodingmanagerengine.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1907
                                                                                                                                                                                              Entropy (8bit):5.13076996043777
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:At098RszhJhpXAAqa/KzdCUQYLTCMYLOMY5O7wce2JaCxb:CTszrA8KzUXYLTLYLX8BOaCd
                                                                                                                                                                                              MD5:E049E6FE1A9735E1737D0A60978BB754
                                                                                                                                                                                              SHA1:1006DE2CC1EF5ACDA7BDE3B9A4189EE169CC19CC
                                                                                                                                                                                              SHA-256:360DC9C224334B11FA8576897D308BCBF51E6D84BA9FBCCC6AFBB76582BF3F12
                                                                                                                                                                                              SHA-512:4549E90E8947D64000EE703A884AE82FFE168A9AF37EC519A5052A66B13C4863A6D0A1DD8AD3EAE31483612E678A87EDD4B1B0AF50B5451D07C418466B4D8083
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qgeocodingmanagerengine.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qgeomaneuver.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2469
                                                                                                                                                                                              Entropy (8bit):5.00032570040432
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:aP098RszhJhp2cLk2NMXk627BMHa15C31LJSeJwDz:QTszGk61Yz
                                                                                                                                                                                              MD5:DC94DA057BFE795EFE04DBDC29F14D1C
                                                                                                                                                                                              SHA1:02A8CC3E0B237BC95A2F5DF998B92A0F65A0DC0F
                                                                                                                                                                                              SHA-256:E14E5851DC44D627300700A12345F5ED7B5481E31CCECA4F6A7720D06DF69F42
                                                                                                                                                                                              SHA-512:C8862108A9F9AC5CC6EBEB70142C9B2275D2B2F293C189A94AB518401850DF9AA4E28E78249BF9DF7335B0E4D922E1125A20070CA8B626DED65C73DFACD004D2
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qgeomaneuver.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....cla

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qgeoroute.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2662
                                                                                                                                                                                              Entropy (8bit):5.104773060985139
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:Y098RszhJhp3964pRaJoro1XiplOCBCSyD151yun1oJeDOy6Zx6b+yS:YTszp6RmgBZu6b6
                                                                                                                                                                                              MD5:3E320903AC1DDF74DCC23678C45CAE5A
                                                                                                                                                                                              SHA1:C45CDCFD0C616E5D83465196A70C0C6B50B8DD2B
                                                                                                                                                                                              SHA-256:2F01DA96C4A4330ECB85E6DC2EFC7EEAB6E2AAB6C8E326B9CC411D436E873E82
                                                                                                                                                                                              SHA-512:B7B973A64CC17C86B361BA8FB9FE37C74043EE2A885346A28D04558B3804CC8B2BC313F06D202B801F2E618E9A9C334A7CAD6FA617108152383AC8733F121467
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qgeoroute.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....class

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qgeoroutereply.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2147
                                                                                                                                                                                              Entropy (8bit):5.073084581753702
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:U098RszhJhpDAtmBWNVy3l6ZUaggdtTQejCqHhDSV:UTsznAMwyVuUaTt0iCQhmV
                                                                                                                                                                                              MD5:119394CF7C9801759FD2D5BC086E4381
                                                                                                                                                                                              SHA1:9424B7E8423056098B32F463E492933BA621174F
                                                                                                                                                                                              SHA-256:F33F2561BACD5C9EC8AF85D7D9CDDB4D07A271CFE5AD34402E925B576E612BBE
                                                                                                                                                                                              SHA-512:7572506C304440BAC4947F767D0566BFCEE6C51D8B325B330FE7B083486B5F7F264F3973799974B2D88FDA01F3E404DD001415D2DCA6D26C4D1C11ADF206FF9B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qgeoroutereply.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....c

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qgeorouterequest.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5481
                                                                                                                                                                                              Entropy (8bit):5.0753634085559485
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:RTszYFT/7jI0QP0iL816L8Mtanuap+JRyJkCJ8eJGGJKiJk:1xFT/7jDQP0iLanuapuRikS8OGGKyk
                                                                                                                                                                                              MD5:357E2458D3728718D23323EEA7B9A7C9
                                                                                                                                                                                              SHA1:FA986C3315AE44F87AC67A1F51FDD82A93FD9BA3
                                                                                                                                                                                              SHA-256:52CD2FA098D1B70B3F0F14E8125C89A5D85736EBC1B312BB4044C4F65F111149
                                                                                                                                                                                              SHA-512:F6C9FEF8842D98AB1A284FF0A32CB9415F9B8491E0FCE6C247B40E127C01CADE9C710EDB4E045DC493FB093F5F2E0FB6E13F8CD90883043B2126A1B77ED826E2
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qgeorouterequest.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)...

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qgeoroutesegment.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1849
                                                                                                                                                                                              Entropy (8bit):5.091370220438124
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:d098RszhJhpo6kX6bsSBDiplCwVSy3XDz:dTszcVX6bc5zz
                                                                                                                                                                                              MD5:D0735C065A31512CE6E0B9195CEC7E9B
                                                                                                                                                                                              SHA1:BF3D1D9D930188CFEBA1F5C67E85AB90D714C563
                                                                                                                                                                                              SHA-256:838EABDB10B7A7BEA89FC8775F0E36D706233D58FFF761CE3D10647F3BB3F32E
                                                                                                                                                                                              SHA-512:245BA7E5991ACBC1393546E5D92FA2658853BD982158195C4288C645B63160A421960338E52F4039F8AB617E46672EB2CE2BFBD1EA544519B4984DCDFB7D3A47
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qgeoroutesegment.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)...

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qgeoroutingmanager.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2215
                                                                                                                                                                                              Entropy (8bit):5.097028719272747
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:KH098RszhJhpYqSXdCUUb/jXHDJfv+OHwWeczaCxb:WTszMrXUd+vCaCd
                                                                                                                                                                                              MD5:CB19B463B9322F955313811214E29AEF
                                                                                                                                                                                              SHA1:79AC1EBEF0B3345C16D14B9EAEA236F0214D3C08
                                                                                                                                                                                              SHA-256:377AC7B12CF0158F9715B7CD982CBDC8CF4B1373E32584B081BF24F77A4B1DC5
                                                                                                                                                                                              SHA-512:07706F15485D24031EDFE339776178B52286A1085A7F61136B36DB9DA4A962E2EF0F2E6B9A30C96751D48D4222CBFE613EC3032CBE2DFFBF7188B0BD4DA921FE
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qgeoroutingmanager.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -).

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qgeoroutingmanagerengine.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2866
                                                                                                                                                                                              Entropy (8bit):5.0558477907690165
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:c098RszhJhpfAFQ/K5dCUQG6/jXHDJfv+OHwWeczaCea4+:cTszjAMK5UXGa+vCaCt3
                                                                                                                                                                                              MD5:4C731CD6B10E06A0899C0F55016DE552
                                                                                                                                                                                              SHA1:3DD76D1AB3E4E42ACD663F8CB3D670C190545E3C
                                                                                                                                                                                              SHA-256:77F9EAC105BB0DC56AF560F6CB07C0EFC53D1A4A922874F16A41FFE9CB9C2C67
                                                                                                                                                                                              SHA-512:2BC2A8EE0FD2B3613D25E4F56E774503DDE0AA57DF55174D015C9061E7BC11DDCEAFB9300F88AB30652ECAAA6F38F493B0BFA547E79397604454CABB592BA23C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qgeoroutingmanagerengine.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qgeoserviceprovider.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):7505
                                                                                                                                                                                              Entropy (8bit):5.074782112702968
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:P6hAPiMs3efxpx/fADYBV1Pwt5wMBvgYN49WKctoG8RRxMyZUT3OL:fivG
                                                                                                                                                                                              MD5:F360034AFBE84641751CFA77DBA877E0
                                                                                                                                                                                              SHA1:AA44ACF4C702328C5CC4820A1EBA8A5F54D4B60A
                                                                                                                                                                                              SHA-256:F001FA5ADC531ED42B193493F573AB2B8B7FF38B98581EAAC3E371CF2BD2A431
                                                                                                                                                                                              SHA-512:75138AA880BABE45C3E73C27008FB65A01C6883B42428701FAC8D81C1AF7D7336D70E22E06EF556C005F1514F4BD56026E16FC9FB68404F85F6017C8FB790079
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qgeoserviceprovider.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_11_0 -

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qlocation.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1417
                                                                                                                                                                                              Entropy (8bit):5.165882967970872
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:p+Mn098mXIpmNDzVZRURU2SnOkpx3sAqWGMIpLXlJh8EXHlsX:pH098RszhJhpHqzdHq
                                                                                                                                                                                              MD5:FC841E83494874E0F040461FE987E8D4
                                                                                                                                                                                              SHA1:E8ED905F3586E4A78AC8D03D7165DFE02764B6F8
                                                                                                                                                                                              SHA-256:6E95EE2F9DD00C3BB45BF43A2463A3404DAAD5263DAE8BAE6C8014C25AAFA60F
                                                                                                                                                                                              SHA-512:A95688C61F0F18A120CFFC8C8D8BD89A91D11708CC4F5BB95FEA77892E3C6911026B95646D95FDEB6806E286268EA46AAADC8CC601982068F6CA615964A3F140
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qlocation.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....namesp

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qplace.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3368
                                                                                                                                                                                              Entropy (8bit):4.948068620163015
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:ZTsz8N6HiftNBtrnfpkdkdcJZiknz6I4O8Qa4:d2ik3
                                                                                                                                                                                              MD5:010A39596AC978D5B3BC67988139F299
                                                                                                                                                                                              SHA1:6B2CCF0B6E1B3E504B3C86D789DD48B1B386C9EB
                                                                                                                                                                                              SHA-256:10B095DA1EDDED46E88EFE401A5EEB5C09F27D2C6220A3134EC8B92646514F86
                                                                                                                                                                                              SHA-512:84AA9A4F4780BC5C1E468C8A57997EAB798E26108104465A2F22D7E7CB5AEF54E9167E6420B5A06DA0D0C709323BAFF6EA4BE9F0D07C5BF96BD8307A34B4D23A
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qplace.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....class QPl

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qplaceattribute.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1602
                                                                                                                                                                                              Entropy (8bit):5.089025398075417
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:J4Mn098mXIpmNDzVZRURU2SnOkp/FAfO7Z6JIMdMZGXdE7ZgkS:T098RszhJhptAfmZ6iMdMZD9gkS
                                                                                                                                                                                              MD5:22F560416BD0B54638739AAC0C9D064E
                                                                                                                                                                                              SHA1:A0C6231534D02D18A2EAFF7417EE86664A577C21
                                                                                                                                                                                              SHA-256:515E3198E488BDD2FAF6BBF2B3A7D433F3A5BBF0019EF7A6ECE4382C67E00658
                                                                                                                                                                                              SHA-512:2DE5B440635F4774984C1AE9260E3069FAC4EE0DB45C350397181AFA7004EED14DBA18089E325F7C899CD9C1EA446609F4CA63DF30FFF77C43737B3F818624D8
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qplaceattribute.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qplacecategory.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1676
                                                                                                                                                                                              Entropy (8bit):5.115297426900936
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:1098RszhJhpFOV6codoZeyunY9MyQyeLS:1TszQV6cq8mnUx
                                                                                                                                                                                              MD5:C64A4B7A99981AB925A1A4965AB9B2E6
                                                                                                                                                                                              SHA1:1D812582953D1D6163E0078AC4AE6D0AEC8D5BF0
                                                                                                                                                                                              SHA-256:A9987BAF2FC8BF974EC716E56958ED805A8BADC6FD41EE84535F9FDDB0F7BB7F
                                                                                                                                                                                              SHA-512:CBBBB1925F03B6216173AADDE5F100B8BE7615B8ADB91FADBF7E81EA2FE398F6FFADF43F5A8CCBCE3DBD8DE0F12EDCF1121493C2060A17198AA2CDD1F93019CE
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qplacecategory.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....c

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qplacecontactdetail.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1654
                                                                                                                                                                                              Entropy (8bit):5.074510661584741
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:C098RszhJhpue0/sDdaS56ZpSsdSsZD9Ap3aZ:CTsz0/scK6XH/hXZ
                                                                                                                                                                                              MD5:740C7A0A39706CBCAD0854846C711734
                                                                                                                                                                                              SHA1:C65843FFCD70FDCB569A4881A9ECD0070229AC09
                                                                                                                                                                                              SHA-256:97F7EC0AFC9F3D82FC71369F57486653F082F7F3B8D172216B24622FFA21920D
                                                                                                                                                                                              SHA-512:472F732ACA64805D9239D68459741BFE7293DC5524B534F2FE0EAEA96E64AD6C9CFD089086BA40F849771CB15C5884218EADA30BECB64ADE51891F34C542AF64
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qplacecontactdetail.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qplacecontent.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1814
                                                                                                                                                                                              Entropy (8bit):5.075417239367122
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:CL098RszhJhpXC4Ne/yq6rrldlKnfwaOi4DvnIw:STszbBuyq6rrnyrOrDvnf
                                                                                                                                                                                              MD5:824AD66C8AA21A9F81A203BE088A61DD
                                                                                                                                                                                              SHA1:E91675E315549B3769AEBA7B8D08A576DD848D8B
                                                                                                                                                                                              SHA-256:E0F14304FF717D65A195B1B856EB8CAD944BE47F8C7C76BB3CF2A1F7CCEE44F2
                                                                                                                                                                                              SHA-512:A125687F5498FEEB74EA2C6A7AD628F46436F5A65CA00A6D3AC802798AD0B7C0BEA0F163C4542394CD2921C4396C8C29E3C3D4BF5189D788B93DD86A14C3C5B7
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qplacecontent.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....cl

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qplacecontentreply.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1818
                                                                                                                                                                                              Entropy (8bit):5.079241710450422
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:J7Mn098mXIpmNDzVZRURU2SnOkpxZTz4M3Y9ghckZclkF/kBRk5R8lZh3kMlHCKr:W098RszhJhp3YkKghcvlyY08d0MphZ
                                                                                                                                                                                              MD5:CEAA125E269F1B0BC03FF8786982F73C
                                                                                                                                                                                              SHA1:E506B279D5C8266E7C3362A4892C5DDCA583D9FD
                                                                                                                                                                                              SHA-256:E6620F02C323EF5F1D560C0DFD2835A2C57D82A756549EE2CABC4E16C1EFC5F4
                                                                                                                                                                                              SHA-512:D50F6469F3FD4787EDCF20FE899E3F9BEAA54A53BC953FFCF6B892E7CECB764FD81CB1A871D97297028F53EF29A68391173915D03D0CFAE13CFC3012EFA807CE
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qplacecontentreply.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -).

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qplacecontentrequest.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1707
                                                                                                                                                                                              Entropy (8bit):5.083228897300831
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:2k098RszhJhpq2d+/v6prWdWyQmHEDF0I:2kTszW2w/v6prsRrkV
                                                                                                                                                                                              MD5:E64F77504795DDB63E1F874C8BFC8B9C
                                                                                                                                                                                              SHA1:9EA9740DD29F9F79AEA7123722543C32FE56BE4A
                                                                                                                                                                                              SHA-256:948C77DDBE547582D90E00F37C7C50C8D95DF5200E8A6E817D47D8F49FB20830
                                                                                                                                                                                              SHA-512:2A8FA0C645065AE4C1B5F83A78EA44B5ACC4B1C95FAFA4012D60E27E8C4DC5FF38EF2C41DC9A6E0CA2B8C370899D316BFBF518BF9C3EA2E763963C3C44203532
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qplacecontentrequest.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qplacedetailsreply.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1365
                                                                                                                                                                                              Entropy (8bit):5.163197181804722
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:J23Mn098mXIpmNDzVZRURU2SnOkpRsTzVNaOukghcv6SJ:c0098RszhJhpRs1NaOukghcv6SJ
                                                                                                                                                                                              MD5:7C35DC7909577E4C964AF1B4D040906B
                                                                                                                                                                                              SHA1:B7F50C9EFA5D1E367DF4C569B8BA7C3532DD7BE6
                                                                                                                                                                                              SHA-256:A3DE580F02B97AE696BE0E0C2A0C9B80AE62E87B8D9375D92262D9DD4E7865D2
                                                                                                                                                                                              SHA-512:54E1C2886939B6752F8D847AA586F835852691F6CDADDE6F9F59ECAAEE73999244101F1A1A9F6E42FFF280F273586A3ADAB9A37FB8AB71E2F82A14A21AF6E6BD
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qplacedetailsreply.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -).

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qplaceeditorial.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1443
                                                                                                                                                                                              Entropy (8bit):5.122829085525908
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:JbMn098mXIpmNDzVZRURU2SnOkpK6n12SxhglM63Pgj2uDGkp1ib:e098RszhJhpT1Pwq6fgjnDPp1ib
                                                                                                                                                                                              MD5:C104A00DB816FEB5BC88DCA93353D260
                                                                                                                                                                                              SHA1:D7A42C1F2EEA27C43CFA87A0142605C7719783B8
                                                                                                                                                                                              SHA-256:59145D374935743DFF46555D3AEF5C6218E40AB18555FABE94A1C24454E310A9
                                                                                                                                                                                              SHA-512:83468B9C47038BA3EA63D7F496A4828F38B22CEE9A9905DBD6619D89A07139ED25A6514A10021DB758D0FDBE97E89AF488AE25F39109F2324B0D20A51634E4E7
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qplaceeditorial.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qplaceicon.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1564
                                                                                                                                                                                              Entropy (8bit):5.134982621314574
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:8098RszhJhpCsXxHweX6MzeudeuG5PF9xiS:8Tsz0W6mL2t
                                                                                                                                                                                              MD5:B60A1A28EFE3C24CE8C3E72DB7C3F887
                                                                                                                                                                                              SHA1:804AD6538DA1518AB8198C9B3D1AE5737FFCD0D8
                                                                                                                                                                                              SHA-256:38630925829D1BF77B8FF8BFF9224C3723A4390E52159F9457FE1202CC9E463B
                                                                                                                                                                                              SHA-512:33BE3C184BD04B3EC58CB79BBEB719D1961D6E07C2A9DF019925F3EAC4565DC137DE8B000C54805B10D5ED725728E8E08234E0478775F48C74B1AFEE1795B785
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qplaceicon.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....class

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qplaceidreply.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1564
                                                                                                                                                                                              Entropy (8bit):5.122206399298802
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:JqyMn098mXIpmNDzVZRURU2SnOkpbTz748PnsL8wghcEZqW:c098RszhJhpbM8ZwghcEZqW
                                                                                                                                                                                              MD5:4896356B27354D6A67F6656908D587FA
                                                                                                                                                                                              SHA1:A163CE0D71C76B74C8BCF449F0FB4AE8A447043D
                                                                                                                                                                                              SHA-256:40F4661AA823ED32EA85D635370DB2FFB88729E79A783B759ED8D140B4F3E611
                                                                                                                                                                                              SHA-512:AB0850B4A53A087DC958D07F1EDEB7289FB29D7C4E93413ECCB3052CCAE6B0D9EEB89E74063EDA6BDB6C5E8851CE8F812AF00C75DA2C76573204EB3A07552B51
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qplaceidreply.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....cl

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qplaceimage.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1420
                                                                                                                                                                                              Entropy (8bit):5.145717175964732
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:JfMn098mXIpmNDzVZRURU2SnOkp3SM12+UlM6I/KoR2ESncDM2b:u098RszhJhpd/Uq6I/ZRFSnT2b
                                                                                                                                                                                              MD5:9A5A0E4E08B9440B44959B02454126CE
                                                                                                                                                                                              SHA1:B398028DDDDBAEF2AE8353F027F6444E9FC911F6
                                                                                                                                                                                              SHA-256:A19DF00975F7559235B2A8ECA21632D1B60448A69BB1214A8FC4752E3491FD49
                                                                                                                                                                                              SHA-512:20D237EC3017C402D5F3A4D1FDE66B5FDB8DC1F6A67692CF594E60FEB1529938513CAD6F18C297D01A65E2B74D2AFBCD78E107A4A44357F45D1268E3F829F5E9
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qplaceimage.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....clas

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qplacemanager.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2986
                                                                                                                                                                                              Entropy (8bit):5.04983446226643
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:EH098RszhJhpSqSpdCUCi1GvVpUK4UN0Z+gRDlwDZNT/O3oiBIH7KeUT9CKgngt:sTszmrpU9iANpUbU28gZlUOIbeT9CKgY
                                                                                                                                                                                              MD5:FE79BF39600798395BA748E33957491A
                                                                                                                                                                                              SHA1:ACBF85D54FF3BB7457CD1F7C59FB264849CC4629
                                                                                                                                                                                              SHA-256:ACEB930639979A6885D574E0AAA962F4CD368C0453BCC883062E1551FAD1F426
                                                                                                                                                                                              SHA-512:7F454A41D739CC3D9782D77CD7FB8D698901838D903A78275B1789EF37EEEF34A2201CDB4B992395DC6F7C161F6A27993183E3498013B48DBC26615965E95151
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qplacemanager.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....cl

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qplacemanagerengine.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3286
                                                                                                                                                                                              Entropy (8bit):5.034427435574681
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:OTszDAgKPUXgTitgPLgGpUVgHUVgTbgzg4gJg3ghU1ygbdb26nghsgG6eT9CKg/2:gIAfsXgTitgTgNgEg3gzg1g3ghU1ygbp
                                                                                                                                                                                              MD5:D0DF37B9BF72925971083C8A2E87AF6F
                                                                                                                                                                                              SHA1:5E48092F19BCD4EDB8B87A9390285CC44F8CA876
                                                                                                                                                                                              SHA-256:7934DFFCCB553DC7B494D7C6E1A42E3B9371100D8A646DE9107B165324225394
                                                                                                                                                                                              SHA-512:D5018AE4BBAECB98E61B7D720003B8950CDA23487CA7825FB72F156B75E5C275554279EAA18A65C0945E442B87D21AFEE68EDADAEB0B1788B59F27195B55B2B7
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qplacemanagerengine.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qplacematchreply.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1471
                                                                                                                                                                                              Entropy (8bit):5.179807603597747
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:JvMn098mXIpmNDzVZRURU2SnOkp2KTzw74PCghcCzI/PpCk3:W098RszhJhpvQkqghcCihB
                                                                                                                                                                                              MD5:F71F042FCE746C6BB8D8AEED55F5CDBC
                                                                                                                                                                                              SHA1:A9D4BCE166CA13E508D7BE3E0F6EB5EEEFCA47E3
                                                                                                                                                                                              SHA-256:B908432EC21531E6F36E31ACE60FC7E8CAA37FCB3FF6A9B01743DC9DB976D383
                                                                                                                                                                                              SHA-512:151AD7B9535000A7214866C5743AD71D54741768C3E293067A6F3BAB1B3D7E40E251F02AF7255E941AA5F4CAFF227091DF43AFD51E5FC45AC5F32878D6261EFE
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qplacematchreply.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)...

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qplacematchrequest.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1647
                                                                                                                                                                                              Entropy (8bit):5.132366141152942
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:JZmMn098mXIpmNDzVZRURU2SnOkp2B2I8+LZoBNCo6QoUICndCnCXfx968lvS9xW:f098RszhJhpiMU6jX6truduCXC8g9xW
                                                                                                                                                                                              MD5:3DB5E4A7BEB87E76BCD403668A3755C1
                                                                                                                                                                                              SHA1:A9186363C9013EB92E1B5432A55B972F3C382746
                                                                                                                                                                                              SHA-256:D9A4D6C9643C720C8D07F57611921305A2605AACD41DBF8D815FFFDB6ECCC9D5
                                                                                                                                                                                              SHA-512:DEE667A41358182907A31EDF1CF079D2ED0EE865669CA5ED66E67382E19A6BFE8784C12E41DF6165DF562FC3F0415E3398363EB472C624451725AFBE100611B8
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qplacematchrequest.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -).

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qplaceproposedsearchresult.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1420
                                                                                                                                                                                              Entropy (8bit):5.137325697210552
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:J9lMn098mXIpmNDzVZRURU2SnOkpK8fp68p2oXp8wx8l168A638wO6VtEsK1673:a098RszhJhpK8fA8pLp8wx8lU8A638wD
                                                                                                                                                                                              MD5:409D3C22C35EA5F9B15E05D0DC52BA22
                                                                                                                                                                                              SHA1:360E027B9CAD37268CB6DD851D6B5A1AD211BC88
                                                                                                                                                                                              SHA-256:BB46E4B4C73E4184ABB68A64871B85EC01B6DB10D9F2A6C311C029BE2F275FD2
                                                                                                                                                                                              SHA-512:9EAD43D8AE530FC13E7F13B711071924B3EF479AB59A6B67E76A8B9636E0D2C1EE680DC0F61C1AFC1323EEDE4FCDC91CC6810F39BAF3684B66CB2441E0E54641
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qplaceproposedsearchresult.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qplaceratings.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1509
                                                                                                                                                                                              Entropy (8bit):5.125484194660606
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:JQnMn098mXIpmNDzVZRURU2SnOkpnJldIgIzP6l0Iz2dz25HbMWwxizS:2k098RszhJhpTdcD6t6d65Hbq6S
                                                                                                                                                                                              MD5:55DB4F5EC56FDC80051008473FF1DDA9
                                                                                                                                                                                              SHA1:FE9EABD1B84289E73A00E9C4FFB5352F254F5284
                                                                                                                                                                                              SHA-256:59305CA3BD6303206287F3011B86F2789957BAA0EB75009E40758A725275AE26
                                                                                                                                                                                              SHA-512:76F043B462F1E304C100132F35C0893036CCC2265EA8F273324E839BC45C9EC67B0981D06D8278DFFE262C03BC366E8A27CE5E6550580B4381A0A770A4617075
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qplaceratings.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....cl

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qplacereply.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2215
                                                                                                                                                                                              Entropy (8bit):5.025783421494948
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:H098RszhJhpvcAkNBpb53WG6bQghcZUagO16ues9CjyLI9O:HTszzcAmD3WG6MghQUa31lV9Cb9O
                                                                                                                                                                                              MD5:EC4C16A3C480A22724BCDCBCEE9CB5C2
                                                                                                                                                                                              SHA1:B65BB91109F564F2407698479559CA8FE95C5E9C
                                                                                                                                                                                              SHA-256:B29FBD01FAA3DFD83051E914DA842BC6B404499AB7656238F646B1869FE64715
                                                                                                                                                                                              SHA-512:08725FFE79E0E2E9170641288DDA205405D91C1BEDAE2FF009B9C32E1937875380D853D9651E6C388099344619A41F14057DD78255F9663B3B7FF6936F4E3888
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qplacereply.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....clas

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qplaceresult.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1431
                                                                                                                                                                                              Entropy (8bit):5.1165880049876495
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:JpMn098mXIpmNDzVZRURU2SnOkpxp68p2KT0168A6t336qZGo:E098RszhJhpxA8p9T0U8A6t336qZD
                                                                                                                                                                                              MD5:CEEE4FDC8B54ADF2AF1C0F8FCA9F4017
                                                                                                                                                                                              SHA1:18DE251EB9754C62B7F7196074BFB3C79C255548
                                                                                                                                                                                              SHA-256:3429D36DCBD95DBE303BFB4C2768FA35AE22F41363B2ECD45351316F557A7FA0
                                                                                                                                                                                              SHA-512:5D6FB67983B78EB638359E7ACEBE594C64F438427DEFEF4DBF0C5F2B98FA7C1C21C0DDD5A11B09F47CF085FAA8E76947274016E6D4A3F399249ABF2290BB1EE6
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qplaceresult.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....cla

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qplacereview.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1643
                                                                                                                                                                                              Entropy (8bit):5.094310911971455
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:B098RszhJhpoupAHq6r3OgjPp1Zkexnn2b:BTszM2AHq6reKPj+anY
                                                                                                                                                                                              MD5:8D43C8E235A9AD7B2E1082F3383107C5
                                                                                                                                                                                              SHA1:3D4FE4C1AC0B66F3CAD31CE00CAF5B0B35D14F03
                                                                                                                                                                                              SHA-256:668CCD9F6AF2C51F2C06BBB0728F76C27F82DCCF754E3424740444FF082042B8
                                                                                                                                                                                              SHA-512:3E62293835E21B40DDC07F26D4D7A60A996668745AFF68A0204D5736E9A11F9577C246A9E97946CE262F718823AC7D82E589C58032D2B4B84A52C7185D9BA0CE
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qplacereview.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....cla

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qplacesearchreply.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1742
                                                                                                                                                                                              Entropy (8bit):5.134396812720171
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:f098RszhJhpod9tjRZghcY8BA4V1VLVrGC8zUHUXUT:fTszsdbjRZghp82ILpCC8zUHUXUT
                                                                                                                                                                                              MD5:C33A2CB065D8DABA4D3A88DBF9F801A0
                                                                                                                                                                                              SHA1:6D919E05FE45F5B48A964878A19BD9BA0A91C0C7
                                                                                                                                                                                              SHA-256:113504E226AB3C4F18B4CEA45DFDE8ADA1F56BC1C95CDA2727C58098D49314F5
                                                                                                                                                                                              SHA-512:2D26ADF08461C246F455FA9FE2049E142C5712326F73580407C1F13109EA94FB63D639C3667211F833DC289CAD4C6916030596FF4D881DBBB62473F31654647C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qplacesearchreply.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qplacesearchrequest.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2337
                                                                                                                                                                                              Entropy (8bit):5.049201909622112
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:S098RszhJhpo4zTpdDKUp6ydrU8dU8Zk62pyccyq2tMR+/p5c2TmxLJVolEbI:STszs4xdDKUp6ydrUGUwkKR+/rWdJVoN
                                                                                                                                                                                              MD5:B5A5F20B3DEE63FD9002811E4F9617DF
                                                                                                                                                                                              SHA1:BE2C0D332A35981CD246650E1FAF0C63F0EFC26F
                                                                                                                                                                                              SHA-256:8096596C07CA015C313AA60FD7495C593423522E1F0AC14500EC82A3C99D171D
                                                                                                                                                                                              SHA-512:41EF9A368B093B35288668BE0290900494B30BFCA640BC989742FFCE34E55532AF11497B6E60DA2793F31D6A3171F2D1C9B17B3772620A51A4C1C4347C5431A4
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qplacesearchrequest.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qplacesearchresult.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1682
                                                                                                                                                                                              Entropy (8bit):5.078178272704751
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:8098RszhJhpo8plb8wD8lU8A6R8wrU8vdU8vb8E8B8I8j38pZn1yQyeh:8Tszs8p58wD8lU8A6R8wrU8VU8z8E8Bj
                                                                                                                                                                                              MD5:C75209BE42F85FC15B8B9BDC9ACE34FD
                                                                                                                                                                                              SHA1:FB8F7DFA2FA94B96D4C74A8C4E3A69D7598220D4
                                                                                                                                                                                              SHA-256:58254260A05E109B0052FB86DA29C37AA54688D430AE1C0D6DA823DB1F4FCADA
                                                                                                                                                                                              SHA-512:989B111412035D37537688E59420DD059310A398CB74E3059637D729175F0C4A0F9B9BF5CDD9E97DF2A329E9F6E2FF74C186C25A58DC4EA53AAD4D9208B4DADF
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qplacesearchresult.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -).

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qplacesearchsuggestionreply.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1438
                                                                                                                                                                                              Entropy (8bit):5.164002593093854
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:JH0Mn098mXIpmNDzVZRURU2SnOkphCTziOcwIHMQghcFeP:3098RszhJhpQRtMMQghcIP
                                                                                                                                                                                              MD5:C4AED09B1FD5BD9C3CE29F1531A8A7B8
                                                                                                                                                                                              SHA1:6FD77E92911F9C39603BD6E3459D47AB4552659A
                                                                                                                                                                                              SHA-256:8D2BE6C7C9C7383EEE098388D07FFCD9EC553783112F29A0DA9B40B522B29E9D
                                                                                                                                                                                              SHA-512:55F6EDA841C3B6F21F1ACF60CF54699DA1C93793755C7010FB2A1A7634D2CFD1A3B38BC6FBE0B29A7E98CB6C812A918427FC5E9460176467E7354C449DDC4084
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qplacesearchsuggestionreply.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qplacesupplier.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1621
                                                                                                                                                                                              Entropy (8bit):5.1067351526893585
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:9098RszhJhpFG16fIdIZY8udw/ZkyQyeLS:9Tszo16fKcFm+Xx
                                                                                                                                                                                              MD5:6A2CD0242F72CC1527603EF6B6A7CA7C
                                                                                                                                                                                              SHA1:77CB3A3AA9AFB2752BFEA3EEDA6C400123128782
                                                                                                                                                                                              SHA-256:C84895D80A8EB31E5FB4D0CE94ED730A52A8D114F84B06F2DF3E87E53999FB64
                                                                                                                                                                                              SHA-512:96CCA31DC371A5B6444EB35A15B1CCA2F9AB56C99B3709FC5B64454BD35751D449D531E2FA06FCF72FCECF8CAF665D87D79F51A36546AB5A9FBB544EF6FD4787
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qplacesupplier.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....c

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtLocation\qplaceuser.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1418
                                                                                                                                                                                              Entropy (8bit):5.137155748580127
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:JmmMn098mXIpmNDzVZRURU2SnOkp3I78mflDA6FNIDvdDvZEzdEKnY65:4v098RszhJhp368mflDA6FuDvdDvZEm+
                                                                                                                                                                                              MD5:78199C83D7BAFF0B849230856E727435
                                                                                                                                                                                              SHA1:6258EE57A6CB537A9BF283F705F8EF193B2FA23F
                                                                                                                                                                                              SHA-256:89F82167688885DF0CDE2FA7F2A5EFB65BFC11FC8B83E744D26B65225D8853F7
                                                                                                                                                                                              SHA-512:3A8A4F4F4D89AE8D889F71156EBD6580F1932F22DBC15569CE34B08E1E0050A107C99510B0F87CE106564299912F0DE1623ED20DC8C49C137232DD648AC6831B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qplaceuser.sip generated by MetaSIP..//..// This file is part of the QtLocation Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0 -)....class

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimediaWidgets\QtMultimediaWidgets.toml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):194
                                                                                                                                                                                              Entropy (8bit):5.069633939187143
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:SZDim82QIRGscR4NthyIXo+Cm4o6Tdk6An:ADim84RxbLwIX2G6A
                                                                                                                                                                                              MD5:49777BF1B56D34183A363D2AB801A2D6
                                                                                                                                                                                              SHA1:C637011071E675B978CEDB6E07EF1ABE09FA0936
                                                                                                                                                                                              SHA-256:EA7954DC68B029267557660F66FC584FE073AACC06B0806ACFCFA9AC51E087CC
                                                                                                                                                                                              SHA-512:E72D42D5686CF4286A19A3757D994023B164BA5BC4C0E0328D066CB0AC11B0F391A5E0775786C9D81D195EF3F195A6B28FEAD1906E3770B0C76F327FEB0FEED1
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:# Automatically generated configuration for PyQt5.QtMultimediaWidgets.....sip-version = "6.8.6"..sip-abi-version = "12.15"..module-tags = ["Qt_5_15_2", "WS_WIN"]..module-disabled-features = []..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimediaWidgets\QtMultimediaWidgetsmod.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2194
                                                                                                                                                                                              Entropy (8bit):5.154532499857463
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:CWX098mXIpmNDzVZRURU2SnOkC9e/VSI986wiND/fZR02ASBOk/KViUM2c2F:Z098RszhJhC4h98tAzhAS//OZPF
                                                                                                                                                                                              MD5:BF8B02DB1C0B6651624886BAF75CAA5F
                                                                                                                                                                                              SHA1:149382CB2C2B033FFCD451B10C4EDE8328DA6084
                                                                                                                                                                                              SHA-256:9E5D6215F5FC3AA8FE38C480A566327D67E21A90328EDF94608DB3A6B735736E
                                                                                                                                                                                              SHA-512:8BFFBE3755B5FE2741DB0A02788E48EDD1DB4091467C134F3B99D5AE5C54B05D2CF7B71E00C779E00E398CC1F042BAB10F5E3BB28E9EC50965BD7E4B558FD76E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// QtMultimediaWidgetsmod.sip generated by MetaSIP..//..// This file is part of the QtMultimediaWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%Mod

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimediaWidgets\qcameraviewfinder.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1441
                                                                                                                                                                                              Entropy (8bit):5.225498924130272
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:keX098mXIpmNDzVZRURU2SnOkIES2okLc3eoXmfyj:j098RszhJhqZkLcOoXNj
                                                                                                                                                                                              MD5:ECC98F4CE8C2ED0BD7980B2E18624273
                                                                                                                                                                                              SHA1:674422B8DB18DB0CBF4D3B6347B7732A8446672F
                                                                                                                                                                                              SHA-256:9437EB36BDF669D57C4903E7CD54DFF07BFB33C0A73C3380035013127A7514BA
                                                                                                                                                                                              SHA-512:C3860C875ADA86CB1DC1E23313B74C88F9F17111587E1602F7DED20A47E692EDFFEC3F4593A6D14FC81C967322373B6A6EAE3B77930DA639E1DD4D7C85B6CFEE
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qcameraviewfinder.sip generated by MetaSIP..//..// This file is part of the QtMultimediaWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QCa

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimediaWidgets\qgraphicsvideoitem.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2315
                                                                                                                                                                                              Entropy (8bit):5.205994958945442
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:8098RszhJhf9kTlOqVMYXElQgQrxIQa7RXNiVDHG:8Tszlal/nLrxIPXGm
                                                                                                                                                                                              MD5:048CC131231F7960E157A1EBE9F88118
                                                                                                                                                                                              SHA1:177AFBDC5D783174D76BFEC64BF066E9382F5E79
                                                                                                                                                                                              SHA-256:D406E9F00E4F12609085CBF6E58B92E6D321FF07753F5E3548E8A31263EAFEA2
                                                                                                                                                                                              SHA-512:DF2D58BC6E9958273BDB62149843B23A4E46C533B2581CBEC3DD734EEDE721DBFB5A0D87615D49CFB30EDFD5ED3B7DAAAFA8516D8D01F94BF48FB7F9B77EB40E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qgraphicsvideoitem.sip generated by MetaSIP..//..// This file is part of the QtMultimediaWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QG

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimediaWidgets\qvideowidget.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3274
                                                                                                                                                                                              Entropy (8bit):5.072438790787977
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:i8K098RszhJhoqytb+Q/66OqbuKwQFNdjSpc8XdIVIvITIZIlIXNiVDn:dKTszi66fyXdIVIvITIZIlIXGn
                                                                                                                                                                                              MD5:D552FD95728CB616034424C673564953
                                                                                                                                                                                              SHA1:9044C0EEDBDF2E4FA2D046944F1C6586138C9E3C
                                                                                                                                                                                              SHA-256:E1F02DCC8395A805AF91D2067724A439F79B41EBFAE10B0888711AC997E78967
                                                                                                                                                                                              SHA-512:78C81A1DC29B9367838BE6FED531203804160D39C7C4C9BD4DEB1B70FC88957FEB51F354F947F77DB733A44B16A8566AEA566AD8FA0A34AAE655D076FDBE4B00
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qvideowidget.sip generated by MetaSIP..//..// This file is part of the QtMultimediaWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QVideoWi

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimediaWidgets\qvideowidgetcontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2078
                                                                                                                                                                                              Entropy (8bit):5.017547237771276
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:i8T098RszhJhgJS+PiJieXkArZGAASxMS2cc:NTTszy4+PiJieXkArZG7SxMZ
                                                                                                                                                                                              MD5:806246371D067896D8AB088364492DD7
                                                                                                                                                                                              SHA1:FA978E6F559B920D3779856EAFD3F2E8A6E9229D
                                                                                                                                                                                              SHA-256:45CA6D22DEA20FF975B54822F112FFCF6D59045445073A5BC4C7758121230CE5
                                                                                                                                                                                              SHA-512:A6248121A2FFAFB1F8769A963026D54403ECDA11B6669F6FA172ECF7EE4207E3EBEC3BBB10BF1D6545E32C3F2586A47D0E1B61A9164D2DAA003BE34856AEF0CD
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qvideowidgetcontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimediaWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class Q

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\QtMultimedia.toml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):187
                                                                                                                                                                                              Entropy (8bit):5.078350016449667
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:SZ3GMiyT8QQCQIMQDKNsQJRDZXMKxwehyIWWMKxtHO+Cm4o6Mvk/dkC1WiE4yn:SZDim82QIRGsc/XNthyIXo+Cm4o6Tdk/
                                                                                                                                                                                              MD5:7B0A06A102479AB292B243F07D27C6B7
                                                                                                                                                                                              SHA1:BCC0F0F76AAD8A5EDF18457A429ABAFA2FB00876
                                                                                                                                                                                              SHA-256:92780CE3BCCE7418230B65CB701EC618E2DD1ADAE252BD88E8E437E1221C0BD3
                                                                                                                                                                                              SHA-512:AF91ACCCE8BAE26F15E8CFD1CBC22B86F572A86268FC2FFCC386FD907B5A0381622323B910029676ECF03EEE411AF18E87CFB5A828BAB79DFCB13824405BF09E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:# Automatically generated configuration for PyQt5.QtMultimedia.....sip-version = "6.8.6"..sip-abi-version = "12.15"..module-tags = ["Qt_5_15_2", "WS_WIN"]..module-disabled-features = []..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\QtMultimediamod.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4600
                                                                                                                                                                                              Entropy (8bit):4.973316120784139
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:+Q098RszhJhC7nXxXJ98tAzhAS//OMWERlP4zEfE:zTszU7RmAleMWErKE8
                                                                                                                                                                                              MD5:AE56E4FB70DA42847D56884F1B79E755
                                                                                                                                                                                              SHA1:86EED954B1702903ADFDD0922FBF49E478E72FD3
                                                                                                                                                                                              SHA-256:1301EA0F1355E3A313BE09B95937959270F2182252C0037682ED9740C49F6025
                                                                                                                                                                                              SHA-512:644FC4ADFBAE39E443DC6AD0C06F1AF08DFBE23A279756CF8AE6B0CDD5F369A8AC44FA13689DC13D1537AAAA1B31434A0E9952FBB8505495A8C5C432C21CBA14
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// QtMultimediamod.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%Module(name=PyQt5

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qabstractvideobuffer.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2558
                                                                                                                                                                                              Entropy (8bit):5.0636851193398975
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:RmQ098RszhJho8/8tlYl0aYllmB6qQvVVBE1dJOAEuxzJSQQP:RrTszik8tlYl0vllmB6xvfm1dYszJSbP
                                                                                                                                                                                              MD5:46B0EF04EC8E9506744BFBD8EB576FC0
                                                                                                                                                                                              SHA1:56DCC7A1D91C250D5E1F28815DBBD65D31653020
                                                                                                                                                                                              SHA-256:D78BACFE533E4DF85D140AC38C3303AD4D01B6178DB0A06A2CC338789913CB6D
                                                                                                                                                                                              SHA-512:590C8C4F9C8DD51A6A6E5F5B11F1036FFBE5F37B9356A015178BAB643FCBDCADBB7D32635F921F54BBBDE7972939DA27B8B921A77452959337D2C9230C70F95E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qabstractvideobuffer.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QAbstra

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qabstractvideofilter.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1987
                                                                                                                                                                                              Entropy (8bit):5.236340647973945
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:oHQ098mXIpmNDzVZRURU2SnOkpfsBc2vmJ8EgaxYA2BPA1pQVFj:wQ098RszhJhpcrvO+axYASPAnQVFj
                                                                                                                                                                                              MD5:7E32792DCE92C2C10D8E750F9CDB11C4
                                                                                                                                                                                              SHA1:66A9348DAAB95984FCDDE891D40DE3954385F239
                                                                                                                                                                                              SHA-256:AE12A538DB6AC6173D7FD3FD96A0E975CB8F92C0829BF71C13E723B789F43DBF
                                                                                                                                                                                              SHA-512:FFA7B7329CC50598436959E42A93EA02DB46FE5AD9BF680D9734920EF76710117938B37EF66753E1D83ED19BC9197462D864229E2C16CB468ACF73CC47EDBD96
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qabstractvideofilter.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_5_0

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qabstractvideosurface.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):7910
                                                                                                                                                                                              Entropy (8bit):5.106945935565657
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:AMArus29eZgV6bhDk6czZn3+muXPJXFbXhY:Kus29eO6bhDTczZn3+muXPJXFbXO
                                                                                                                                                                                              MD5:01148E4782FAD5E8810A79B887ED59A7
                                                                                                                                                                                              SHA1:61F4129A6C8EB29AE358C9696BDBACBA89C1099B
                                                                                                                                                                                              SHA-256:6828499FDDE28AAE799C08984D5FF20F42273F751046212C9D4D11CAD75E3E9E
                                                                                                                                                                                              SHA-512:4F7F70C19C6C3B552E84759E119AF4D7C487E5C9FAEA1B690D500786C1D286C0882EBC9057BE0F6C62E5010B51177C3C710B7DD72DB651BE367F4CDFC16FA5F5
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qabstractvideosurface.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QAbstr

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qaudio.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2067
                                                                                                                                                                                              Entropy (8bit):4.919568040892009
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:nQ098RszhJhNOXZGPV2hggc8PMa3RzQidn:QTszjtPMhxMRidn
                                                                                                                                                                                              MD5:475AAF8AB9D326D5C7414D4469F88FBE
                                                                                                                                                                                              SHA1:F6C15025BF780F78EDEF4E706E8411543214F82F
                                                                                                                                                                                              SHA-256:B6C0E457886D575F157105486BA70A3EC808AFA65B214ABC71F095D6598E09FA
                                                                                                                                                                                              SHA-512:0E9EFF8B74A0852508C7CA8E3876EADA0F2B52EB37C18C8C2BCCE70180AA4D41900A2E7D106D8E13027BEFA4169DF72995E71505D964156051570AC78F6C984E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qaudio.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......namespace QAudio..{..%TypeH

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qaudiobuffer.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1599
                                                                                                                                                                                              Entropy (8bit):5.13046775455429
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:EmHQ098mXIpmNDzVZRURU2SnOkaL8vn6Cu4JpQ8MV3h:EmQ098RszhJhI8P6Cu4JpHMV3h
                                                                                                                                                                                              MD5:E4015CF20D4A6FCD28EAEAA7C470E039
                                                                                                                                                                                              SHA1:595CE0A52875EE5F293CBAF3F24AB20D6167F4F8
                                                                                                                                                                                              SHA-256:46D6A191DFCF1718432E071233B5FF8CF6F5BAE06BDF3E6A16EB3F533ABD70FA
                                                                                                                                                                                              SHA-512:ABB9C291D567B9CBC9D8E3007B30A17FB2934FB847D3A1DF82C2FBB3795E36A54220C6D97113B6917DEC0E79592F1C60A4200FC462B0C921FA1667BA36EB02AB
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qaudiobuffer.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QAudioBuffer..{

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qaudiodecoder.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2663
                                                                                                                                                                                              Entropy (8bit):5.055396450375884
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:nQ098RszhJhNA90dL/oTZbszBeg6ZUagcpH2IHgvHDXI5Rz:QTsz3AYoFNguUaMbXI5Rz
                                                                                                                                                                                              MD5:B664FF2C2E3198C03FA614314EB8E83D
                                                                                                                                                                                              SHA1:337D1C3DFA495A054DD6B92403333AF4388DD4CA
                                                                                                                                                                                              SHA-256:1DE253599BADE6A615064B032F76910A2006F6E3F07D41D9A9E8CEF3A6B8D735
                                                                                                                                                                                              SHA-512:F7E6672D4E4169DA10AC8C1D72120D105392CCC6D31FB3287476818FF9DB617BE69E65101CD199DED7F1B8E6643E0B150CE00D999B212E91E9B3E419F7329CA3
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qaudiodecoder.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QAudioDecoder

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qaudiodecodercontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2249
                                                                                                                                                                                              Entropy (8bit):5.049558275378415
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:4Q098RszhJhESJY1Gd7bagJaJSmoUQJXvGUydVIa:RTszDJY1G9ugJaJSmoLJX+UgF
                                                                                                                                                                                              MD5:BA99BAA2B27BF573A7FEC7F9AC2DDA76
                                                                                                                                                                                              SHA1:3FDA55F7E7A71B9AF2B3854B4542EA1BC59C8EAB
                                                                                                                                                                                              SHA-256:37950526F7788C79A9270100C279F6C95EE8D536882F25FF4F0E2EB5E0DCEFA4
                                                                                                                                                                                              SHA-512:10BACC28309CBAE644D45E8CA8981794F634A2233E5468D71E54CBDA6B925212117F79CD1C51DF6558F6AA26886F6896897F7DEADBF8A820E784478A1BA3980C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qaudiodecodercontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QAudioD

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qaudiodeviceinfo.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2074
                                                                                                                                                                                              Entropy (8bit):5.121101002765518
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:FQ098RszhJhCPOf65ZRAwhq7Zu/5VMCHASzl4Ta05CFpS8+yDn:6TszoPy6To9uBpz8awDyn
                                                                                                                                                                                              MD5:926337835DBE4318F0DA7A1DCAA82996
                                                                                                                                                                                              SHA1:7FE725B38093629F37D2EDA3509E03F878615D17
                                                                                                                                                                                              SHA-256:A2372D7DC2060DF6F1B820C8EA00772E77BC0022ED951254A41BDD70D2132714
                                                                                                                                                                                              SHA-512:D4CFE820C94DCB7104B8354230A8FD4B600AAC705ECA614E7902C3CD5FB2B92EC9A0F5F8D64A80452B04F04E8976092CA802580E0AAA88014D1CC1E39E021AFC
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qaudiodeviceinfo.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QAudioDevic

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qaudioencodersettingscontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1670
                                                                                                                                                                                              Entropy (8bit):5.083329210236749
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:hHQ098mXIpmNDzVZRURU2SnOkJASuiL8eRs1VSpBJ:5Q098RszhJh+SuWtR6SBJ
                                                                                                                                                                                              MD5:11398F62D608DF2CB485CA5D76FE67F0
                                                                                                                                                                                              SHA1:E4FAFA10047722A7EE0D843AD3A1BEB302D5C65C
                                                                                                                                                                                              SHA-256:3E8636E8207BCD7FA625776FD613C9A5D42692BF6B13C9F38F496A22455A61BE
                                                                                                                                                                                              SHA-512:483D19723FD00E47EBB3DEFE787E964C5F57F33D1A7D1501814CFC2E19A87ECA70B60BFD180F16E237476D9CA792409DFC672BB4845D6EF9E526458727F67A80
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qaudioencodersettingscontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qaudioformat.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2337
                                                                                                                                                                                              Entropy (8bit):5.039999760596834
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:SQ098RszhJhMgQPDFdB6R+4BmDWB7vEmUXmOQmO/m6q6pgqmpWWSN5pfG:vTszqtDFdB6R8WTTtYvA6
                                                                                                                                                                                              MD5:27F53AEA38E8C05E5D57D8EE555ED3FB
                                                                                                                                                                                              SHA1:C102A81286CA6CE388357E7E22A8CB4B706AB607
                                                                                                                                                                                              SHA-256:1381E9638C44F74884053DB503A1B7518F052C1DA4866C9F2E66EE05FC1EABE9
                                                                                                                                                                                              SHA-512:EFBABBA44574FBAB1E3C70A21579C2A70A5290A0C830FED1DD697020C90DBE0EB3E675870A3226CAC021239A7D4C90A3B2B5A086BF76DCABECD5BD4ED0A7A61B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qaudioformat.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QAudioFormat..{

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qaudioinput.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2003
                                                                                                                                                                                              Entropy (8bit):5.097960016580604
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:LQ098RszhJhPAvxFbZcx4Cmyfws+mYgD+u16skG:8TszFAOxcyNL
                                                                                                                                                                                              MD5:1A34B3A509EE2CF1870981C2E8638032
                                                                                                                                                                                              SHA1:FA763A4BED07AC22AF705DF1776722D589A493AA
                                                                                                                                                                                              SHA-256:BE644D73B47D1EC6E5E6356EA6AC90D17B93944DBA77F4813A4533DDC2264A26
                                                                                                                                                                                              SHA-512:1C1E3BCE4879B48A0376605EC449A8D8A588E14C9F5C53C2A3E4E84E939AB0942A270EEE462AB0CE686CB5640778FE13C51B62523981FF26B4A18502946D24DE
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qaudioinput.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QAudioInput : pu

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qaudioinputselectorcontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1663
                                                                                                                                                                                              Entropy (8bit):5.1028399324612925
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:JHQ098mXIpmNDzVZRURU2SnOkhUSWesOHv5HIeY/umS2imL1sHWJ:RQ098RszhJhOSW8HvtIeYGmS2imR3J
                                                                                                                                                                                              MD5:C91176994AE641F894ABA1BC27486279
                                                                                                                                                                                              SHA1:74FC2EA35340A309D54A3CBB29AFD3CD721A55AB
                                                                                                                                                                                              SHA-256:69178CE3D5541B793055233A7614107D2A9A5F33DFD2026B20690211E9F2FFDA
                                                                                                                                                                                              SHA-512:F35EA8CC1A3D4A7F3F150D01CA66C5668A53D2E248930CA6610C94E9B851D35D8ED8A46A5F1DD2C5B61CCD255823D5F125CB3B2A0EE2C452949817DE6A07F9AB
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qaudioinputselectorcontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class Q

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qaudiooutput.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2080
                                                                                                                                                                                              Entropy (8bit):5.088782934782564
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:UQ098RszhJhqAGxeCZci4Cmyfws+hYgD+u16sWZXyR:lTszcAzicyKMU
                                                                                                                                                                                              MD5:DAB3E21D71D626285F26090D292AAE2C
                                                                                                                                                                                              SHA1:75942D6164CC6ED64E4212A66BC55683E0F4A73C
                                                                                                                                                                                              SHA-256:247F55F28DA05CD0256A841F71410B213805F7AE1020C474E1F87427E2AD3CC4
                                                                                                                                                                                              SHA-512:D4BBFF6C3BF5EAA794A1D36B2E6835E10934E998EF715BBA6A362AA1948A520D6D46CFA16879A43340770516FBC7C8BAE2E2F266596B644DC685587821D86140
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qaudiooutput.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QAudioOutput :

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qaudiooutputselectorcontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1675
                                                                                                                                                                                              Entropy (8bit):5.102710476280352
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:QHQ098mXIpmNDzVZRURU2SnOk2bS5esOsGHI1Y/B2e3Wj:oQ098RszhJhKS58sGI1YJ21j
                                                                                                                                                                                              MD5:E01F72AAF4C8573999456104B72946ED
                                                                                                                                                                                              SHA1:636014DF9D6272FF45480923ED3CA860E00A2CE0
                                                                                                                                                                                              SHA-256:D5F259EBF81982B548C09AA74ED7F32F871ECA60224389BE17C66FD2E02A25E1
                                                                                                                                                                                              SHA-512:B6540CDB6F18B99790038E47F06A67941359845BC700AD151F7AB74743FB932C96087C771B5653238EEFFD61A36A6434B079673C1913696ED7897819BC5A262D
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qaudiooutputselectorcontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qaudioprobe.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1382
                                                                                                                                                                                              Entropy (8bit):5.147837917159921
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:RHQ098mXIpmNDzVZRURU2SnOksuA2So6/Mgp9rH:pQ098RszhJhZAToaMu9r
                                                                                                                                                                                              MD5:4721890051493CDEF6E26E50A0B22683
                                                                                                                                                                                              SHA1:B5AB1D3ADECD9A8EE807F88C63948132F9FB55D3
                                                                                                                                                                                              SHA-256:C15199BC96551C0300BA504F5DB1D196F564409D0775DBD2BF5A7939F19A19C9
                                                                                                                                                                                              SHA-512:2D302D2FC5E6EF20F4D33106E21D17DAF8057F0CD67780998F9F3304B22BD5D3966B14B300BE2835D03E81C3F88BC6D40333FD4645B82E9B55C6FD390BA781DC
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qaudioprobe.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QAudioProbe : pu

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qaudiorecorder.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1640
                                                                                                                                                                                              Entropy (8bit):5.174719179661891
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:ZQ098RszhJhvlxhkOlXl08lkmZeLWEZvrZGEch:WTszvxj10ykKeLf1M
                                                                                                                                                                                              MD5:F3C4743F9A03B37A215FA051B9EDC22E
                                                                                                                                                                                              SHA1:22B283A9E60798CE49906835018FBDD7AA9F74B3
                                                                                                                                                                                              SHA-256:D53AC57AABAC9852102AAC8C7ABF17376462A791F07846499F93A8C0489C41FB
                                                                                                                                                                                              SHA-512:76007B49964530B328816E1FE3E87507BFDE5E8A6056CD13B1F29437E93D16BF8F0A373A09330AF15E61A2CA4C418CABDF32DF6F875127F3A477240581836E41
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qaudiorecorder.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QAudioRecorde

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qaudiorolecontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1480
                                                                                                                                                                                              Entropy (8bit):5.158334949140741
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:gHQ098mXIpmNDzVZRURU2SnOkpgg/SpVPYTI1:4Q098RszhJhpg8SpmTQ
                                                                                                                                                                                              MD5:86487AF01C8DBE0E20A1A4276BD9A5F4
                                                                                                                                                                                              SHA1:E88A5A8424DB632CDD7952376533C2DA0392FA0F
                                                                                                                                                                                              SHA-256:3738DD7FFDBBD7E062308D5C609BCB9424BF9EB359726268221FD1837F74FB25
                                                                                                                                                                                              SHA-512:45AEE65D28224E69F44CFB2CCDAAA7DF8A6FA0D62AAAF6947ECE58C6A8990B59A24F6FFDEAA3694FB2B030EA0756EA01E63A69C5CD9392ABC9CE7600750B5DE3
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qaudiorolecontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_6_0 -)

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qcamera.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5933
                                                                                                                                                                                              Entropy (8bit):5.086587730400647
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:xTsz2ArCvK2hPXZB7+4uUaH7nx1kAGpfRTTsQ3s/i/O/2E5/Vua:V7A0ZdqkJVRTTsQ3s/i/O/R5/Vf
                                                                                                                                                                                              MD5:A8D99ED1C45D72EEFE9B78270D119EBE
                                                                                                                                                                                              SHA1:1101CD5059B278ADDC0238E1DF13D1B81FD42638
                                                                                                                                                                                              SHA-256:F1EDB7822BF785B5E51318624513E5B8925375F7F516C3AF95172EBD9B34F955
                                                                                                                                                                                              SHA-512:DB1F3B85E82FCA3369CE15A28A88AA5EDD5FC469392FAF1396C807C78D8DB80EF43428C4A4A7E0C91F4C604AAFBBBDFFB4C4AFEBE4B29146E19103B317A1505F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qcamera.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QCamera : public QMe

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qcameracapturebufferformatcontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1596
                                                                                                                                                                                              Entropy (8bit):5.1492254090644405
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:kkRCHQ098mXIpmNDzVZRURU2SnOk/OIRoSM8o7m0XA:XR6Q098RszhJhHRoSpo7mB
                                                                                                                                                                                              MD5:B7CBBF689CB53DAEBF9FEACFA5F10AA7
                                                                                                                                                                                              SHA1:FAD9516D41EB9E734E0C2B6C1311E9B18DE92694
                                                                                                                                                                                              SHA-256:12B655698419E64315E714CBC9FD27A5418F659BDEC1E9CFB1627C78C7D1B67F
                                                                                                                                                                                              SHA-512:E30C67BAA720F2C2D49AF2520A859009FA5C88B06BEDC9CBC0194ADCEFA3A927048BD4DE6C0EBC361B51B2C39CF3B1EEEF8C2523AB41BDD97DF7815FF342247C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qcameracapturebufferformatcontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qcameracapturedestinationcontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1699
                                                                                                                                                                                              Entropy (8bit):5.051809570351321
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:XPbQ098RszhJhG/PJSvcXLsMFW2PLYMboCMeg:X0TszqQkXX3I
                                                                                                                                                                                              MD5:F2C5D688696E3DDA56C1108AC88EFD7B
                                                                                                                                                                                              SHA1:8530C90A9963AF39C0405BE8C19FB0555C640CAC
                                                                                                                                                                                              SHA-256:75B30DE0618C180DA0457B9327DF8575D9B35CDC37410862F3A7E84BA0DF3585
                                                                                                                                                                                              SHA-512:91A751132D1D9A4130619B1BE9902546C14171AB0B402A36279A1104A38BDE5A3F0D3C2DF5B669399A4BC7EE80EB58E570B2ED65F04F87CC6479CF7F348CD6B6
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qcameracapturedestinationcontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......c

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qcameracontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2067
                                                                                                                                                                                              Entropy (8bit):5.049405602529994
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:lQ098RszhJhW9N26o36z1b2tD2E/X2QCAXidwOClG:aTszioqz1bGLXIAXukM
                                                                                                                                                                                              MD5:9FF2A83F6CD9C9A32A5E1D9479CB6617
                                                                                                                                                                                              SHA1:F1B6D0BE6AD8A3FFE975233734D445D1F118F92D
                                                                                                                                                                                              SHA-256:666698C97F343D30455508737FDD8E73E2199368B84EFA605CBFF676A24564BF
                                                                                                                                                                                              SHA-512:D7FC8AF469D5FD0C070258A53BA169BE5621173CDA788E96A450560304C72D5F19947E5A8B38763102FCCEFFFC2EF15B188C005AA71B5DE6DFCD105DE5E57BF1
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qcameracontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QCameraContro

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qcameraexposure.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4530
                                                                                                                                                                                              Entropy (8bit):5.032673395620416
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:cTszhATs8GSD9rQn+WFO2WbRiRWIT+lsldfGrvqA:2GAcS1E4noI5udfo
                                                                                                                                                                                              MD5:FF4D34FA86317076DBDFF4BDF61CDFA6
                                                                                                                                                                                              SHA1:BE77BC487E325C0E2D227C6E4B8C5537E0F47065
                                                                                                                                                                                              SHA-256:631984D6FB728551925F9A19C482075570B1C5EA1A3958C274883043B8EBB08D
                                                                                                                                                                                              SHA-512:6AD78DB3B8695701A6638635A1A4F1470D083961ECDDEFBBB5F0F53EC2E99DC89E64A33E5EFC2055FEDCC89CC83393CE46BE11D776189CA5DB04E9150391D3BB
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qcameraexposure.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QCameraExpos

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qcameraexposurecontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2257
                                                                                                                                                                                              Entropy (8bit):4.998418303695696
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:kP3HQ098mXIpmNDzVZRURU2SnOkJyjNSwy7Fr3HXXv1kvxOpAmz1v1Hz1v1X3z1T:MQ098RszhJhoShBX9S0nTXvW4+C+c
                                                                                                                                                                                              MD5:F3B54DB05A7BCC5F7157F31592B1FE42
                                                                                                                                                                                              SHA1:837D1E6D90D0D3D8A1EAAEBCDCCC5E6A94D13A78
                                                                                                                                                                                              SHA-256:14AE50B6D723863E6FC123FD4BE0A8A02982D7645D827CBC417C2AF4B8DF3629
                                                                                                                                                                                              SHA-512:441BFC62817D3DA738303F4E669AF056587511488544B10D1760309B7116F9A100C28AB68E4B661712ADE51A915960A01297AAE7759F902F109AC1C35D52B53A
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qcameraexposurecontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QCame

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qcamerafeedbackcontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2016
                                                                                                                                                                                              Entropy (8bit):5.067682162422017
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:iQ098RszhJh9Sq6L2diuXvhYXChYXIdWpXaNLC:fTszzs2diuXvhYXChYXIdWpXiLC
                                                                                                                                                                                              MD5:BBECFB1EE3E070E97FE4D5A4A45D6F5A
                                                                                                                                                                                              SHA1:BDD0C58DE13C1CBB627126F7CD1939137EB8B64D
                                                                                                                                                                                              SHA-256:949D91D1CE867EA8E4EC235C39767DA13E1526A479D670FD42ED45EDF435996B
                                                                                                                                                                                              SHA-512:4A2A1291862FF27D5E2B7FA98973C1456D76D4717C90FE5DA01FBDC301E52B6379515D8AE44D141AF3FC71BD321D51A399C3E765782D40747AD69D60D28B7CB6
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qcamerafeedbackcontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QCame

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qcameraflashcontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1535
                                                                                                                                                                                              Entropy (8bit):5.144035088934151
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:kXUHQ098mXIpmNDzVZRURU2SnOkLLuSK829NFMOv2LK2qXrQCv2LK2NXrwfU:lQ098RszhJhOSKN9XMT+bXrQn+AXraU
                                                                                                                                                                                              MD5:F7C4551FB741AF42B2570F2CF39749DF
                                                                                                                                                                                              SHA1:65C6003E5D35262B09828761F888943DC8FEBC49
                                                                                                                                                                                              SHA-256:BB3C1E506C353DB7B1F25849281B986C03D49920B96947DC670A2910C2B73B70
                                                                                                                                                                                              SHA-512:AD3DFFF49E56CB113A5EFC05B21179BE0239A1EE2470A517B990841B9EB42733B332048E753E218A638B26FD93E1B5AA61E0157DF122B1DB25AC9E4A919484E3
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qcameraflashcontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QCameraF

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qcamerafocus.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3321
                                                                                                                                                                                              Entropy (8bit):5.041316311088247
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:6Q098RszhJhhcsCADOCbOAomL2cEDsMzEgo22X2oL9l3B9wl9i8RVpoya6:HTszE0yzAbSslG9hwj6
                                                                                                                                                                                              MD5:A893282124FD4480D7399753A144EB37
                                                                                                                                                                                              SHA1:C3B02731431A8AFB07D2C24D889FA272F65826F1
                                                                                                                                                                                              SHA-256:BA9623AA0AC530E300F11386C93E2CDC364747C2F204C4DD176F5C3827974C85
                                                                                                                                                                                              SHA-512:C4193FA5E38B633139D6924FCD92AF4EE6171AB8B219F77D2D2C07A48801180903F5E3A8BDC3968084DA369A89BB2232596A24BA7B9C732038536E0100AA96FB
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qcamerafocus.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QCameraFocusZon

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qcamerafocuscontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2079
                                                                                                                                                                                              Entropy (8bit):5.083313333840769
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:XQ098RszhJhGSoYcDbX4ADccXq3+X2LxWXz:gTszpoYKbX4ADPXq3+GLxWj
                                                                                                                                                                                              MD5:BAEC3541DFE63DB9E96E349351310ECF
                                                                                                                                                                                              SHA1:5ACE3C046B7AECEE176947E3AD416084920EF15F
                                                                                                                                                                                              SHA-256:DF1E7EDBA3D98188212F3834E4699C2B927EC5CCDC77CC7799F08E04501DD954
                                                                                                                                                                                              SHA-512:F87A7130F98E25E476A67EE45070C501E89911EB2A35780ECCB8640D715632C2DB343A4638016E23DA3AE89A19A123185C9C9EA18F99B87DB0AA28D06C5746A1
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qcamerafocuscontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QCameraF

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qcameraimagecapture.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3658
                                                                                                                                                                                              Entropy (8bit):5.019025473560215
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:zQ098RszhJh4yo+6NcFNwpV2bQO56ZUagHZ/ZwbPDESbj+cssMBe2XTYM28Clffp:UTsz9QRNWuUaiB6b3BNxqnnzeyXV6
                                                                                                                                                                                              MD5:C12D3EBE31CE9459EA1D9524339F7192
                                                                                                                                                                                              SHA1:3A593F2FDD9A6A9793A5214BC9FFE5923C6F42ED
                                                                                                                                                                                              SHA-256:B5EE9D5DBE0ACCA9A98B2858B788358024251250D8149F09B143FA7090341F40
                                                                                                                                                                                              SHA-512:D8B24F1282C6F15111EA76F9764FB00FC971EBF1902B187820C7577E380B8F82987379167499E32BA7260B2C523A4D7231E535582435F91C0DC7F4E1641C8E8E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qcameraimagecapture.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QCameraI

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qcameraimagecapturecontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1990
                                                                                                                                                                                              Entropy (8bit):5.090345721994596
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:EQ098RszhJhsSFXXgab8Fi/nfseE0He+f:1TszrFXXgab8Fi/nndHe+f
                                                                                                                                                                                              MD5:D585517705FAF7DDE2E947CE4E59F6E4
                                                                                                                                                                                              SHA1:08B87B764DC952C8B7D4D0A8E631C57DC5A442C6
                                                                                                                                                                                              SHA-256:5C808C7A9FA4498E71D59BCF2520496FCFAC963260E3B0F41197EF3672504ED9
                                                                                                                                                                                              SHA-512:72751659BA40CF2034BB900F627FD2965C9628D78238BA049BAC9826B413FBBADFF479D960AA749804884646DDFDAF27D86C6F55E0AC2457524FA0882957978D
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qcameraimagecapturecontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class Q

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qcameraimageprocessing.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3161
                                                                                                                                                                                              Entropy (8bit):5.0487091033960985
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:QQ098RszhJhYLAyXRX2Pc0bcacJrW24WcuyBK8RrjporfCaCod1N1g9SQ1t1jn:5TszkAoNhbiWyn
                                                                                                                                                                                              MD5:33DBE1478317270306DCAA6D6209E3A9
                                                                                                                                                                                              SHA1:0EB572692897F886F8863E6CBD6E748C8C55D522
                                                                                                                                                                                              SHA-256:BBF9F5691ECD8D8E764BC4048AC91A5E446C4639CCC45642418757F74279EB4B
                                                                                                                                                                                              SHA-512:B4005930510D8E37601F87AC2952C64EBAC53AEB2155EF07CA8A0DF1C9514CB5D9197F14EE6DF441D45B0F42700A7DF8E7D99851DE39EA97FC3E23DC9CC25107
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qcameraimageprocessing.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QCame

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qcameraimageprocessingcontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2160
                                                                                                                                                                                              Entropy (8bit):4.971023347131852
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:NQ098RszhJhYnNSrn0FEB2XZXCnHAXPnHVNcnHBYnHVXnC:yTsz52EB2XZXbXz8p
                                                                                                                                                                                              MD5:42107B060A89A2FB71E3742C242F2760
                                                                                                                                                                                              SHA1:0767273CC0BD64E0847DD7BD25E64DF295632971
                                                                                                                                                                                              SHA-256:A3FFEB3239D5412F3FDFA3BEC629FD4D5F023D9917DD90546E218C966132DA58
                                                                                                                                                                                              SHA-512:BB5C229AD6B8A2AB1DDE94FAFDADA9B4F0EA30115D57A2AC4968656F585973C591C7AF58D03CD49547A943488F21DAAB6B7AEF60D053CCEAECB69783D133F075
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qcameraimageprocessingcontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......clas

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qcamerainfo.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1694
                                                                                                                                                                                              Entropy (8bit):5.115309167830691
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:kdHQ098mXIpmNDzVZRURU2SnOkp7RYOG5Seg6gZRAZvVSFlxBxAS:kQ098RszhJhp6Ox6gZRAZvVSFl9AS
                                                                                                                                                                                              MD5:0815B7216969DCF29AAD1869E7574F33
                                                                                                                                                                                              SHA1:ABA485A84D82CF489F7364982B8DAB1E929B660F
                                                                                                                                                                                              SHA-256:67BF98045FC349E40AF8A4C7A27660842F40DAED4979EC89D8DF529FB73FEB62
                                                                                                                                                                                              SHA-512:EE28BD84C64EB050656D2B635F3FA50189B0B725F4D125E6022DE713518C56DC13CF165544735E756AEB3D794B0A6BE9D4154C8C8B387538AC2CCEB3E16C17C3
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qcamerainfo.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_3_0 -)....cl

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qcamerainfocontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1385
                                                                                                                                                                                              Entropy (8bit):5.119520315926972
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:kWHQ098mXIpmNDzVZRURU2SnOk5QSGvgWnY:BQ098RszhJh+SGvgqY
                                                                                                                                                                                              MD5:CB028B231E17A29F13B540CC95F3CAFA
                                                                                                                                                                                              SHA1:825A85DBF818EB1FB724F4015A81CF96E829C276
                                                                                                                                                                                              SHA-256:14D7391E33F78F6EBF90D3920D6F9D7E42BCD9991A98A5A139908AC5B7E81087
                                                                                                                                                                                              SHA-512:D0322192EC3D3BCFC37C40CA726278D2B3A47809945219491E71620AC31DE6678992E2FA2AD2C50450E76A8E9260D6EAA1EE9BD7E4A1E57DB4C4D7FFA4A501F8
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qcamerainfocontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QCameraIn

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qcameralockscontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1618
                                                                                                                                                                                              Entropy (8bit):5.163962770921877
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:kWHQ098mXIpmNDzVZRURU2SnOkZQS4XcccngmR3eRwSn1/:nQ098RszhJh+S4Xccnozy
                                                                                                                                                                                              MD5:86DAF4C082BB92CC0ECE5D2333BCFECA
                                                                                                                                                                                              SHA1:4AB76E525854A35A0FC870F19D8B6F457BEF7FF1
                                                                                                                                                                                              SHA-256:E0FDD6F94B091C9798437442748EF8CADECA3FC045E53B55BDC41F78433EFFEE
                                                                                                                                                                                              SHA-512:638771BA79E5210B455873EEBC9A43F13D81B6E1579E41F8E144669C230D9503C19AD8794CAD8BCC069E98AB14F289127BCA9107EFF23F69851B719B129CE2D5
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qcameralockscontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QCameraL

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qcameraviewfindersettings.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2139
                                                                                                                                                                                              Entropy (8bit):5.139078662446435
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:kQ098RszhJhpJnc+s567HsXMuRj8H53lFxE5xl:VTszVc+s567HtOyJxQxl
                                                                                                                                                                                              MD5:7DD1388CC70E9FE55E9B952D225BFAEE
                                                                                                                                                                                              SHA1:24649794535E5FCE026D7A5219DEB1FC1E776EA1
                                                                                                                                                                                              SHA-256:6418F7F6D0E73293A1FD5EF080969DE9410F23F357258A094A6C337EF5A178A6
                                                                                                                                                                                              SHA-512:20C949FD9C718FC0C8B91A67130C19E2D331D1A35205DC8ECAB75F5FF3EF48C5728D56F3C4F027E90DCBF4A1DA19955CBBBDC1C44C1D1033CEEA3401AB0FF559
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qcameraviewfindersettings.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qcameraviewfindersettingscontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2420
                                                                                                                                                                                              Entropy (8bit):5.045446808631823
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:BQ098RszhJhLaP+wkaJXq+QG+Uu+kG+Uq+kG+C+xySaRx30uT0es8Ph:OTszl2+wkaJXq+QG+Uu+kG+Uq+kG+txy
                                                                                                                                                                                              MD5:E323CB03C0DFF365CF1B5C242A4A2919
                                                                                                                                                                                              SHA1:C9D132CDA56381AF806C3A14BE15B587EC4F0196
                                                                                                                                                                                              SHA-256:3B8A7D49B65E9C2A8A12C785D781FF5124C933040A9C7752CDC53AE29A275B1D
                                                                                                                                                                                              SHA-512:8C637482B09F7D1CD17C5A53A535B29339D3A3072F86C21F9B6EE2EB061A7BCC4F80CB7AB34BBC55FA71E238215C82688176C7CE295E712D3A3855EDC7CA0557
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qcameraviewfindersettingscontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......c

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qcamerazoomcontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1926
                                                                                                                                                                                              Entropy (8bit):5.090573717710178
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:eQ098RszhJhMSzz95HoGRiaJ9ABpnbWqR:TTszTzHHFRiaKbWqR
                                                                                                                                                                                              MD5:63BA171C7EE3BCF9231376CCB2EED990
                                                                                                                                                                                              SHA1:4BA2906115E2A44D42BB7AD72D50FC691720BD60
                                                                                                                                                                                              SHA-256:F43ECDB46FFA833A389DAF0A97B247C6D4BF3A66F5FA15CEE6AD9E23B77D1F9A
                                                                                                                                                                                              SHA-512:17CF57C756F7E588412F78FDACDC8FA8CCE4B5B7EA9CE96D38BF844434FCB694ADE15511FF9B80671C6040BC972454A1BB1B911F5CC138DA7D68AE7DE9C6AD04
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qcamerazoomcontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QCameraZo

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qcustomaudiorolecontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1526
                                                                                                                                                                                              Entropy (8bit):5.154070852235135
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:BHQ098mXIpmNDzVZRURU2SnOkpOPuSOkjVmVb:ZQ098RszhJhpOmSOQeb
                                                                                                                                                                                              MD5:BC7D666AA3EFD6B514F987B6D00DF630
                                                                                                                                                                                              SHA1:99FFAB11C6279C9CAAB18DCE6DB73083101AF817
                                                                                                                                                                                              SHA-256:C4B6BB2A689317F4045780DA7C72966B7475B489A39C9D5EE8BC256A9A0A1161
                                                                                                                                                                                              SHA-512:485D6FCA9A1C10B343593B04DB4336A3A411621D8CD990F37C439F36239802B1305FA82FEC581D08215E82E93726005E190563618885043F80DC662D9C6682A6
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qcustomaudiorolecontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qimageencodercontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1633
                                                                                                                                                                                              Entropy (8bit):5.107673401241624
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:tHQ098mXIpmNDzVZRURU2SnOkxASytnW1dqbZ:dQ098RszhJhuSytngdqbZ
                                                                                                                                                                                              MD5:5756A77082B9930D73BA257B6D8FD241
                                                                                                                                                                                              SHA1:45BCDC4FB81DDA226B62D44F2180AC7D18961AF7
                                                                                                                                                                                              SHA-256:8FFCD6EE39ED0C36472AD402496B380037B06E5752548BCF7860A6EB8C743E5D
                                                                                                                                                                                              SHA-512:C72221017320D033C71E6FB93F0547575C7C7424780FF25F6EFC1CBE1466B2674DA984DD60CEA7D790345607A75EBC0ABB70FC6DFE771C045657D0E989EADB02
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qimageencodercontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QImageE

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qmediaaudioprobecontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1341
                                                                                                                                                                                              Entropy (8bit):5.1441088741350125
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:vwjHQ098mXIpmNDzVZRURU2SnOkyVw+4wZSdVwHrOVwQ:eQ098RszhJhqSwy
                                                                                                                                                                                              MD5:23FC82A8735C0F0A9EB58A57D4B651D2
                                                                                                                                                                                              SHA1:E525AD1603E03807A3C2BC7C853B3138D8FF1339
                                                                                                                                                                                              SHA-256:3CE56684B10D41CE203F479E6AF8B9CD6F9ACE38605C6B04E4A2BA1997A31616
                                                                                                                                                                                              SHA-512:11B4DE28F0DA2141BC0057F12C9A5CE2127C4A4A79E17467971D72C35E6B41C48662E4572D00D172F4BBAB48E2051A8ABF4D5BC65B98506B8BB1AECDC81F1274
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qmediaaudioprobecontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMed

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qmediaavailabilitycontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1423
                                                                                                                                                                                              Entropy (8bit):5.126797304411182
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:tHQ098mXIpmNDzVZRURU2SnOkyyqSd4bIak:dQ098RszhJhWSSw
                                                                                                                                                                                              MD5:EB4C05FF275C25527D7ECC26C3787A75
                                                                                                                                                                                              SHA1:B6AA210533551FBB56A459D6408C43D55B4D4DCE
                                                                                                                                                                                              SHA-256:8FE8F1937ACB56EC775D62CC7C4F0D1FCF1BB873C9BDB84907B4D52E3E9DDDBC
                                                                                                                                                                                              SHA-512:C3936AC19727FA62F3190083264987976943DAD2C2964A690D9E8D8EBBD979F2C4AFABD1ADA55B7791963219DC3CED2C67ECB48B066D223BAA137585714A7764
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qmediaavailabilitycontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QM

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qmediabindableinterface.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1267
                                                                                                                                                                                              Entropy (8bit):5.1456887531081925
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:bHQ098mXIpmNDzVZRURU2SnOkisSU3WXmfEov:TQ098RszhJhtSUGX+
                                                                                                                                                                                              MD5:EA731024D3FF014F8C6CA88765BD91A3
                                                                                                                                                                                              SHA1:5ACD98D9930AD0A87F3F1C74ADB0D50D9290D4D4
                                                                                                                                                                                              SHA-256:1567D2717A30F6BCE194F829DEF8FD22873DD5D5B815C1485B653C3909CAA957
                                                                                                                                                                                              SHA-512:73D20CE358C73220FD8E33E1E3E3FD7581E5EA04F60D79E3B86B74C2CDA0EC67F54F1AD4E6B364BB399F03B05F2BC5BDA415A8FE7BE8553EE907A1ECEB9D7FD9
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qmediabindableinterface.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMed

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qmediacontainercontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1505
                                                                                                                                                                                              Entropy (8bit):5.092171449123329
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:pHQ098mXIpmNDzVZRURU2SnOk5IS2TNrrCHdg:xQ098RszhJheS25rrC9g
                                                                                                                                                                                              MD5:68BC3F614FFD4B2FB78951D1B3313C63
                                                                                                                                                                                              SHA1:8FC5737053932EBEC654E50F82D513D4E3968FCF
                                                                                                                                                                                              SHA-256:8CE6996048E634C0CEDCF7E638B0BCC7F1547D001AAC14C46BD11C0E6A27658B
                                                                                                                                                                                              SHA-512:BA07DA7454EE57C6F5537AA18411A19221D184D82F7B50FF71354C98FFE6C45AC14B551FFA76C6AD0AA9EC162E49C05CAC8A041EB5360AAE3E07C265A065447F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qmediacontainercontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMedi

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qmediacontent.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1870
                                                                                                                                                                                              Entropy (8bit):5.0774952862760525
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:XqQ098RszhJhKX4yCJRgXfHJRXT0Kc+os78S8dDn:HTsz83CJCvHJ9Ten
                                                                                                                                                                                              MD5:9FF3C0D97164AFC48331A216ED102F57
                                                                                                                                                                                              SHA1:F8A2223A4130239CEC3AE9F71E3775F18EF26A11
                                                                                                                                                                                              SHA-256:046EE72568CDD880DE3F30E8D0D369A38E0AF39CE25AD29F11A080281EB16710
                                                                                                                                                                                              SHA-512:FF1DC7FD707BA615074F45AAA925EAD2E4B5548ED962A5181BFD7A8944A3569E5964CE548F0E1A3739AB6EDD6FB1E45316E392E8774A92A44B156F15F2A7CB05
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qmediacontent.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMediaContent.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qmediacontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1301
                                                                                                                                                                                              Entropy (8bit):5.221821562253981
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:6HQ098mXIpmNDzVZRURU2SnOkOA2VSHFn:CQ098RszhJhOAwSHFn
                                                                                                                                                                                              MD5:D74E4AE92A9321722D32174F63766A59
                                                                                                                                                                                              SHA1:D8F17ED45B093161EAD760B7B8CDE227B71E753D
                                                                                                                                                                                              SHA-256:9539AF5C0DE90596A94FE7500603FC133D2C621D768F3BE99451F371A1E8A5D5
                                                                                                                                                                                              SHA-512:E0E51FC59C8743E5B11189977085136921153F8D28716C419DB1522D7E7604AB06DEFEDEDA4D86359DA6E1C06E0D895C92908CE2C5D1342885C0CEE5509DC2C8
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qmediacontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMediaControl

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qmediaencodersettings.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4158
                                                                                                                                                                                              Entropy (8bit):4.9206387574710915
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:6Q098RszhJhB66gwc3S175QqmxwqSUZ19H6w7c3S17xb3YOwqSUZ13h6M5cZ7xaE:HTsz66Z12isX6C1tSsT6/zsa
                                                                                                                                                                                              MD5:DC7349008E874D59D01F5AC9E22C2C44
                                                                                                                                                                                              SHA1:A08E341C539F3938CAD32F46C1AE3784572932FA
                                                                                                                                                                                              SHA-256:6719EA20F8806392F53B5E219DC2566FCA22FDECA8EA8AB9DE7A4068E421B4C6
                                                                                                                                                                                              SHA-512:A5AE7B51FC5AFF4A3093B165BD36C2562C5E19C039879DCDB4236318CFEABFA4B4E5FE59A72A5205673A3687302BE3A59C5123D9367EFA0A61934D69E996B73D
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qmediaencodersettings.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QAudio

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qmediagaplessplaybackcontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1705
                                                                                                                                                                                              Entropy (8bit):5.118989169638743
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:OHQ098mXIpmNDzVZRURU2SnOkyjSzoAXI615P1:eQ098RszhJhoSzoAXR15N
                                                                                                                                                                                              MD5:45D97372D73295BEE483821220927FD1
                                                                                                                                                                                              SHA1:17052BA047259521B98A5B5D0F623C58B3D2B102
                                                                                                                                                                                              SHA-256:568F4C1111107B4AD75046476C189BCFADA28C27E6734275881A387623043319
                                                                                                                                                                                              SHA-512:47CE9373B898A93D9FDD48F21D1D39EF8E4D9159505587A675F98FDC4AEAEB60C9F8881428E0BD56B6218D5033C65F8C71CA2FC3EF6809B59B5D895A4D54619C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qmediagaplessplaybackcontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qmediametadata.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3993
                                                                                                                                                                                              Entropy (8bit):4.735951023142307
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:KQ098RszhJh47t+iZ8YcG5oAB6KGKnqgl6sFKMnZwzFlRQB:3TszUtFZ8YR5F0KGQqgl6sFKMZwFgB
                                                                                                                                                                                              MD5:A342639FCC4064C25347AB37856DFCF4
                                                                                                                                                                                              SHA1:7D4C6E9C58396418348E4E27EED525491A66D8FD
                                                                                                                                                                                              SHA-256:6100B9D74581B64233B0B0A2269FAC1E8C4240C56D9567B2752CDA4BCD605AF7
                                                                                                                                                                                              SHA-512:F6F79B6BD1E408532E78C4412570009D2D85AA8FF784B2DBF9A3E73AA281B120550099A01EA17293B70918F65ADC9A099CF4F3B4A3BD76E4ADED3DD16C9ED369
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qmediametadata.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......namespace QMediaMet

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qmedianetworkaccesscontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1517
                                                                                                                                                                                              Entropy (8bit):5.127491418312526
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:iHQ098mXIpmNDzVZRURU2SnOkanPSTbFt+bJUT:aQ098RszhJhaPSTbFt+lUT
                                                                                                                                                                                              MD5:54E3A6BAE57F73455E6078420130F982
                                                                                                                                                                                              SHA1:9B6D2EF81B57B3431BA7A7119C33C6D7CD8A9DCC
                                                                                                                                                                                              SHA-256:536FE489BE9CF822272DFD0348B0F03B42BFFED1BB7FABAD92C259272948080E
                                                                                                                                                                                              SHA-512:5CFC49D55449CA531D8E94856E21D372E589C899600BB809244F4638BEACE0D53DA71BC02A2B4E853A6669DC94D12B16D609FED7862ADC467C7E43F4EECA0183
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qmedianetworkaccesscontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class Q

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qmediaobject.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2098
                                                                                                                                                                                              Entropy (8bit):5.083504981094136
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:8Q098RszhJhCAGSa6X52QTQGEgtXI5Rt2FoBZD/pjI2t7M:dTszEA/a6XD0OXI5R/+
                                                                                                                                                                                              MD5:FE7D794DE7D36889E3A6B1C9460BDEDA
                                                                                                                                                                                              SHA1:D9C47D5E129D43786EFA0AEB11BB0CEA4F529472
                                                                                                                                                                                              SHA-256:ED0A694A0EB06708DFDB6B5415B11856C3A182E858A412E8F114D41EC7F1CA9D
                                                                                                                                                                                              SHA-512:E8E1C32D810484F34885AB02831EA3F1E79AC58C5D454D87F807A2249EC98DEF7914DABE2C398D319CDCC1086E3E645F97AA8B5E2D6A212273085BE6AE8D91BD
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qmediaobject.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMediaObject :

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qmediaplayer.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5113
                                                                                                                                                                                              Entropy (8bit):5.055121533559872
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:vXTsztAvm3CyNuUa9taViOGlpiXI5RmZIn:biAObNSaViXpiXI5Rdn
                                                                                                                                                                                              MD5:7AC0DDEC88835BCCF9DFD04E098A8C78
                                                                                                                                                                                              SHA1:058A98DFC9694DF84E297EFECA6872A23C267B16
                                                                                                                                                                                              SHA-256:4689C71BFB67E20C142B10F525A7E40D412C20AF23C37A91877B967A45FB575B
                                                                                                                                                                                              SHA-512:47E433B21103CA920060ED1EF47D8456A681C77902EDCF8DD4450EE96E7569C262F3DE4E92692B06C7BE58848335D01B0135F1DE8D4A0E2F7941D981FBC322E6
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qmediaplayer.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QGraphicsVideoI

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qmediaplayercontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2979
                                                                                                                                                                                              Entropy (8bit):4.9934739808905695
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:fQ098RszhJhWSAN5HUr+qrXM8oX1GXGGX5SQ6xBqbbX+cJiJagmeFJQLMi:YTszxAN5HUyqrXM8oXgXnX5Z6xBqbbX9
                                                                                                                                                                                              MD5:5907E7E11F999C5414FFB08EA74CA5A3
                                                                                                                                                                                              SHA1:386463877474BB08DEBF2DF6F5B4BD29311266C6
                                                                                                                                                                                              SHA-256:E44061D27547E1BB87C8EFE3F5F882CEF0D52DF4EF0E889F57F53775EC640F15
                                                                                                                                                                                              SHA-512:69A172BA94F23D10EC61BD4D66930992DE6AA74D0029A611712A5B5BBC8F1E0964CB5DE489E93F3CC59C92BE40A6140BC746967B618E47BC3F374A6E4FF5C2ED
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qmediaplayercontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMediaPl

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qmediaplaylist.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3573
                                                                                                                                                                                              Entropy (8bit):5.00934714826084
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:nQ098RszhJh47FJp4Q/N6OMQ6wGYGmLObWj+ERC/EACi6ZUagSnN73xtXNj:QTsz8FDN6mpdj+truUa/NjxtXV
                                                                                                                                                                                              MD5:7FE0471311C5107816A75A9F5FC3DB77
                                                                                                                                                                                              SHA1:FC300F43CB0D7A60FDACBA56C743A802B209C196
                                                                                                                                                                                              SHA-256:5E651D5A45575A856A640199ACE7B51230DDCD6B3E53491FD0E1D1DAD151BBB2
                                                                                                                                                                                              SHA-512:00AF03566DEC283DAB0D7951CDDA24B80EB2A32A9F7DF3E07F660B239C164AE23D4BC66924CB9BC44E752C62AFE20794B45BB1CE8FA4923A5AC5303A54A8CD53
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qmediaplaylist.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMediaPlaylis

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qmediarecorder.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4576
                                                                                                                                                                                              Entropy (8bit):4.916826887535129
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:wTsz1wK8Lq5nWWwuUaq10YdSzgbDImcc9VCWCXV:6ywK8Lq9WWwxVCWCXV
                                                                                                                                                                                              MD5:7ADA68AD943DE7E65588613E3DE3DE7B
                                                                                                                                                                                              SHA1:B77DC06113230585E728F464A6A2270DAC946448
                                                                                                                                                                                              SHA-256:5D84EC6B2E8EACCCDFE7E73A8367958DF3B759B94F3300434888772AE99790E6
                                                                                                                                                                                              SHA-512:E1D8E026BB9E91961D7B5A471C0BB58F2028EA4830592C038FD3DB8EBEB1EE369D63498C93FFF75C8BD6D41F57C32636A9AA077DD5BF3E2697D85345B6FF947B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qmediarecorder.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMediaRecorde

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qmediarecordercontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2141
                                                                                                                                                                                              Entropy (8bit):5.043631464392385
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:YQ098RszhJhHaS80LXqEF+IVIVHXMkE8JVHEGiFkf+Ho:xTsz1b80LXq/IVIVHXMkpJVHdiFkf+Ho
                                                                                                                                                                                              MD5:3F5F3240275A62785C64A9A9D540701C
                                                                                                                                                                                              SHA1:12F5050BA9F470183378481916D09EC04F65832C
                                                                                                                                                                                              SHA-256:94CBF3E1D3FDDCBF55758B0AE9E7D30D14F366BCF921E04C29EAD2467FF64415
                                                                                                                                                                                              SHA-512:4E2A23B0A3B8547142A704D86BC7791566EB92320A10E180CA86701E69C349FF2D70CFA21E29F87311FE88ED192182E3B1E91F52D8E8D274D7A9074ACD54D7C4
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qmediarecordercontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMedia

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qmediaresource.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2337
                                                                                                                                                                                              Entropy (8bit):5.0104035695566
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:J3Q098RszhJhDRj6VpVeoZTZPp17ZflgXdzbmN9Q5l:JATszXj6xFPj9Ng0+
                                                                                                                                                                                              MD5:2F958E5716D128CF5BC86F20A4FE8ED6
                                                                                                                                                                                              SHA1:F588F986D33EE10C419FDA825788B4640E0B1AD1
                                                                                                                                                                                              SHA-256:CBFB2FB2950B2600ABBD700C32C5F322A369DEEE99FE4E1C360344E9F78FE64E
                                                                                                                                                                                              SHA-512:1AFF54F6138811E17AE7C603BA4264AE9681E0222D041A3EF8BEBB755150DBBC02D7AA74CFB0095D56A214B3212E32B8F9936F29458FA04E060962B29E4F27E5
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qmediaresource.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMediaResourc

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qmediaservice.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1312
                                                                                                                                                                                              Entropy (8bit):5.136724081266635
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:gNHQ098mXIpmNDzVZRURU2SnOkVuA23vSAIURbwm:wQ098RszhJhcASSAIUlV
                                                                                                                                                                                              MD5:6728C57724B2F21139C564963B9C3601
                                                                                                                                                                                              SHA1:0B2C1BA0725533AB32C5444C3F6764978637A5FC
                                                                                                                                                                                              SHA-256:4B8D0BC6C6ADAB729BF945BB9D58FF9671F5F7B05C17EEF59E24343074B81763
                                                                                                                                                                                              SHA-512:81F4E8D2600AE64B29208192692A6CB389F7E5368DD00E190632908C0C964CFD074707FB4445BFDFD82CB1B00463AB37392C4DE75FA96A126735C741456CFDE6
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qmediaservice.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMediaService

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qmediastreamscontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1769
                                                                                                                                                                                              Entropy (8bit):5.050961960226345
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:zQ098RszhJh5QnwOETs5Z0JYLyjXDyDWZ:UTszzrOETs5Z0JYOjXGaZ
                                                                                                                                                                                              MD5:41F364BC337ACFDD5DF9125E884F9D92
                                                                                                                                                                                              SHA1:6A2E2F8831D79A00A064F73A6DD7FAF656BBA915
                                                                                                                                                                                              SHA-256:6ADE37EE792457B54B7CF8D655293300C53670EC6F20A71E4500DED8982522E6
                                                                                                                                                                                              SHA-512:07ADE7208F24AD43B6D2D62521214E866FCAAB865892DAD606E4C87E92C2857C96AE2348F7E355B26D6CA7A02221FFB7A039EBAB0961DCFFB2B4A05968E1EC41
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qmediastreamscontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMediaS

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qmediatimerange.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2967
                                                                                                                                                                                              Entropy (8bit):5.031830788284302
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:PQ098RszhJhBH4o16zHpIH8xKvSptO21UN/B+Q3F:oTsz5H8xKvr+Q3F
                                                                                                                                                                                              MD5:52575693ADBE3152ED88D08F10A82EC3
                                                                                                                                                                                              SHA1:703BADAABFE1571E3836333DD09054EE27DE3FFC
                                                                                                                                                                                              SHA-256:26BE256CAE3925042698FD909132B954FB69FBE266F01E2100F5592E42F266CE
                                                                                                                                                                                              SHA-512:1A8552FBA58FFFDAF3A3A93034F777A0F636776DA51082C65D20745C8E2018101F873B3705AC473673FB9751355D5EF8D950261A06A77B62830E9EE51D04BC55
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qmediatimerange.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMediaTimeIn

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qmediavideoprobecontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1338
                                                                                                                                                                                              Entropy (8bit):5.143008284218154
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:nNjHQ098mXIpmNDzVZRURU2SnOkA+cNZSdMMQ:BQ098RszhJhSSw
                                                                                                                                                                                              MD5:F93C5F02E5E6CEB1B3E8CE85E2F43B9A
                                                                                                                                                                                              SHA1:005934E8194DCD7C28AC055E1BA879AB384B3D97
                                                                                                                                                                                              SHA-256:9D2D694FAA50B7F2A4E279531A5A8AA5F95828CFAA2FD440918387FA9692936B
                                                                                                                                                                                              SHA-512:9761E715C4D59EB13D6C1CD40176A811A7CF851B2B1FF919870979EF4E22848F2D2B6E274ADAAFBDCAC3BE95BF42B949D3411EE222E382875E14235C5A23C860
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qmediavideoprobecontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMed

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qmetadatareadercontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1580
                                                                                                                                                                                              Entropy (8bit):5.113661199593881
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:ItHQ098mXIpmNDzVZRURU2SnOkjk1PS4iXGGKGoF5NyEAI8+:kQ098RszhJhASFXGGdoF5ovIB
                                                                                                                                                                                              MD5:50372B89D9DF3E371C5BB8F4114C6414
                                                                                                                                                                                              SHA1:B43B8A53D54AB3BECA09A99BCC928FD6F9E159B2
                                                                                                                                                                                              SHA-256:97E1B4336E6AACB0833CBC5DD8A2C121D7F1A06D658E6D0575B56DA70D95B809
                                                                                                                                                                                              SHA-512:D9BFF6EBC0DEFB7535650248CEF0B719404A22BC75E7E885CE5A7D31C5B01CDEE06BE99722CF2756D75DF0056E11CBDB2DE127FAE11BEE356BF74FDF26E7188C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qmetadatareadercontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMeta

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qmetadatawritercontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1742
                                                                                                                                                                                              Entropy (8bit):5.100089964223457
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:AHQ098mXIpmNDzVZRURU2SnOkMpSJXbNXGGKGoF2G2Ez5NyElIt:YQ098RszhJhsSJXbNXGGdoFh2q5oCIt
                                                                                                                                                                                              MD5:98D7C01A47E052071F7F87807A38E9B3
                                                                                                                                                                                              SHA1:C9C876A7210F69C91BFBF9410BDED17B9DC2FDA6
                                                                                                                                                                                              SHA-256:F50D0B0D2572B191A5D6D01F22B0A1628C48D5D875749F1A2D91811E7EF07C32
                                                                                                                                                                                              SHA-512:53A353E0AC054E76FF868534AF6749003AEC72973A5FC90DCB58FFF73BC4D91910FD771071CF5A49FDA6AA965FE3F034945F28CFD086DA6A81EF89AFBBFF619F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qmetadatawritercontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMeta

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qmultimedia.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1661
                                                                                                                                                                                              Entropy (8bit):4.9175428027471915
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:cHQ098mXIpmNDzVZRURU2SnOkj3QTjk36I0AMBFCwAnIqOapWfcF:cQ098RszhJhEjkKI0TqpQW
                                                                                                                                                                                              MD5:8B4883C5268A1C689B379DF479E1C1A3
                                                                                                                                                                                              SHA1:78180EF93268CB67AED90862745E9A421D2C9043
                                                                                                                                                                                              SHA-256:73CD92CC4DCB85D007D9E562222D4A6E0F83E3D08B01DAED6D6D44694B12C778
                                                                                                                                                                                              SHA-512:1CE938516593FC7AF0589C6A7BDCF42B4B4CAB5503C539C296EB4C224DCAECF6DF20D7394E1A4BD3AF5F8CFF5AA55983BE0625E31EEAF8A698A5E038903DAEFC
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qmultimedia.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......namespace QMultimedia.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qpymultimedia_qlist.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):9462
                                                                                                                                                                                              Entropy (8bit):4.751724616558063
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:usziQ3/S2fzM2QWAO4z/Sm+2MztQWA5og/SejxMCQWAL4i5/Sa84MVQWAz:ufQ/xQWAOe/kQWA5h/7QWALF/EQWAz
                                                                                                                                                                                              MD5:E9FC5326456C64621589AB8F1DCBBD09
                                                                                                                                                                                              SHA1:9CB1C49CDA5493B778AA4C82D33F086C100FD87B
                                                                                                                                                                                              SHA-256:4AB27EC14EA09AA417E96B1BA937D6234FC21851B4D57B9EFC1FFEABD24366D0
                                                                                                                                                                                              SHA-512:B138E8C71B9DA34F6A195EDD8CD36CF74F7F8CABCAC3ED79B6B5532DE66C1F8709D69859B5C885FFFAEE02108A16EB6DC4B3D0467ACF4A30FBCD4F87282C6F03
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// This is the SIP interface definition for the QList based mapped types..// specific to the QtMultimedia module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%MappedType QList<Q

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qradiodata.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3298
                                                                                                                                                                                              Entropy (8bit):4.8386409076537245
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:VTszd/2Mlw2rMSFoC7G+PA1NuUamFCOYkX4:Jg9gSFkNLC3kX4
                                                                                                                                                                                              MD5:C5772C47B017D9D80ADEFC29686BE4E5
                                                                                                                                                                                              SHA1:507B1DB5C560A2413D4745DD1691E80792178C44
                                                                                                                                                                                              SHA-256:2DCB8B9B727701FE61570E5E034994CE47106070AEA52BF334AA641600C28472
                                                                                                                                                                                              SHA-512:2FC8F8D75A3CFBA4C0EDAF7E11017380577A9AF9FD5F3808723508C4E33CB3308B3C6351E962660FDB8282EBB8ADA89B36CEF253148573898DCC4F4FC5A1A0F3
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qradiodata.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QRadioData : publ

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qradiodatacontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2083
                                                                                                                                                                                              Entropy (8bit):5.072824049144592
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:iEQ098RszhJhneSGwNfkwjFBXFA6yN6KabCOYJ:OTszdXGwNfkwjFBXFA6yN6KabCOYJ
                                                                                                                                                                                              MD5:4643A6AC3982EFF32ED09A2E0B61F23A
                                                                                                                                                                                              SHA1:22CACA38842E044B6462693DB14B83405C1348C6
                                                                                                                                                                                              SHA-256:A617382E8C25E65D6F9A9DA56D2729D4CD8715B9AF16D4F6122C2DFA0E27C3DE
                                                                                                                                                                                              SHA-512:2208311FB6A7DCB189F4C7824BA24AF4FB600EE1618C36EF0117B29D4CDC1B2085974F84874FB76A16CBECA8485F5D5FC2E4D13C6B892648E09FC70A24CAAEEE
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qradiodatacontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QRadioData

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qradiotuner.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3399
                                                                                                                                                                                              Entropy (8bit):4.9494147418809575
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:izQ098RszhJhn65A80ZGIOYMCKgmN0fLTai/NiQVnRGkKcVSgf4gc6ZUagS05cII:rTszd65AQIOtCEILGo4kKVVuUauAgVWV
                                                                                                                                                                                              MD5:D61C23FF61B5E74FE116B67F2F0AE59E
                                                                                                                                                                                              SHA1:9BBDD0418E7AE38059C4BC7CA18A50D5F49DE0C9
                                                                                                                                                                                              SHA-256:3E51818987857295B6133115A5A200615EC37BB9549D69750C71353904542BAF
                                                                                                                                                                                              SHA-512:EBC99D413CBF8A6ECA81D6F3E386599BEFD6A35E153EF1773AC74459863A3CB67727C71BC3A749432FC1279E44C8BB9A3D75B5B0FA9F7E9CF66BD7FAF5B16248
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qradiotuner.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QRadioTuner : pu

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qradiotunercontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3044
                                                                                                                                                                                              Entropy (8bit):4.970700024936218
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:iEQ098RszhJhn6S0SiP8XpaNiRXtSw+kPBqrXMf+X/XQgQ5JvJLI4b488JgJaJkD:0Tszd70SiP8XpaNiRXtSw+kPBqrXMf++
                                                                                                                                                                                              MD5:73823992FF8C969FEA360BB18E73559D
                                                                                                                                                                                              SHA1:66F9A5E97FC520B6F0A7F96977CDA1E820B23BFC
                                                                                                                                                                                              SHA-256:3ABC153A23238560E2B347CE0897916C7D4F8A7AC3F2E02732F6D5BD2D1BEC26
                                                                                                                                                                                              SHA-512:D4C294FD119119AEED63FE2E8C6C107CB6579451D325EE5F34239DA4AB9A7F7420F429FBA2D34537A2C676738062459FCA48D2E339427794A20C3871324656A5
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qradiotunercontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QRadioTun

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qsound.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1459
                                                                                                                                                                                              Entropy (8bit):5.080927467175134
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:AHQ098mXIpmNDzVZRURU2SnOkC6OA2wmB/gNZ3mNEHpvqtna/5oB:YQ098RszhJhCZAzmGDHp4a/2B
                                                                                                                                                                                              MD5:FFA368898FE5E66FCD903D07AC5FF5AE
                                                                                                                                                                                              SHA1:40D61223371CE75FEDDC84BDE3E918E1496EC513
                                                                                                                                                                                              SHA-256:55D5FA4E27E844979F7AB83173CA8DA48F5240ECAA79F370C71F9CFDF4FFE6F1
                                                                                                                                                                                              SHA-512:2C76896BAB0179F83AC7432AB54B08DB96832DE3BB8FEED9E8E9D28685C4D5F1E964D60193C2E9FC2950874F39CDCA2D512469AD4A65F57DED4460416FF7FB65
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qsound.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QSound : public QObje

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qsoundeffect.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2275
                                                                                                                                                                                              Entropy (8bit):5.032035126365902
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:3Q098RszhJhJAtd4SQd6BbJHpeyRZ0ZXyaDB:ATszbAXUd61AXV
                                                                                                                                                                                              MD5:6870105C2C70BE8ED2BC28D2456BAD64
                                                                                                                                                                                              SHA1:D2010B74EE292F40DDE6C48CB8B705090B61CB44
                                                                                                                                                                                              SHA-256:40684B79B87966651E303F6BBB505401CF9636A225BFD34024AE1D19AFD3BC74
                                                                                                                                                                                              SHA-512:07F0F49D395BE7392420054080A55F52D6B8E6831838D586AB3E652A1F49668A2B073364E449D1EA00B189ECAEA0418AD112AD8D0346B1DAE35D15F1558A333F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qsoundeffect.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QSoundEffect :

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qvideodeviceselectorcontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1726
                                                                                                                                                                                              Entropy (8bit):5.055362008405543
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:iaOHQ098mXIpmNDzVZRURU2SnOk52GUS75rb9Q3r1vQH3i:ijQ098RszhJh6S75rbO3rxQXi
                                                                                                                                                                                              MD5:8B45CBB98CCD4C55FBABED3459960D6C
                                                                                                                                                                                              SHA1:1DCA6E881EDB2AEF3E72E96B4ECEC532BC269703
                                                                                                                                                                                              SHA-256:2C939C4A13740CAA37DB80B2E9B15D994B90EEBBF1F5AFE814017753107FDF85
                                                                                                                                                                                              SHA-512:F8EF31C7B3F9131C6B6AC58C2884ECBC8629A6E7B8E66B7EFE925C67F959818F3690EBB340C2101F3D90ABEC7D389197D69E7E8F2A4FC5CCC423CCE8D4B7813F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qvideodeviceselectorcontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qvideoencodersettingscontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1792
                                                                                                                                                                                              Entropy (8bit):5.080034690469532
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:itHQ098mXIpmNDzVZRURU2SnOk5kjSXE1+/1yMSuY3I:idQ098RszhJhcSXy+tyMSuY3I
                                                                                                                                                                                              MD5:361A9080BD21107F1C7E4E75CDD19747
                                                                                                                                                                                              SHA1:974DAADC521CCB9AF77664B371C02B099559F8B5
                                                                                                                                                                                              SHA-256:0E59623AD66E3B76E8CD6BE2B3BC9268D8420A174A9B35236CD7A1A9665B0BCC
                                                                                                                                                                                              SHA-512:755C80A1640A8FDAB04D9D17A09EC0B848FF11E6EB45D31FD984D4A2BBB8D4AF29D9CCE7F61BBB91FCBBBB124AE1F15153D1E537C72AB616F12FCCBA3967F311
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qvideoencodersettingscontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qvideoframe.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4494
                                                                                                                                                                                              Entropy (8bit):5.083098132705831
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:iAQ098RszhJhtatsNVcOb5YFJIu7DN49hAwK0hLbdPkfRsO4rU+hwvo83Pr76syD:yTszqtPz681dsYyn
                                                                                                                                                                                              MD5:A7AF237A702530B16C4406DDA656DE16
                                                                                                                                                                                              SHA1:2F93B5B9BD59E5E95AE4CAC7E007B072F58AEF9C
                                                                                                                                                                                              SHA-256:DC0C8E104A9F45856123B164E06D4F0E8FAE838050719F4A98DA70A32CACAC04
                                                                                                                                                                                              SHA-512:A976BA85AF49256B63802B2FED0DB7F0470EE104AC898EA5C922F67BE380630536BA6F1A8EF9ADEF18F55DADA5C16D2D86ACDE8FBE19D63356166115DABC9B1F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qvideoframe.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QVideoFrame..{..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qvideoprobe.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1379
                                                                                                                                                                                              Entropy (8bit):5.146956842217859
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:iNHQ098mXIpmNDzVZRURU2SnOk5juA2zHD/MgpTFH:i9Q098RszhJh0ACHzMuTZ
                                                                                                                                                                                              MD5:A2A257085441246FC1EA7B8F10BD900E
                                                                                                                                                                                              SHA1:4042DA4B37A7D84BACB076CD3C5BCFE1660189C4
                                                                                                                                                                                              SHA-256:A10CCA2F88977035F5EB5B4295EE9F812775D2A64397FE74CC43D9140B50EC77
                                                                                                                                                                                              SHA-512:1B77B9967E9686EF418C3F571ECD9F949F3C146F47304FC99320BAE4C0D04757188A2434407F9E7C96844A48C82868955295F88A4733E0E2466F4550061983CB
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qvideoprobe.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QVideoProbe : pu

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qvideorenderercontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1366
                                                                                                                                                                                              Entropy (8bit):5.127952791335911
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:i7HQ098mXIpmNDzVZRURU2SnOk5pslSw6VtlQIG:izQ098RszhJh2Sv3E
                                                                                                                                                                                              MD5:D54781D4A241F298E4FE71E975367655
                                                                                                                                                                                              SHA1:1B6AEACFC4462FD2E226EF98689A8BC587088656
                                                                                                                                                                                              SHA-256:630E85940E5BB3DE6EA3F97E95AF005CFF9BCEA65DB3D629D9218B0609F0C25F
                                                                                                                                                                                              SHA-512:260FA08B2BD8E2771D5B67D2C7FB00D707E73CC67D77CADBBC819A8F1D139EEFEC7D7E320492E3A70911C0B45B94139249E435305BE4B6D2CB3DBF4F35A29927
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qvideorenderercontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QVideo

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qvideosurfaceformat.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2933
                                                                                                                                                                                              Entropy (8bit):5.128053892129383
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:iPQ098RszhJhWsE165DRPT1ByfK12KqYGBOpJA3hmVVvNdxEyNc1rn:bTszkl165DRP1DwZn
                                                                                                                                                                                              MD5:43F1B9CFD87F36BF4621D7CC44226A62
                                                                                                                                                                                              SHA1:B5A3D100EC4202D9B47365A7474B477ED2FDC87A
                                                                                                                                                                                              SHA-256:B29D250ADA21650261E7B54B9003A8C6486DE9A4B4F6B36FDCB6432AF2B0445D
                                                                                                                                                                                              SHA-512:613CD5EEBA819A9BA1FDD1A58C66C4625708E7B79E7F0C78D905862B502FA13891D1A2FFFB04BA7A6ABFC44A76F5AE4AA66A371469C2AF9BEF9DD60BD10F4488
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qvideosurfaceformat.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QVideoSu

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtMultimedia\qvideowindowcontrol.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2314
                                                                                                                                                                                              Entropy (8bit):4.999846533061037
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:i4Q098RszhJh+SmzKY2xBzZ0XkArJfierZGAASxMS2c5:OTszJmmYkoXkArJfierZG7SxMi
                                                                                                                                                                                              MD5:D7CE143DDE9B584C05D7A5AF5BEB5A0B
                                                                                                                                                                                              SHA1:55FC75D1D75583A15AFBAAFEBFD3BD784A0F3C82
                                                                                                                                                                                              SHA-256:23243BD03BB6E875DDB157BE980F4E148A4E93149D81E5D790B14004D47840B7
                                                                                                                                                                                              SHA-512:A9EE527D4784220D40977CE94FBEAE9C398A61FFF1BD2EA0B3CB1CB45D1C1ADF6FF997348F63E19E4601C04CA41330CCEA542E5876E409DE8F2DE0FA41310717
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qvideowindowcontrol.sip generated by MetaSIP..//..// This file is part of the QtMultimedia Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QVideoWi

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtNetwork\QtNetwork.toml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):184
                                                                                                                                                                                              Entropy (8bit):5.114379447940489
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:SZ3GMiyT8QQCQIMQDKNveXOeovAMKxwehyIWWMKxtHO+Cm4o6Mvk/dkC1WiE4yn:SZDim82QIRGWXOeovANthyIXo+Cm4o6k
                                                                                                                                                                                              MD5:19C1FC8291645B8928159FBAC573112F
                                                                                                                                                                                              SHA1:291D3C0660104A36D142AB0541C89EF9B76C95B4
                                                                                                                                                                                              SHA-256:2B8CE851616CA1A34B480F79035799496E8244990A1563C7BC6C449754444795
                                                                                                                                                                                              SHA-512:DAE6136CCBD0C67BFE1C881E84A65AB50FB5B37457D8520589F120153AC2695664391265F818B83D81A4AD603661129A3BC5D2E9D0DE992BC72B8C18177A29F2
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:# Automatically generated configuration for PyQt5.QtNetwork.....sip-version = "6.8.6"..sip-abi-version = "12.15"..module-tags = ["Qt_5_15_2", "WS_WIN"]..module-disabled-features = []..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtNetwork\QtNetworkmod.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3184
                                                                                                                                                                                              Entropy (8bit):5.105202963617387
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:nX2XI098RszhJhAXYb98tAzhAS//Oh4hEcV7gNDuZARYv74G5PEVH9ClAh:XwITsz4hAle6a3QAh
                                                                                                                                                                                              MD5:EAE2C9F5B1A9B11FEC42342D16A4B4F7
                                                                                                                                                                                              SHA1:A6F3CE299D5D3E68B727528B5D1FCBB58A777B07
                                                                                                                                                                                              SHA-256:26BF2A40F9CED2CA6F04E8AA2018DAB1D9471D6E494F954649DED3F4C34BB291
                                                                                                                                                                                              SHA-512:453DAEA05711BF3615E0BC4540AE31BA00A30A0465BC9B1420D77A8CC50EE9227A6ABB61490303052CDE70B53912F21FA65C97C0C2077E298472B63F193DD4AC
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// QtNetworkmod.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%Module(name=PyQt5.QtNet

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtNetwork\qabstractnetworkcache.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3076
                                                                                                                                                                                              Entropy (8bit):5.103856120116643
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:4ITsz2zyMK6yeUQNIHQI8FYn8LiAIlKd1HDNeNxhX6HjoNuNAN+W:B2j/QHYhAIc3HZGxhX6HjoN2Ar
                                                                                                                                                                                              MD5:12462BA7AFC1475299C74A0DECA3B466
                                                                                                                                                                                              SHA1:562AA670A1D7A0D469CBEB280CF477E84F587D53
                                                                                                                                                                                              SHA-256:BC4C7E8DA79E1A71547FF4ABE2A77F3BAE5BEB97DCA8C0419A0A52985B9B8774
                                                                                                                                                                                              SHA-512:A146F5F00DF96019F887DF3E266438500F1EC01A4340AB98C0B3EDF24D9A0F576B3E1B3A3065B2082068E14DA488325BE5838B304AE0C792F2CB6F6430CFF435
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qabstractnetworkcache.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QNetworkC

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtNetwork\qabstractsocket.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):10807
                                                                                                                                                                                              Entropy (8bit):4.977056478297783
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:8Q7yw385A2hXTqKu5XgGEaXJHEhFXRXlCX1X9XKX7QaROMR4RxW3EkuSc:F7yu85A2hXTqKu5XkaXReFXRXlCX1X9f
                                                                                                                                                                                              MD5:8DD9EFBF6FEF46D96046770A8EEC9C59
                                                                                                                                                                                              SHA1:13FCBF0676BFD5A734D95686C1372525350453DC
                                                                                                                                                                                              SHA-256:4B47783D9FD4A075E1EB1B62EC46EBCE9D34570F94561252570F3089BDC3D86D
                                                                                                                                                                                              SHA-512:FDCC91D025BAD9E8D683C6B3707FB989709A672A1B56F519FA8FA25FB51D7D02590080E3AE65F375EB1B118BC31EF4D341C21E4EA2A77B892658C8D5652A2CCF
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qabstractsocket.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QAbstractSocket

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtNetwork\qauthenticator.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1628
                                                                                                                                                                                              Entropy (8bit):5.0492135386287735
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:pXI098RszhJhXQ6UeZEPSOni/nycK15An7:5ITszG6l/OngT
                                                                                                                                                                                              MD5:EA978C06DE827777070F5669225CC279
                                                                                                                                                                                              SHA1:38BD45486F00491D3D89473C819B54350C0AFAD9
                                                                                                                                                                                              SHA-256:F1A1517FCFC2DC40B996A02A911E461EBCC58FD57F2CF1555CCDCB5A35723DF5
                                                                                                                                                                                              SHA-512:B6D2B1C0A465538BBC9467EDAFB04AC5D2692D233C44F1F67ABF8D8622B78FA19C632AAA64859E813FB1CF42DA0DB41BAFF793F551BA4109EC79906886235CB0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qauthenticator.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QAuthenticator..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtNetwork\qdnslookup.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4871
                                                                                                                                                                                              Entropy (8bit):5.10686448447605
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:XITszc4geA6up0A96p6xAGrfH1A6le0UHH1EsyA6C303KX6tAeAMnuUaYAtxOYbU:CV4geapLYBGrfH1Zen1Esy23zTeAMnA+
                                                                                                                                                                                              MD5:A31DC17CE3A0961261B3341CF8160A6B
                                                                                                                                                                                              SHA1:3A47EFD2AFA4C9D08FCEF420B0223B4445E32E93
                                                                                                                                                                                              SHA-256:FB4A4AAADEC2ED67B7828F4B5F303525DA7B97396BF2CF3CE2C12850B4A95416
                                                                                                                                                                                              SHA-512:02287307C17B2C4F5C8E9DD14B1A6A8D53B1C472C51EA101F0763804E86BF735907A1FB006ACA7F3E1F8BCEACB6228C2A64979DF5271849A457E4E27132EE11D
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qdnslookup.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QDnsDomainNameRecord

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtNetwork\qhostaddress.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):6167
                                                                                                                                                                                              Entropy (8bit):5.178384732133294
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:0ITszJPGQW5RjhLxlW2V1d+Yi5+hvvUercQoYJKdGAxFQWAvk:dUGQW5RjJxldJ+Yq+h3UwcQoY2GoQWAc
                                                                                                                                                                                              MD5:8216A11813C1DB153B7BF2FA37A2DE33
                                                                                                                                                                                              SHA1:3A50472EEBEFB2329C0F3E1EB1EFAEB3F71A8550
                                                                                                                                                                                              SHA-256:D119122A8460A6FC77066100782D5A4B0D96D7A33A26C0E38B1B236E7187DA62
                                                                                                                                                                                              SHA-512:35ABF124243D5856F69CE2D5C76B9862A3B22A06C41EE16BA7C9C9FF16A341450F11ABE0F51E6FE2635C15AB0BCCF9C24E2C8B1A7C0D282341D3A2C8CEFE8D53
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qhostaddress.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QHostAddress /Type

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtNetwork\qhostinfo.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3099
                                                                                                                                                                                              Entropy (8bit):5.121592779538777
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:SXI098RszhJhMOgPCGB1qi6BRUagBJdZR7fbi0F9z12ClmqWP/sHIBtsdQ:kITsz6dPCZiMUaGdZRy0zz125bMo0u
                                                                                                                                                                                              MD5:2F8D968BE50183A0E56C4A379A08EC22
                                                                                                                                                                                              SHA1:E7BF156C9DF69E07B188B1024CF3940BD31A32E3
                                                                                                                                                                                              SHA-256:F668589D4FE85296D4832F5EB53D765D3A35D29DFA92DCBAA790365A3A760B59
                                                                                                                                                                                              SHA-512:D3B91B3D99266CFFAD0AB1C0F77D2A1A440A938F391857685CD214E2FFDD40863D5100D68CF0413732AA489983E6D5EA078AC4A5358F96881824473EEE480979
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qhostinfo.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QHostInfo..{..%TypeHe

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtNetwork\qhstspolicy.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2174
                                                                                                                                                                                              Entropy (8bit):5.246671451013605
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:8/XI098RszhJhpbHlziHWRl0BCWTdbPYf021HJWZzJWZEal:8fITszPFziH4l0B9TlMRJWxJWTl
                                                                                                                                                                                              MD5:75FDD2DB0AAF14C4134F1AC02510A5AF
                                                                                                                                                                                              SHA1:ED06057064CC7D86816AE8D1C68D8B9C979AEADC
                                                                                                                                                                                              SHA-256:C963E4D7545273017797E086539EAA149C802601AB351A37974ED0CFCB7CD911
                                                                                                                                                                                              SHA-512:EE029114868178AE007BDD82F92A575EFFFBC18A21778D97B85D928FB31CE4CCED255B0BA8CDB0E6D9632004B4BE409CE040928E01E5CB39E2911F0C555276CC
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qhstspolicy.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_9_0 -)....class

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtNetwork\qhttp2configuration.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1987
                                                                                                                                                                                              Entropy (8bit):5.1728691101942985
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:eLXI098RszhJhp89qz6R6O63vED2Y8N8+:aITsze06R/a
                                                                                                                                                                                              MD5:DFBBAFB53EB5E0FA570CC21E84324923
                                                                                                                                                                                              SHA1:C2763F0CBD228D963D543BDF32E73D45A9A5BEB3
                                                                                                                                                                                              SHA-256:E3F97257C7D1D25C69C6240D8958D212A3309F6B72FCB37AB89A7510739FB887
                                                                                                                                                                                              SHA-512:1E4BFAFB03A7E18EE02B38C8DBF048C25DCDE83963D31C8EE586550D35E309B27EE28B1AA4EBDAEF81D6CB709C2009FAE6026D1D348D22AE48D1BFC929B15A62
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qhttp2configuration.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_14_0 -)

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtNetwork\qhttpmultipart.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2182
                                                                                                                                                                                              Entropy (8bit):5.1208649558933095
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:CNXI098RszhJhFATClqqh6jrEtE/m/VVjlAT3ysrqKE6A:yITszo2N6jpmjxAGsrwX
                                                                                                                                                                                              MD5:97F905DB26DF9A64B494AE9B2DC2B5AE
                                                                                                                                                                                              SHA1:2D23CFEE5FFB67845D9EDFB16971D712E4A1D433
                                                                                                                                                                                              SHA-256:936F9599BB10F900F6C999F561493941918DBF79B167CA8B4BFE1B51B59E6635
                                                                                                                                                                                              SHA-512:00652BF02681E2FE7C5B131220147B438CD63E9292BC0206EC91C3D6E94DA228A95082152658BE398307E18E82137FC1776C0735F4E924A58916FAB7E6F1CD4E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qhttpmultipart.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QHttpPart..{..%T

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtNetwork\qlocalserver.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2443
                                                                                                                                                                                              Entropy (8bit):5.072675719951131
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:sXI098RszhJhDA/mD7R67UagQXvaAQnvZ8vc6vKFx9BpziSZDY0:2ITsz1AEAUaLXgnx80PxzprY0
                                                                                                                                                                                              MD5:84D421440DF80363BD254AC4619D486A
                                                                                                                                                                                              SHA1:CF85E335EFE5F8156E3C07256058F542A6A56E2A
                                                                                                                                                                                              SHA-256:A14804087636E2DDCF6645FE7360C31E5A2A449143A37346454D5E7548417EAD
                                                                                                                                                                                              SHA-512:2849E637A02D7F239881EE6B62D9AE40141C0C0D7476A1732E81BDBCF6A654675F6A011D0433F849D2A29ABAB175C323AA21C27ABA45363E7142EB3717C8A85D
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qlocalserver.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QLocalServer : pub

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtNetwork\qlocalsocket.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4654
                                                                                                                                                                                              Entropy (8bit):4.977633917224188
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:EITszHdkX9E806XRu5XosMGNXa/XCO89RaLW5l:tM6XjXRu5XosMGNXa/XC5RNP
                                                                                                                                                                                              MD5:761C6FBAF9A14B17F40363D9C6594A3F
                                                                                                                                                                                              SHA1:2CE28A97ADC4167268FDDA0222ABCC5435C73EC8
                                                                                                                                                                                              SHA-256:440DF7C78F27722DACBDEEB27834F782A3DC7A5FC12ED298D86AA4A11C7E61EA
                                                                                                                                                                                              SHA-512:4F23DD5F06102BD8E6CE304ACA68B8E90A14276AADBA08FCFF847C051DD6251F7A19C83D787BA2A98770B6DC89343BAE7605148089EC97C7BE8DDCE34AA8A3A0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qlocalsocket.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QLocalSocket : pub

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtNetwork\qnetworkaccessmanager.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):6059
                                                                                                                                                                                              Entropy (8bit):5.208630860225217
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:hITsz2VAHsr8iL9KFyvFWgzlpFkpZkO4CyKpGlK0ln:ElAa8M9d1znijkPCyT00ln
                                                                                                                                                                                              MD5:52A7BD7C744FA7E3AB80941D87B665C7
                                                                                                                                                                                              SHA1:757265D8AA7F0F06F9C91FD9930E767AA85C7320
                                                                                                                                                                                              SHA-256:8C08CF9931F464D3113198F8E99D02BF04E339708110A0EEAEFB054B751D3A15
                                                                                                                                                                                              SHA-512:3FCD5AF9CB5BC3398399678E101219D4730E08F37045DEBB949A0BEBD91A8904A0A14E3793AE4E42C8077E018F11826CFB69B12CABE136809C3EBAA9D92358B1
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qnetworkaccessmanager.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QNetworkA

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtNetwork\qnetworkconfigmanager.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2591
                                                                                                                                                                                              Entropy (8bit):5.0693990113997724
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:RLXI098RszhJh41A3qnJG5GWi1tZIBL7feHgwshu5:xITsz21A3Z9e/UGHgw0u5
                                                                                                                                                                                              MD5:CAD2A49B31B41658E09773095CB7B144
                                                                                                                                                                                              SHA1:1BCBE7256256C5FB14E65C1CA032A776EEF4E695
                                                                                                                                                                                              SHA-256:BF6A668FF97AFCD263F2A4EFAA9F5B1A3BED709166C9BA73852C5316EC1FEB71
                                                                                                                                                                                              SHA-512:AD237E4DF698F237D33EDAADDB16C1B62FBD95368F2479B63CA4235F002ABB89BDE63D76C106122405AB8DAD7B19E0AD76BF73B6F5E64580D70C986D12A98AAD
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qnetworkconfigmanager.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QNetworkC

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtNetwork\qnetworkconfiguration.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2906
                                                                                                                                                                                              Entropy (8bit):5.039126980225121
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:OLXI098RszhJh4jqD6DCPSmA4FTOrS+haqcZ5SPp2oq2ZGZYB36bE1Lxn:qITsz2jk6BnQFEqSn
                                                                                                                                                                                              MD5:807319A232D07270AE0E8FB49A88F5CA
                                                                                                                                                                                              SHA1:42954A585D1F8FEEA3BA65A723014B1B91760F29
                                                                                                                                                                                              SHA-256:EABAD54BA73F27F6A0BA3415F6B859B4A41F7EE81C2EE16B9D50A9D2633DBAB3
                                                                                                                                                                                              SHA-512:8E08C0AECFF17DEE2AFDC85286DFD09B4DEC5F077BBEDBA54CFE2623A39FC7CAFF06DEB4AA4A78C9B1EB125647D7FB00AB4C30B2A648996A28603B13F4FCE9BF
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qnetworkconfiguration.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QNetworkC

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtNetwork\qnetworkcookie.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2305
                                                                                                                                                                                              Entropy (8bit):5.053678504045358
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:4XI098RszhJh4IKv06hS8b2XRx4GTy3Nn09oMgBF/Lpu:aITsz2bs6gT93ontu
                                                                                                                                                                                              MD5:C8F97C19964255FF4B66B77C2967AC8C
                                                                                                                                                                                              SHA1:8531D9CBACA1E0270E53B84AFCEFE7739492BBCB
                                                                                                                                                                                              SHA-256:A773B3A9661A0C0F9E36DF1A14767538A725F73ED922EE1A5F9E9330F9A2E005
                                                                                                                                                                                              SHA-512:D22AE0B9E7AA23C462384E619AA140A69AB231650CBC03F4985021F1802950CEAADB42A0A61D04BFF9569834D8B3013B97AD559E4C7B76BFD28777A543FE4757
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qnetworkcookie.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QNetworkCookie..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtNetwork\qnetworkcookiejar.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1768
                                                                                                                                                                                              Entropy (8bit):5.097895173660741
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:vXI098RszhJh4nAo1f/RNAQXigoXCXqXR0wZPpQXSZAG:PITsz2nAY/RNrXigoXCXqXuwZWXSZx
                                                                                                                                                                                              MD5:2681DCCB01DE0D2E533BA0D21723C052
                                                                                                                                                                                              SHA1:715A24FD6F009DB2EDE3C6332039D791F7719645
                                                                                                                                                                                              SHA-256:F62F92E7AE89D846621C43D09FA80C6BB728A87670B6EE914D01203D4A7D5475
                                                                                                                                                                                              SHA-512:B2B91835467EA1ADBFE743900ABCCB6FDF1BAE621178E14B42728A310D240B9D5C307AF4E51108AEED8F3DCFDE32069508571E3E939FE588FE90EC98CCF8FC92
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qnetworkcookiejar.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QNetworkCooki

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtNetwork\qnetworkdatagram.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2020
                                                                                                                                                                                              Entropy (8bit):5.097880238914727
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:KDSXI098RszhJhph4tBA6dBEdqV6H/VckieK91O4sfQwsQkq1YNS:WkITszlO+U68JkQXQ1J
                                                                                                                                                                                              MD5:16AE56EF47352A5637F49D0851D055F0
                                                                                                                                                                                              SHA1:4BA4291675351B031731C07A803C46BD4BFD7D70
                                                                                                                                                                                              SHA-256:BF888C5F497671F61D9989535238750E591C44B4A45D119EDC9007B89BCDEF98
                                                                                                                                                                                              SHA-512:A31B00E8C90D96C819BD07E214884632A886871E40690F433DCE54191281ABD31FA05CB5875BF5EF8AE2F5996827A56CF4C7E76CE8F9E8E0A2EFE7E217E417C6
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qnetworkdatagram.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_8_0 -)....

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtNetwork\qnetworkdiskcache.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1938
                                                                                                                                                                                              Entropy (8bit):5.137580397536207
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:ZXI098RszhJh4oh/+So6opQ6o+jopQdbZoDNGledrSX6odExe74hAuAwr:pITsz2o1+Z6oq6o+joed1oDNeexSX6o6
                                                                                                                                                                                              MD5:87F75B306A94319F531B75596C4428A9
                                                                                                                                                                                              SHA1:0781DA43EBC4214AA2F0427855BE61E478EB97BA
                                                                                                                                                                                              SHA-256:30FBDD2E61D1270C87D60A866CA083D1912E183D9BCF66CE7F533D35904B4F01
                                                                                                                                                                                              SHA-512:F09E4052DE86463396EA362379B3CC5FBDF473C74CB18E04997306A34742795115E582CFB524CC6EEBEDEF05E19FDAC3724D0A39BBED749218CC2B9F2AE20C48
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qnetworkdiskcache.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QNetworkDiskC

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtNetwork\qnetworkinterface.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4334
                                                                                                                                                                                              Entropy (8bit):5.110127289362262
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:rITsz24w65V+EYWU/Qb2ZUIPe6JjXECPZZEYm:mq+Em7ZEWZEz
                                                                                                                                                                                              MD5:4E9E6F0DE58BBE50F38EA6B1F211F876
                                                                                                                                                                                              SHA1:DD67A6525C63A81A326CD65C80D3F99EFEBA0AC0
                                                                                                                                                                                              SHA-256:69B7B0FD1A5B968EBF8EB113358C1A1172B9C15F301EE21BBEAF51F334789E88
                                                                                                                                                                                              SHA-512:3A8B7FCE2B2D0479ADA17DD86463675C5126BF8ABA7325E2303E6FC5BB26EC4FFCC091F8B8744526102D39680858425437D0DE71123D466721812C94DCA59A82
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qnetworkinterface.sip generated by MetaSIP..//..// This file is part of the QtNetwork Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QNetworkAddre

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qdial.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1918
                                                                                                                                                                                              Entropy (8bit):5.072703798949797
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:o098RszhJhxWZ9P3yChJ3QFNdQbTN8UQXLEK2Ieephe21:oTszixRAi3NYXLEK2Ieephe21
                                                                                                                                                                                              MD5:1D5B1B643E445AA199D7BC278061E330
                                                                                                                                                                                              SHA1:D509837A8ABEBAEFC92DDEC18ED24718C7855E79
                                                                                                                                                                                              SHA-256:AF2F6738C1E00196335383F3F281EF0DC5C738D1D6531788211B0749E545CC3C
                                                                                                                                                                                              SHA-512:B27455D43B05C8BD25B9087942332FDE978748483AB524855D0F98AF5DCFF8CBF67971833A0307403B38D858503FD041E850175C84ED41CC1477AB5810407D4D
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qdial.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QDial : public QAbstractS

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qdialog.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3491
                                                                                                                                                                                              Entropy (8bit):5.000804777043131
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:CTsz9q3xPihJ7iwpuK8s/zk1euK8s/zk1We76h6qJhSKguXS:Ukq3xPihdiwpb6ebKWfMIhSKguXS
                                                                                                                                                                                              MD5:4D8ABB26DD835201CB0DDCEF75D802E1
                                                                                                                                                                                              SHA1:F71553A9174ED2D42D897A4D17E1884AB5A7DD80
                                                                                                                                                                                              SHA-256:55933B969BFB279B3F2C092BBDCA428CB804193BAE450AC64E6B7109EE35980A
                                                                                                                                                                                              SHA-512:B951AE28445BFC58443ED880EA8C98E1CB0730F104640394EE1DAFE0F80FEEA14C762AB944DA90B31A02AFC0C1F1E181D1B16F2450CEB9833AE155EC4F44D5E8
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qdialog.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QDialog : public QWidge

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qdialogbuttonbox.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3883
                                                                                                                                                                                              Entropy (8bit):4.974042836286274
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:JTsz+yy7AKipB8r02juk2GzV1e8/IXdp0:NpyVpBv2jupGm8/IXdq
                                                                                                                                                                                              MD5:8B8076E43DFB9022058262F881CA9B27
                                                                                                                                                                                              SHA1:FE5EFD4551986CFF11CC8AF55D4E66F38A9356E0
                                                                                                                                                                                              SHA-256:F73B91E4DF368A1260F1C956AC826800972966D00E87A575ABDA293C143869BC
                                                                                                                                                                                              SHA-512:84C07DBD1D465CD15D0EA681CEBAAEA885D5EA8449C3826A11EEC1CEF1569AC605735733AE48B049374CF459EDD515B6207875AD5CEC92A9D74B487DD297F74B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qdialogbuttonbox.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QDialogButtonB

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qdirmodel.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3741
                                                                                                                                                                                              Entropy (8bit):4.990903950603874
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:CvTszEOVf+agPDNTknX9XnXMh26FRQXlyRYayJQCGZ4R+Xl2:4O+a8DNTknX9XnXMhpFRQXwOtJQCGZ5M
                                                                                                                                                                                              MD5:950C5947B36CC3AC339B5C7E89A53074
                                                                                                                                                                                              SHA1:8B225F9641F4E5CF24A729F3CB82C8EB018F351D
                                                                                                                                                                                              SHA-256:2C67672B22ED2E6B9604469289D01B83E2CE2ADFEB910A05211C49BA3240F36D
                                                                                                                                                                                              SHA-512:E537F9651C73CC2F14708ED55D7AC50C1A50954C1B6AE61139327707E4AC2B609B5A364A2AA5B31476D7313623C21779810E6EF4A13996984394386CAD8BC805
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qdirmodel.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QDirModel : public QA

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qdockwidget.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2882
                                                                                                                                                                                              Entropy (8bit):5.074720786118968
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:5x098RszhJh4PqJeyQPXjLFOLcRDcxawcekGG0Ze2cxLctlQ/ItIlIXd0WPxg:5xTszmUerPXjJwADW32YzWLUy/ItIlIi
                                                                                                                                                                                              MD5:214DCE532429A2E4279BA2EEF0A5F716
                                                                                                                                                                                              SHA1:12351B7B4D7E0B825CA96FFD5553F37FB60C0892
                                                                                                                                                                                              SHA-256:EACEF23C0E424489E8528F69AA907F5F62A3E1A3914D3A8B2DF2A71ED29987E0
                                                                                                                                                                                              SHA-512:CB69E53D9B040245C7EDE6A70183EF13E5F654025C68385A4FDF5DE3DD32E79F2AC2336E0F12D1C7FA4F03581CB95BF05051F64EB7B977A6D0617F5B0A0BED3B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qdockwidget.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QDockWidget : publi

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qdrawutil.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2769
                                                                                                                                                                                              Entropy (8bit):5.0328520246425725
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:8098RszhJhsNlP82VlUobKTowlyKTlq4KTBQKTC9Ksx5s:8TszEh82V2y+Ro+E4+BQ+azS
                                                                                                                                                                                              MD5:C1059F2331CF5EDB1E6873EFEC9C4CF1
                                                                                                                                                                                              SHA1:8609F3933024CA65413B5D5E868E5A94B6AE8950
                                                                                                                                                                                              SHA-256:75BCEF58B6789775D6C55C978360097CE280F5B9178B6E5C8EADE29A4EFDF774
                                                                                                                                                                                              SHA-512:E4430DA79F45A5636E2A2E41544BE01E783B2EB84D728BCAB4564DC915A5C36C2FDC309186BD7BED7582608E5C3E882CB4F388949D11F315C09E3A787618A810
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qdrawutil.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%ModuleCode..#include <qdra

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qerrormessage.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1437
                                                                                                                                                                                              Entropy (8bit):5.127295668281338
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:ecR098mXIpmNDzVZRURU2SnOkSS1RqFgcaeCaiJw:R098RszhJhfqCneRiJw
                                                                                                                                                                                              MD5:4DD547CBDC5A0A287F906D6B85CD7393
                                                                                                                                                                                              SHA1:5118CCDA424C460C44A4FE8250B8CF9F9653FAC8
                                                                                                                                                                                              SHA-256:625C32292649ED5AF131B6A2A1F514257A07DAE7F7C184244830C32A5F557164
                                                                                                                                                                                              SHA-512:678ED29E75C9DA796DB84AB445F58E68EF597E9C939D826ED3E6732CB1A631D3A078D00B862B49AFCC93C74247DEAC6550FF1BF5496832A3D59CB784EC92972D
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qerrormessage.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QErrorMessage : p

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qfiledialog.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with very long lines (331), with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):12969
                                                                                                                                                                                              Entropy (8bit):5.038397698762568
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:KbU875NSt+gxf2+p78NMrke8068WFt8m7T8WmB:Kh5NSt+ghWFJ7H+
                                                                                                                                                                                              MD5:A58F6118DD8CC302586814F349A8A1E3
                                                                                                                                                                                              SHA1:13D1EB8D9FEEF13DE110364065F716AD4FB3CA80
                                                                                                                                                                                              SHA-256:F12A0554F41EEFCDAEBCEEC3732C774B5E338B32565AEAA3F4B5330760A12436
                                                                                                                                                                                              SHA-512:064FE43EC737D389E71457B4EC31DB66EAF35417705450652B0AD901B50007AF630E6ECE0C56391221536FE7EA778CCE71C73B36223EA19E5965C7C880AF4766
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qfiledialog.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QFileDialog : publi

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qfileiconprovider.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2011
                                                                                                                                                                                              Entropy (8bit):5.13494542074036
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:Fy098RszhJh9PKLUTwuR3dDs+EQdqQjS4KwmRtEblcEQ7VVOT2:oTszryLUMYp5nbJIuiNBVOT2
                                                                                                                                                                                              MD5:09E438D36F4B55C01751D31B1FEA6FCC
                                                                                                                                                                                              SHA1:B456B43236D8D08A41487966D0077608490A5C9B
                                                                                                                                                                                              SHA-256:32FB40F9A364057AF89D197E787C997AE3095D5731E1858FEF53104E6ADE44C2
                                                                                                                                                                                              SHA-512:14296FF8AFAB1EE44F51FC5086AE225F1EC9C1FADBFDA685740975A0BA0CBE2280E59163D07C686E091FBA0E12555DE9731D37E7CE5926D986BF6CD6969733AA
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qfileiconprovider.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QFileIconProv

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qfilesystemmodel.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5224
                                                                                                                                                                                              Entropy (8bit):5.039783637228912
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:mTszaBeagXXXMXmrNUHn/nXkMnh26FRkXlyRYayJU5CGZpJx6Zzz9XdIxoH4nG:4DeaeXXMXmrNqn/nXkMnhpFRkXwOtJ2a
                                                                                                                                                                                              MD5:D7ED37EDD77CA9C9912E8286418BED96
                                                                                                                                                                                              SHA1:F46090A670D67B9EF09F75838E6C368A7249EC59
                                                                                                                                                                                              SHA-256:394A8A008C37350091A0518463B119C56B40FB874BB91AE310B1724B7CCF0899
                                                                                                                                                                                              SHA-512:CA58CEDD3DCE1EB877DF4D17739DF5D58DEF5F5EA24F04CEA2ABE14BC24247E7FAFA807DA75E752AB1FE75DB08823D5DEFABCF2B86A47F0DAE2662BBE4C80CD0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qfilesystemmodel.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QFileSystemMod

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qfocusframe.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1431
                                                                                                                                                                                              Entropy (8bit):5.138525178747192
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:+cR098mXIpmNDzVZRURU2SnOkLwB2tISmgMQX0XLM:x098RszhJhikIjgMQX0XLM
                                                                                                                                                                                              MD5:705216C08147C2C624CB02DC6D4684D3
                                                                                                                                                                                              SHA1:DBB47B2ED4229CDB3A52B9CABB0631D5A973BF60
                                                                                                                                                                                              SHA-256:08B8930440DB47281B09918BFF86C099CC7A899C18D2F08364D2ACCFA28348E5
                                                                                                                                                                                              SHA-512:38BF59A2BC98EB22D0E2E4FF554D29ADA83E38C62A80A2CAB4BFE12D66EB7CE470D23D85C56802600B4E7E277E026EB4846E9738DDB168E485981D0DC3037EA9
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qfocusframe.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QFocusFrame : publi

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qfontcombobox.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1986
                                                                                                                                                                                              Entropy (8bit):5.103035681982703
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:LcR098mXIpmNDzVZRURU2SnOkXeyoxs0xfX2hThPGx/QFNdHxXqt:M098RszhJhXeDxGTVW/QFNdRXqt
                                                                                                                                                                                              MD5:1BAAC0B47B6F03BEE1D59390B1643B2B
                                                                                                                                                                                              SHA1:4B82A6E4F9F897AF688CE72C998005D3A3BE0C14
                                                                                                                                                                                              SHA-256:9AAD0581A6E5CB7ACEB29FAFBFB970001102DB161F8826FC9FB5C5AAD04A2572
                                                                                                                                                                                              SHA-512:86A21D458AE2588226BB1F26090E1642EF2C0DBC72C3DA419B817DCEC38A9EAA2DED6D30281BFAABCEA887F49BAECB83C8A7B264299D8D42301922F3170255F9
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qfontcombobox.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QFontComboBox : p

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qfontdialog.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3212
                                                                                                                                                                                              Entropy (8bit):5.075682076494364
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:t098RszhJhPISW1QLrHt2oJxXSxVA1AbQ+0F+LRpPZ:tTszJgoJxXSI+0odpPZ
                                                                                                                                                                                              MD5:4ECB752CBD259CE3786E679530FE3B25
                                                                                                                                                                                              SHA1:A45D997E2B44F8020493BF776E5944770CD947C2
                                                                                                                                                                                              SHA-256:446CBE2EC42630273ED3F06FC6FF4B4182DA6C7276DB016C468AAC9F76E6EB58
                                                                                                                                                                                              SHA-512:46ECB2843FD4A283BF07E24B8D2CCAC2B5D8A8FBB1FF9AC32CAED97F48C18442E737981A0098FC335FCD51F50B09DF65D8768832668A912EB311161304C8D735
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qfontdialog.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QFontDialog : publi

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qformlayout.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4853
                                                                                                                                                                                              Entropy (8bit):5.077069459240732
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:yTszDaGj0JneyTprsVZqVZEVZ4/dehNiSXqGONcqian:EqaAaeyTpryZwZ6Z4/dehNiSXqG0cqia
                                                                                                                                                                                              MD5:D5C9F59A5503D4C5DB6FBC42C85EC1C7
                                                                                                                                                                                              SHA1:9954292108EC40842DA83E776C0FAF7FC943C029
                                                                                                                                                                                              SHA-256:D1CA9153BE861089CA4E45BE9BA83E6C01F3BAEC392177663BA18087F01D9928
                                                                                                                                                                                              SHA-512:D9995D6681F017A1CBDB9E2AE7F514E5AD509C68A45D6D51A5E54EE467626DB9AE375281B4CD430DEA175FE1480F88B21A662635E732C56D1A8D2D968735D0B4
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qformlayout.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QFormLayout : publi

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qframe.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2226
                                                                                                                                                                                              Entropy (8bit):5.017954755235302
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:J098RszhJhApc8nhQFNdurgAQufGIXL6UylDn:JTsz6pnmozXL6bJn
                                                                                                                                                                                              MD5:4A336AEC55C0177C6F8438303B066A4F
                                                                                                                                                                                              SHA1:E815F190A3408E89110DA434694FAEF9E5F9F159
                                                                                                                                                                                              SHA-256:84CF28152D02AA0370D4119AA26E8CBB86E7326A043EEA15608F3B0E37B20745
                                                                                                                                                                                              SHA-512:662E29E118C67643795A6BD3A353CB29E739C4DAC9E92D68F12AF3F299A51A73C30720151603D0BDF483E73243D7378919499D4BCF233D4BA275084C07BFED33
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qframe.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QFrame : public QWidget.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qgesture.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5563
                                                                                                                                                                                              Entropy (8bit):4.990113643499662
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:bTszkAvKVuBz0Knk/8GpQkSKpKok+r88BXb2KA0KU1K2Njsmz+7Tgo4Hh8ql:HRAyO7kRpQktpKok+BXbpA77kjfD
                                                                                                                                                                                              MD5:B6D6DF36A100811076F58EAAE73E4E1B
                                                                                                                                                                                              SHA1:71435599C0C9878EAE0F902CD643C7CAA6CBBEAB
                                                                                                                                                                                              SHA-256:CB087583AEE911C4F9153B08A5D0A9615E4492ABD73866009C2700CA0F1EB95E
                                                                                                                                                                                              SHA-512:B000C1A3F915726B8199BD15C4ACC8968F76E5FA732463A61E9AB7950B985195C5B4BF21D2BE3D4D77507EB99D6FD7581DB06026F90CAC38B2B6FCE045C294DC
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qgesture.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QGesture : public QObj

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qgesturerecognizer.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1907
                                                                                                                                                                                              Entropy (8bit):5.086782850976498
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:OcR098mXIpmNDzVZRURU2SnOkjhpVwkwZi2fevX0CD/OIk8kCk6TL6ng64tUGaBw:h098RszhJhd6ZBJnzCDTLHf5aS
                                                                                                                                                                                              MD5:B39C442AA3B9E176BFB86B38E5F36506
                                                                                                                                                                                              SHA1:FFD5A25665792FF4370514A7B50C631A53B75133
                                                                                                                                                                                              SHA-256:06BA81A9802FDA1835299A3B70286372B276DEEF79332FF1424BAE9D1E7B8134
                                                                                                                                                                                              SHA-512:CF7FC343473F9EDD6123A3A50601BDF9234445CE5AEA0083B781CA17CF3F368FF9DFCA6B19CFA641106878BDDA4CD97D46A7C3D66EDDD482A5BA3FC5F545E942
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qgesturerecognizer.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QGestureReco

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qgraphicsanchorlayout.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2821
                                                                                                                                                                                              Entropy (8bit):5.124668444378715
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:Y098RszhJhlAU4xS8wkCU4xLjVVseIboxRsYIy6keIljJQl1zQmIQqbl/G:YTszbAU94CUGjVVNSoLB9ve3l1UmDqU
                                                                                                                                                                                              MD5:C9B502BD024E98B8177BCF9A37E656C8
                                                                                                                                                                                              SHA1:BB1D3040F94D42145CF2391800078B8A5B280475
                                                                                                                                                                                              SHA-256:E8B6BC8404E8C658349D20F9162EB923BBAFE04F0FD977706D08538C16E7BE80
                                                                                                                                                                                              SHA-512:60379558ACC46DF2CBEF1815B10A9E440ACEDF54D4C6F08D160E35712ED0F8AEB210CD32182EE368BA8EBB25AC89401BA94E68959D7BE9EC09200594EDD3E9C4
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qgraphicsanchorlayout.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QGraphics

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qgraphicseffect.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5451
                                                                                                                                                                                              Entropy (8bit):5.10326412943376
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:uTsz3AULj6z5xfyNQJZSl+E7g2AU4W08AUX3E6qoE2VjXTAUW06qJadc6AUiK9I:AIAg2z5UNhlX7nAxN8AK/qovFDADvqk+
                                                                                                                                                                                              MD5:DA518539420170B8DC172B73ED4CB1C1
                                                                                                                                                                                              SHA1:D00BAECCF5CBF6190F4D87668CB9F8CF984A42E1
                                                                                                                                                                                              SHA-256:DD895DDB4A945BE81984D05A44FD7821C101FB48C98678E19AAF8C0A2CE47EBD
                                                                                                                                                                                              SHA-512:69343C77AD30A9A85BC410537DA143CBFED103CAD7877AF9A298816A97D23674739E057000CFAD88EE1D9263F571C03130D0D97FFC4188E0391FA97F9F8C88D2
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qgraphicseffect.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QGraphicsEffect

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qgraphicsgridlayout.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4314
                                                                                                                                                                                              Entropy (8bit):4.970342752696393
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:TTszOCU0jacF4F/uBnBDBsBL4UHJmUmDxjfFOj1vmS1zI:fazVBlskUGxkmS1E
                                                                                                                                                                                              MD5:3C4029507C52442076BF8B68232CAED0
                                                                                                                                                                                              SHA1:D1D34E47165A17CD71AFA7F2FFBE32A7C1C1B2E7
                                                                                                                                                                                              SHA-256:E464841812287C8B449404741114E5066E55093652570E7E572FA5BB6CC03248
                                                                                                                                                                                              SHA-512:30A16F3541274A38796F4E56C961FD711AC430BE0812874B9ECF214323710E2612A60BD9D98B898E65A482072600C33FAC5319FFCE3295B47521750205212DD9
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qgraphicsgridlayout.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QGraphicsGr

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qgraphicsitem.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):27750
                                                                                                                                                                                              Entropy (8bit):4.944497651172094
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:768:47WNXmLsBYkiKilryU+2GLtpx11111I1b1ZwPwsDW5c0g/0wWo2/:KuniKilrW2apmjg8oU
                                                                                                                                                                                              MD5:C82BF0238E6259905C9C18C5665AF2C5
                                                                                                                                                                                              SHA1:13EB331DC8DAA5EC2A1B4B84B4B7E8B26E0F2D70
                                                                                                                                                                                              SHA-256:DBAA83044F09F61D667790EB03E9B4DE297768D8173E701A090AB02113FF9E7A
                                                                                                                                                                                              SHA-512:5144E0FF4CFE8A6120C2E9C764A35D759C507DC64C87127BC767E4153761FF3A2EA6E26AA4C42A91B3401347FB24188A1140975229F11F2E9A5BDA244A03BC8D
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qgraphicsitem.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QGraphicsItem /Su

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qgraphicslayout.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1782
                                                                                                                                                                                              Entropy (8bit):5.105894217732892
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:am098RszhJh1+ALXpxMnjKb1Ng/QSBSmxWDKb5:amTszP+8XInjKb1W4SBSmxWDI5
                                                                                                                                                                                              MD5:14690424877238DF9D07C0C830489580
                                                                                                                                                                                              SHA1:29A97303198477434E8E3ACA971238714479DB71
                                                                                                                                                                                              SHA-256:514E8C0E75AB98D5C948DE65D83BC2161AC38FD02D4E440A1462C3B8E4345584
                                                                                                                                                                                              SHA-512:43FD27DF067B43940A4B78A7CD142FC334C3EDB578B83731FB23AE985417A8417344F45745B37871AF38D667A4719B9EF94F4463AA56A963C034FB067B59D0F3
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qgraphicslayout.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QGraphicsLayout

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qgraphicslayoutitem.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3163
                                                                                                                                                                                              Entropy (8bit):5.089331795713423
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:arTszPS6X3CXKOBZB7Bhv0sXDsEyY6nEzz:aXaq1bdhv0sXYY6U
                                                                                                                                                                                              MD5:FB99CEAF96AB91DDFD45FB48D7E1C85F
                                                                                                                                                                                              SHA1:8303F408E8948DAFADDC8AF1237F90687AED4862
                                                                                                                                                                                              SHA-256:9670B3163A487C765B05C879ACAA0B3D1E3D633902842062E82BD0B679855C8F
                                                                                                                                                                                              SHA-512:4D1A2CE1B8480449DA22EF3AF37F97E8C12C7BA8AD70A5B702C96034F51B41687947F3F3AB215EA6CB39BBF03A0AE7E35F5AA4850EB88BF5E95272E4E770A759
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qgraphicslayoutitem.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QGraphicsLa

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qgraphicslinearlayout.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3236
                                                                                                                                                                                              Entropy (8bit):4.9806007104087175
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:ETszPCUGVjhjriexjfeOR1vCf2U/1UmDSU:eP/3xfe1UGSU
                                                                                                                                                                                              MD5:368575E6A4C17BA401DA9FE0F5B893DD
                                                                                                                                                                                              SHA1:1B0FCE1003B175ADA4B19EF59EEAF96858193E65
                                                                                                                                                                                              SHA-256:DB4DF5D1EE219DDBABA39E06A7B352159FF15F6F6520D6D22E89DBAB4DE81440
                                                                                                                                                                                              SHA-512:44A203485CB3A2B0DB04422C61251A3839322AC0FB65964A70DCB8FCC08ED83C0D271512394498F7E7277277754CD56787E18BC43BF681C2FBADB94A6F172715
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qgraphicslinearlayout.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QGraphics

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qgraphicsproxywidget.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4015
                                                                                                                                                                                              Entropy (8bit):5.040717175576262
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:dxTszDU7a7FUxzcO1gkPXdIXSIVIvI4I12Iw2IE2IaIIIIRIegIZIDI6IGIIIHWQ:/EsI2cO1gkPXdIXSIVIvI4I12Iw2IE2b
                                                                                                                                                                                              MD5:7E13271E3ABEDAA012526630A82C9FAA
                                                                                                                                                                                              SHA1:6BC070672B966C640560EB38EBFBA48F44B1B6D5
                                                                                                                                                                                              SHA-256:39CF87F0FF6738F2A8C3361813D1BFE544A079C898BC86211045D0D76DDEFBDC
                                                                                                                                                                                              SHA-512:DF652DE74378066EBE95461D7113524EF67DF5C710E29DB617C6EB39AED5B5B72746C0675991A4B8D22A3C5A90E82A9A7448E6566005DFC1B33537191C74507E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qgraphicsproxywidget.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QGraphicsP

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qgraphicsscene.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):9318
                                                                                                                                                                                              Entropy (8bit):5.064732477501536
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:XRAqzPhXNdRiJJaWuO0y07d3XdI4ItI0IDsI6IHWIqWI4IGIIIbIRIZIDI6IJIOv:JzuqWuOw7d3XdI4ItI0IgI6I2IfI4IGe
                                                                                                                                                                                              MD5:D4A287DA3E32FA8BAC0943C6008FD97C
                                                                                                                                                                                              SHA1:9E8118A401A8A0F69D82928B25040AAA7774E6EF
                                                                                                                                                                                              SHA-256:A94CAE6B323A0FF72E92C36E9D7E58093EC1748D2088280FC49DE93D7E463565
                                                                                                                                                                                              SHA-512:54FF76B547BC60961EEC72EE9FB0B59128F984AB1C9C46D1AB8161C0AC1B5FD02C905538A8F040A1FA153C25B6C6997F3C29A217093229AE276F106EDA99F0D1
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qgraphicsscene.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QGraphicsScene :

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qgraphicssceneevent.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):6918
                                                                                                                                                                                              Entropy (8bit):4.974871927121996
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:VTsz+EY8vJK+8vANowAJoR9moIoARuoNs2AntUAPo8yzyEdOyiOLJ4UQ60DUN6RU:J38vJK+hqcupRvsb/OOyiOLJ4u0lRo
                                                                                                                                                                                              MD5:E5061FF826B586183EAC1B852E5FB72A
                                                                                                                                                                                              SHA1:C5625E4B59610BC1443577DE30F290CBB483104D
                                                                                                                                                                                              SHA-256:542D863111C9D3EA9D17C87679A87D2F5997F475BE5E558D53E5F7DA274A71B2
                                                                                                                                                                                              SHA-512:3D9420DDFF464986B2AC8807F543B9CD8657A85A8F6E4CBB7D59F6885CD6096FCDA5C6FA68DDA5C39EA24AFF1DA58EBA50CC18E25F1878A02E49A82D2A85AC01
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qgraphicssceneevent.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QGraphicsSc

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qgraphicstransform.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2549
                                                                                                                                                                                              Entropy (8bit):5.150387215565499
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:D098RszhJheAU1FdEUp1bFtxFmUWEO5B01sBQf6B6uBYKEOA:DTszIAU/d1ptDM1B0SBQf6BXTk
                                                                                                                                                                                              MD5:25B3360B576FA471026F88EFA00E51F7
                                                                                                                                                                                              SHA1:B53C51278580C05291108C1977AB6BFF4FD2186F
                                                                                                                                                                                              SHA-256:EF3D983196E6CCEBFBEB17EB19D17CD32C3F8BAD383B533C5E2AE7D9CE91E25A
                                                                                                                                                                                              SHA-512:9ACA8175754DA42AEC363AFDD05815C7E97685F8ED0AE19A9DCB841FF36F0EB452D2B3BDDDEE1AA15D426FBB93B1E8419F191BD63D3C108BE5EA68C05249C216
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qgraphicstransform.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QGraphicsTra

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qgraphicsview.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):8617
                                                                                                                                                                                              Entropy (8bit):5.033824018871672
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:EEaPzwEaYD2UJjjo/5JxXdIXXIpIdID3FIRIxIHWIqWIXyGIII2IOIcIkIxIlITQ:naLrY/5JxXdIXXIpIdIpIRIxI2IfIXym
                                                                                                                                                                                              MD5:E1B121B804D1EA7FF09F01B19F9722C4
                                                                                                                                                                                              SHA1:B7AFF6428515F71C2DA1F85DE5C619DC0EDD9E6B
                                                                                                                                                                                              SHA-256:DB886F7DF8358D52643C62A303C2246D8F91747841F5303C553A6F71BC328C00
                                                                                                                                                                                              SHA-512:76540E5AD4112040EF67D2EF468F2C4641448140926DB08723E8046E85080E12A03A4C5E7972A2B039EDA495E6BC40416B77B5A470E5D45882D1005F2DC4D431
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qgraphicsview.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QGraphicsView : p

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qgraphicswidget.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5631
                                                                                                                                                                                              Entropy (8bit):5.006399537196519
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:/xTsz08hQER22N1vMxZmfpfB6bRmLaA/yDyPX/IX4pCXdI/ItIHWIXyqWIvIwIzu:d8lPvMxZQZB6bRmLaA/y2PX/IX44XdIv
                                                                                                                                                                                              MD5:A8CAA2E3639F4BFD3A3BB9B2A5A56E67
                                                                                                                                                                                              SHA1:EF737A51AB6156C965E74076E648B36C4FECC286
                                                                                                                                                                                              SHA-256:D2636F135BC39DF0CA74C1226966C9638D941965082A717368E26B5D60869B55
                                                                                                                                                                                              SHA-512:4043BC433708E54AA1F4A93DCD1FF4ED6D1DD7D8CEC7E6281FAAC07631D416A74473035C98AD1FEEAE325001E8EDA38F91BEB7A63EDFA102E519B09CDA30A2B4
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qgraphicswidget.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QGraphicsWidget

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qgridlayout.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5688
                                                                                                                                                                                              Entropy (8bit):4.872175829316069
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:MTszx76Z6iN9j1hrmXqymONjo0AxjPWwjPeo/AxjPWwjPso+AxjPWwjjSt/ZyUSE:mQuEiNHoXqym0jsjewjG9jewjUgjewjS
                                                                                                                                                                                              MD5:11A7C85D1D7286EA120CD07DD63A2D31
                                                                                                                                                                                              SHA1:8F5CF5911B305C467D15AFBC5C94622DD102676B
                                                                                                                                                                                              SHA-256:683FD2E709103B64862EB7484B85A9FDAFC55F99F0BAE5A268A2F525E5BCC4D1
                                                                                                                                                                                              SHA-512:29B942591BAEF14D76B72E121877F4A9EF10EF55BE78EEB4305676E513C3400050993C9E8C973F41B5753F5B929DBB7152126B90A68E82A6A4746E3FB5F9DA81
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qgridlayout.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QGridLayout : publi

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qgroupbox.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2183
                                                                                                                                                                                              Entropy (8bit):5.07432283308248
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:m098RszhJhsapxZDn0JbSThWIcQXie5g6HRseDIcIkO:mTszWatDYRIvXie5g6HRseDIcIkO
                                                                                                                                                                                              MD5:EACA530CFC57759FCB87FF32A9B311F7
                                                                                                                                                                                              SHA1:1474A375D07FD8E71C3F847B68B30B092AB18463
                                                                                                                                                                                              SHA-256:722B29AB568DFAB02CF9835290D357F9EE12B0E3A3E7547A34BA153935DB54F2
                                                                                                                                                                                              SHA-512:12FD7C9FFCA926F4F1169FE62A8AAB58AA740B570A51675414260CE42D504304D6A005E6EF6B9F2105973DE229F5C9765742F376E7BCFF20AB7A890DB1232347
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qgroupbox.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QGroupBox : public QW

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qheaderview.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):7213
                                                                                                                                                                                              Entropy (8bit):4.890505134922737
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:MF8yU/lniSQ4JcXLXhzCsUqU2kyCUcU82jXVJ0Ca+VpHJZn:m8yUq6cXLXhzCsUqU2kyCUcU82jXVJ0a
                                                                                                                                                                                              MD5:087A1DB88C8C67EEF7865B84C7900780
                                                                                                                                                                                              SHA1:3ABC10FDC42D04B0E4D25F589D1F03BA15BC1752
                                                                                                                                                                                              SHA-256:306793EF3DCD4A6752AD688A2AAD93D868C39EA643CEFC8F80ADDDF70734BB49
                                                                                                                                                                                              SHA-512:83EC94360E0E40262C99052A132455EA8E5181A47C0F12E856E55C7FFB1B99833AA9583D17C9AB56CE5ED49EBBFF35B52EA0766C01F80E53FFF4CB166D08C6F5
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qheaderview.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QHeaderView : publi

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qinputdialog.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5926
                                                                                                                                                                                              Entropy (8bit):5.102562480553656
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:mTsz2Roll3h97r7DvZgp9X/3HNzn8z29+0odpMiPtcV:41k1vZgp9/3h+0IMiPtS
                                                                                                                                                                                              MD5:E8498541E3F8E294E3403F691C2895DB
                                                                                                                                                                                              SHA1:408FDA749D79FA0C809378F8E61B228C129A4F9F
                                                                                                                                                                                              SHA-256:0880D51D359CD9FC79A5AC8ECEB267F614DCF671D9951127A5A6AF8DC1B39F97
                                                                                                                                                                                              SHA-512:C5FF9E62CF8688951DC8328A629709182217B303D8BA4FC745AD22743035CAF4F5DE10019224404313366A2F039F734D5752A7E0CD4997EDE877BB28BDAD52C9
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qinputdialog.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QInputDialog : pub

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qitemdelegate.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2989
                                                                                                                                                                                              Entropy (8bit):5.052853287347209
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:wIY098RszhJhAMZUiOQFNnQ+xQfQDjFdgIW3JQpsFQxh5TQxZ5QJGoQXSIXb:9YTszsi9Y+WYDbWSj2CQjXSIXb
                                                                                                                                                                                              MD5:E6B2018DAAC7A7F3E706DD0B2B2E4A5F
                                                                                                                                                                                              SHA1:F5FC349B632528AD128B527A8E1A2A919914DF0F
                                                                                                                                                                                              SHA-256:1C3B35772D16F5929DB45AD5890E2CF4DBC170B9AA2E873A2F164700AD65C179
                                                                                                                                                                                              SHA-512:C4AC866BACD07E82D58D149EA73EB7338AAAF3A301C00D6285332DDA040A79F8EE783138F40B04F99524FFAF275EC21723E13359EBD1952061C415EF8BAC50B1
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qitemdelegate.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QItemDelegate : p

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qitemeditorfactory.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1849
                                                                                                                                                                                              Entropy (8bit):5.113119598266787
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:wIrg098RszhJhOwLdS5Xl8vtLdnI5IhQtEYkmXj:9ETszhYdl81CumtxD
                                                                                                                                                                                              MD5:CB95163C97308A9170CC5C3273BFBE06
                                                                                                                                                                                              SHA1:E708D52600D84E0E2BF2C8A5C0BACEC0C363F722
                                                                                                                                                                                              SHA-256:C42DE14BE347BC8A08A75CC8504DA34AE51DE8533FB2766D8A9C80FCD6933806
                                                                                                                                                                                              SHA-512:6D194F73AD1E7B03BA810A25D003EFD6C8B0706C78BB613C1B82AADA220B0963A50E1F63ED9EDE92F0D86B4561E63239B09C3B0B2F5533F8D1B30F0CE08EEB62
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qitemeditorfactory.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QItemEditorC

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qkeyeventtransition.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1607
                                                                                                                                                                                              Entropy (8bit):5.122803400744684
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:c+cR098mXIpmNDzVZRURU2SnOk/1OCxqKLxA4Ck5SBSl/MAHj/d6XVnO:cx098RszhJhPqkAZiS4l0Ej/IXdO
                                                                                                                                                                                              MD5:AD339FDC7945C409984979C66770E76B
                                                                                                                                                                                              SHA1:F0A7A0399955110E2CEDEAF565639A5E38F86B7F
                                                                                                                                                                                              SHA-256:F6BD9EAFB1363297BD337ADC7C2659E158532E212D0DAB3A63F4C0C96FD0549A
                                                                                                                                                                                              SHA-512:4F53CEBA77BCB180661F7584874FA3AB743D80195FE6B3E9600797A4CA3442BAC4CA90A763B42E6EF991719885FE070481C376101EDD337FA0195989B750D751
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qkeyeventtransition.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QKeyEventTr

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qkeysequenceedit.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1741
                                                                                                                                                                                              Entropy (8bit):5.1497827692058955
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:ncR098mXIpmNDzVZRURU2SnOkpml/B2+xCtPQvBkXihDA:g098RszhJhpipdCtYv+XihDA
                                                                                                                                                                                              MD5:549803BAE6EB0498DEB6D7C3D91ED5D8
                                                                                                                                                                                              SHA1:8D9D281C0BC4CA5AC5267B8536A1ABAA42782E20
                                                                                                                                                                                              SHA-256:CF569F044E928F0880DB40643F006759F7018EB693623C282049B3CF8E114DB4
                                                                                                                                                                                              SHA-512:75FCC901EC3F49B2AE574BDFB91FD8920E8EAE90E355D71F9533BB5AAF202034998DE46CA29A9D076F2D97D514A83F941B1EFBCAF00DB1894945396D26E20700
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qkeysequenceedit.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_2_0 -)....

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qlabel.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3282
                                                                                                                                                                                              Entropy (8bit):5.0069420215161555
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:6jTszltYBZCiXKqSReXXL6saJenJ8JEJRJHKJqKJXdvB:OqXiXz9XXL6saJCJ8JEJRJHKJqKJX/
                                                                                                                                                                                              MD5:41FB702974E7C30D3BF0168AAE49F8A7
                                                                                                                                                                                              SHA1:64141B8A065D6907AB9E38C4957449F533F1773A
                                                                                                                                                                                              SHA-256:6206CDFA28B0B240219B58EEC76CFFBB9C007874E29C2600A0D7AE65EB0F2D07
                                                                                                                                                                                              SHA-512:0463C882E8EE58DE0ACCF6F085D0FB4DE288F5BEA464464A0CEC3B0423BBB6CC71B90AB71F6CA7768BE0377BD327F0F42A3C5F23564345D9375D919D2FB79E22
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qlabel.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QLabel : public QFrame..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qlayout.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):6054
                                                                                                                                                                                              Entropy (8bit):4.904381651342112
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:MTszYGy6ZGzojAujPW7jhDSETo0AxjPWwjPWONNHP+3LSXK9nJeDoJAxjPWnjV4W:mwlkSje7j5SKsjewjPW0NHP+3LSXKbe+
                                                                                                                                                                                              MD5:0E50EDB2831C955C57E514AC95AC7C9B
                                                                                                                                                                                              SHA1:B7138F4ED07ADCA6D7823D4FE441E6802B347706
                                                                                                                                                                                              SHA-256:701629F0FA49238495B186487D5161C063C0E670FA791DD003A5B527F206C597
                                                                                                                                                                                              SHA-512:D7417BF913D060687095A00E4837563482FA729B372F036BB22378DBE5003D85621B1056101ACF809423B70ED2676D17350EF2762CD3B3206CAF5D1E1BF963AC
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qlayout.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QLayout : public QObjec

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qlayoutitem.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3783
                                                                                                                                                                                              Entropy (8bit):5.068092726680677
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:BTszpC+Tpu4OuQ8X2XqymSl696Wdw+iNHONXFPzfTO9iNHONXFPzl6Xqyd/:lWTpu4LQ8X2XqymSwoWdw+iNH0XFPzfz
                                                                                                                                                                                              MD5:C8C0C493E82C334C7F515ECBDF8A6AE2
                                                                                                                                                                                              SHA1:C9D1B68707BE2C5725C6D7EFC2856D17EF706C32
                                                                                                                                                                                              SHA-256:57F4F1181FA8ACFEDB11F1676ACB12C3A4BB18200E84852E13A0F9785DDABDA0
                                                                                                                                                                                              SHA-512:B3DC5842C8E751A0DA22C4C8394CBB7D5866459DBCA8B3FC94C4ECEF81B5277AE76D466AD094EBF56F61BDDB42E25527A595D5EDDEE31358C2589E49B38A4BBC
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qlayoutitem.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QLayoutItem /Supert

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qlcdnumber.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2467
                                                                                                                                                                                              Entropy (8bit):5.017911255385371
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:4098RszhJhUsObMM+Bp4Fi2H/zqkBQQFNdXyfXLM:4TsznObsBafHrqcIfXLM
                                                                                                                                                                                              MD5:012F91D32310E8B902C6CF87EBEBF62E
                                                                                                                                                                                              SHA1:60FBE0D8C3C75BA9641C437C41A2FD33623CDE46
                                                                                                                                                                                              SHA-256:8339488AD61E78B95440106A8F937928666CEE6DBCCC544D3357D9FCFD93A6DC
                                                                                                                                                                                              SHA-512:3B291AF0AFA41FD13341BA487D4A67D29FCFFF73BF94806A4CD4001B2531B5AE7E0CD1D949F43286629B30FDBEFF65DCF1B85DE871FFA490E9AAC7A1B633168F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qlcdnumber.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QLCDNumber : public

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qlineedit.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5610
                                                                                                                                                                                              Entropy (8bit):4.9870783496222275
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:sTszppPmMnkJp0dih4NvSu9DvVWK5yew3vxhHRqR6ifD3TGsuA3HXMCEgdOn:G+PmHp0diE5xy53vxhHRqR6ifD3TGsuB
                                                                                                                                                                                              MD5:468377C7F67620A70B1DD782FDEEB261
                                                                                                                                                                                              SHA1:3F597A806C1B386488CF9042FEA1C97834D752CA
                                                                                                                                                                                              SHA-256:CEE481E506E69EE02499347FF00AB84A7703B6C068B180E5FF252D30F186585D
                                                                                                                                                                                              SHA-512:03861E051E0C29F4980E83D7A2ED93134A445B97854F987ADEA0C521EDD45759A70A46B1F48EB44AA7DE7DAA3E6F9247E00F53C80E596596785365249B1EF5BF
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qlineedit.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QLineEdit : public QW

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qlistview.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5190
                                                                                                                                                                                              Entropy (8bit):4.97987592190548
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:VTszcg7YYs98B5Kukv6wUcUxXLsU/9fD3Tv6X/6zkyDT5xYDPEeDmXZYHhmbn:Jzg8Ys98BcjCwUcUxXLsU/9fD3Tv6X/m
                                                                                                                                                                                              MD5:20FC1E54D2EB8DBC18110B873B08DD71
                                                                                                                                                                                              SHA1:A5345272C255B9D45758908EB450F640066F9E44
                                                                                                                                                                                              SHA-256:D7574BD2D74164AB90F0E07A2927AC17646D4BBCBECA0D226F117CC6B7D2B5B8
                                                                                                                                                                                              SHA-512:ACC16D9F18CD678B8C63BAFEC9FDBFE0D83CF79BD6DB9155D1E7D951170519EA564F17A77B0FFF0B2608E6AE65E7058F88F91426ED77502173E5126DD28F1323
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qlistview.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QListView : public QA

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qlistwidget.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):7463
                                                                                                                                                                                              Entropy (8bit):4.959172767901056
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:4Xz1+Vs/nwXn+jFQetpQCYWy9MJIrTwOFR7XPltJ4XgxO1Iq9s:6z1+Vs/nwXn+jFQePQCYWy9MJ61FR7XR
                                                                                                                                                                                              MD5:4EA869ADF3AB20FD6EE1B7AA53A6B2E5
                                                                                                                                                                                              SHA1:9D8AA8D6C26A28FF1A5A6492C3E8CD5F044F169D
                                                                                                                                                                                              SHA-256:DD5813178E87ECCD143D48F7A065B1A5629046671DF0E3E8FBD2624D71BE0F5B
                                                                                                                                                                                              SHA-512:3A12356319CDBB17DB5211115F96ACCAECCBF43835A77852C6231FE54C40D793D906813E17277C4A927B92E87B6DAC4BC7227A189278C1A564A213591569E262
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qlistwidget.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QListWidgetItem /Su

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qmaccocoaviewcontainer.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1467
                                                                                                                                                                                              Entropy (8bit):5.244121385796388
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:WveT98mXIpmNDzVZRURU2SnOk4W68BenB4e6e7nesGP0e4ek:dT98RszhJh4n8oBTd7eRPTk
                                                                                                                                                                                              MD5:AA2AD266AD265243A47840CCD6A719D1
                                                                                                                                                                                              SHA1:101EBEDBB7BAEAA21A07680B86EA4F6C1D36FD8E
                                                                                                                                                                                              SHA-256:2A52BFFD3BC05147423B6A06B8664A75FD2DB7EE01917B7A6BC0A33F261860EC
                                                                                                                                                                                              SHA-512:A12083E71DD5975A1DC6213EF55A230FF0EF857A800D000171B37AF057A2A3E4CEB3B5264F2A6E5931DA022A6B092998102C97629D7BF7A515FEC0F14A5726A5
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// This is the SIP interface definition for the QMacCocoaViewContainer...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (WS_MACX)..%If (PyQt_MacOSXOnly)....class QMacCocoaViewCo

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qmainwindow.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5039
                                                                                                                                                                                              Entropy (8bit):5.106239426144485
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:hTszUEpXvUIY/IpA7pACIADA0QAU07/pIXd89U5AuhdXhC1AUAE0kv:FVESIAdACIADAjAU07/pIXdPAZAHk
                                                                                                                                                                                              MD5:A5C358E46B14FBF22ADF0BC68C823CEB
                                                                                                                                                                                              SHA1:69757AB466F73F0ACAE76901E7F2903EE11D0C77
                                                                                                                                                                                              SHA-256:6C99434581179D5EB0E65234DD730F8704904E9871F9F1BAB651CF2C105F7D2D
                                                                                                                                                                                              SHA-512:25523958C973A1F3D4DFAE5C69A1DD8263415913F3C9093567AA3E7199AE953C406B0CFA8C5A08D14A6AE1DA4E93B161F3B5EA479F3EE4DA81AA3A23066CF67F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qmainwindow.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMainWindow : publi

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qmdiarea.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4391
                                                                                                                                                                                              Entropy (8bit):5.032923237322884
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:FTsz5tO5bJHi5C6IqcQrG/FtCGGmFQj/D/rmrXdIXSI5IeWbIEqIGIa3IXASITLi:5gGJHi5CWWtUZj/D/6rXdIXSI5IeWbIM
                                                                                                                                                                                              MD5:A8968169899BDD449667D14CA9959787
                                                                                                                                                                                              SHA1:09332E5BC09E45F2F306FC144A16C78F59BDDC4D
                                                                                                                                                                                              SHA-256:B864154139A2E451C0AE66FCB46A82BF6FED83B607EA524773165852CBEB0B4E
                                                                                                                                                                                              SHA-512:AC14537209A97A1EFDD27D6906C33AA003453BA9E53C52347938C22FC148C57D688DCB1B3A84F12A1DA8D09C34E289D615E9F4C0E7B2F08D844E9A2CB61DAAC2
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qmdiarea.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMdiArea : public QAbs

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qmdisubwindow.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4293
                                                                                                                                                                                              Entropy (8bit):5.030226949591751
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:ETszHtsidPUxzkorTpsNLA/XSIXdIa3IfILI5IbIEqIGISI5Ie+IxITIbI5IVIH1:eytsidcDT2y/XSIXdIa3IfILI5IbIEqz
                                                                                                                                                                                              MD5:F9F38A5BDF83826643D1B78A2F4A5472
                                                                                                                                                                                              SHA1:B3E4A648A6CD5B2D04A9B5A2478079DB6E0B6026
                                                                                                                                                                                              SHA-256:A2340677393474C3AB92AA4A44720C9B948520631ED735B95D4487F65BBE0D4D
                                                                                                                                                                                              SHA-512:35DB5A4BA97FF7FB5465323D882705595AFA97C63DE0CBEF72B0FA8A49E308C47219220C1E37111E9291614A8471B67271BEFC1E2885C5AACD82BA7692F36415
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qmdisubwindow.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMdiSubWindow : p

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qmenu.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):6233
                                                                                                                                                                                              Entropy (8bit):5.103097233415781
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:XTszqeB0oK00oYkJWm/tJ9pd40i3Qtshvew3G8386IGXiXc8Sqn:D3eB0k0wEE7m0Rtshv53G8386IGXiXLn
                                                                                                                                                                                              MD5:38BAA30B4D9188B543C2B03C0AE5777F
                                                                                                                                                                                              SHA1:929FF700034F4046ECD8916E0EC06E61F44D4E9C
                                                                                                                                                                                              SHA-256:A3CB4C2B262CF1FFA4DC828A259EF6A1FC29C4CA8FA41AB4EA5AF609025AF981
                                                                                                                                                                                              SHA-512:79ADEAB7C0269C1EC4E9CFA946E2011F6DE3DBA738362BE74DA03BB9148612BE7986C4BF4153678502357A26A1148B6F30FF29CF474D9716E6AB88D13F49A230
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qmenu.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMenu : public QWidget..{

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qmenubar.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3633
                                                                                                                                                                                              Entropy (8bit):5.022395359794059
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:6Tsz3XJ0odEqiMkievStshvew336gIqRHRX0Xip:ssXJ0ZqiMkbStshv5336gIqRHRX0Xip
                                                                                                                                                                                              MD5:2F161D11A498399A16A3CE3CE6F16387
                                                                                                                                                                                              SHA1:B2FBA504C333802FAB6A379E8631ED0B59C92041
                                                                                                                                                                                              SHA-256:C327142483AF09B2E72B540DC74D5ED972A9CD4A5FD3F07CB2BEF5737A60FC8A
                                                                                                                                                                                              SHA-512:661F80ED1ED2CAA7943CD2B69A320324B260783B77F8C93CF006D254FA3FB60D69F54F133C15DA1DBAC733292E0A408D26C62698326836E7A70019BC87598477
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qmenubar.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMenuBar : public QWid

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qmessagebox.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):6675
                                                                                                                                                                                              Entropy (8bit):4.98644192561618
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:qTsz/7AKDxM6I+FGAxXLgKShWJUVusTEonack+0odKyleocp:cHyzNVXLgKShWGusIono+0ryYoy
                                                                                                                                                                                              MD5:5F333789385C5C3937599445389FBF29
                                                                                                                                                                                              SHA1:11FDF9093968761F573F2A28D54E9C635308DDFD
                                                                                                                                                                                              SHA-256:8EB6308370A2F5A6A8AFBEFD6BFB9C30F189E42B0BCBBB45D8C182EC715930B1
                                                                                                                                                                                              SHA-512:7F3135C3E06BCA91EC65583713A038C708E5AE1CAD0F5DBB02B3D7B8A9876222171502D47C9D7A7C711ED4F5C1F05373A0976C0E9ADA91DF990ED18EC8CBB719
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qmessagebox.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMessageBox : publi

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qmouseeventtransition.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1758
                                                                                                                                                                                              Entropy (8bit):5.108277113565124
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:Y+cR098mXIpmNDzVZRURU2SnOkqrCdqzHwA4FTMuoip5pYMAoKDXlLMj/d6XVnO:Yx098RszhJhfqkASPrB6XlLMj/IXdO
                                                                                                                                                                                              MD5:59A71E36298AAD9011E76225164130B9
                                                                                                                                                                                              SHA1:CFC8A4DEA816B0109FDA68D600633ADAA055808C
                                                                                                                                                                                              SHA-256:448FDB40F491D762F9CB075AB47C5001C71DADBA7317FA0ACAD0377C5AB7CBD1
                                                                                                                                                                                              SHA-512:4E84C068B42B694A72FD27F3192CAB7F84C9459DAB141D38829AF79FDE55606CC80E8F0E3BCBCC9E4724FBA557AFEA32220CD66053C3C28EE235CFD536CB24EC
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qmouseeventtransition.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QMouseEve

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qopenglwidget.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2470
                                                                                                                                                                                              Entropy (8bit):5.189947535904091
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:dx098RszhJhplbqfnak300BHHX+a7twX6vyz9XLDQQbjAD7z1p142:dxTszRwnakjHXo6vyz9XLEUKu2
                                                                                                                                                                                              MD5:56890E85CB715DAE512F18E9FB5B35B9
                                                                                                                                                                                              SHA1:574E06F4B0E6A8D722E95CFED08BE80A12B043AA
                                                                                                                                                                                              SHA-256:E9FE8479D31B5CE458AB8C1A63A3893F0A869BBD472697B585F2D71626DA7B02
                                                                                                                                                                                              SHA-512:15E0A222DF7C01F24C1210FE415E429153AA6CEB7493F52E905EF0795BB8D8228812753ADC48AF679E2290FE7F2249D5F71438ABC8681EB2C378FFC6AB1C3534
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qopenglwidget.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_4_0 -)..%If (

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qplaintextedit.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):7975
                                                                                                                                                                                              Entropy (8bit):5.047904186245201
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:LPO2NACvm3uDg6b/+eIXL/6Y9zCsUqXy3LD3Tf/HKqKKJ/F0jXmnB76GzzjKWRlL:7O2NAAsuDg8+TXL/6Y9zCsUqXy3L3f/r
                                                                                                                                                                                              MD5:94EA0A3C9CD0095F9FC1D710C4A5D03A
                                                                                                                                                                                              SHA1:B4CA23EB77A85D7118E9AAE19D234CB607413D35
                                                                                                                                                                                              SHA-256:8B779691CBB545129C54549B981720098A713C0848C30F34115F7102CAA73303
                                                                                                                                                                                              SHA-512:9BFE8EBDC2FAA63105A19725D02DEBC53DF214B78CED4FFECA3AEA0E9F36764E10FEB85F198C1B1DAC568CC0648AE5F91FEFE673757FF9954681CB270DDD8442
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qplaintextedit.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QPlainTextEdit :

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qprogressbar.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2319
                                                                                                                                                                                              Entropy (8bit):5.029733181671632
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:eb098RszhJhNPeuMmCj/Qe+aPFNdQbSKWm8SrTrBfSQXLM:OTsz/PYkuiAmnhpXLM
                                                                                                                                                                                              MD5:7EF1060908C3AEC166360356A94C1A6F
                                                                                                                                                                                              SHA1:700CDBE13B0F3165BD8F437672AD884D15F9952D
                                                                                                                                                                                              SHA-256:845B20D2F5D1B234643AB59A58615F58D534CA9546E6E2E24F9E375043329791
                                                                                                                                                                                              SHA-512:554353D5243728228817D45AFB5567C6A7BCA2C224DBDD40A3BE6AEA25FDA43B893DE263F14DC1428DCAC0D1EC639269B6E9577D6B91E80F7B30634EF7EE4A4F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qprogressbar.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QProgressBar : pub

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qprogressdialog.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2995
                                                                                                                                                                                              Entropy (8bit):5.059583140720725
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:eA098RszhJhND9YMQMQsCj/QFNdZIwMzZsQp5Xzr6wgSsl0F+LRmn:PTsz/0MhvMiwgSsl0odmn
                                                                                                                                                                                              MD5:3FDE866E64B64F5398BF0564716584CA
                                                                                                                                                                                              SHA1:1D7F7906B79BC32A55F247B8CD8B987B6AB5CF8C
                                                                                                                                                                                              SHA-256:F7F4BBB22A403104BEA5AEF930FEF2309C766BB4321B7DB29C2057C7EBCC0DF3
                                                                                                                                                                                              SHA-512:7172E4D70B1A343215D4DADC4E06CDD7A527B996DD2BE40CD5CB63CA5A4E3DB947EF8943800E4E05AD2477CF07990D6CE03E933A36B04238A50396A13244D1CE
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qprogressdialog.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QProgressDialog

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qproxystyle.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4015
                                                                                                                                                                                              Entropy (8bit):5.002976024334991
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:bNTsz/7c/1sWaIc3KDng24fSPxhHeaHK2x539gPN4AEH5clBauEXXR:bBa21daTonz6IzbBv9gFpEZclBauEXXR
                                                                                                                                                                                              MD5:F846040B695526C777B6AA99A4C00DEB
                                                                                                                                                                                              SHA1:3E958B6DFE77313436B8190AD41C389C4670E329
                                                                                                                                                                                              SHA-256:6E8632F166B8AC5A78E1A9B81C8A6A4020891741CEB44F66F743B698C9A9CDD4
                                                                                                                                                                                              SHA-512:3F55716C9802C2469533372CA2755AD2338DC6ABC9DF9CD8D52EF2B084924E951F0E31B68999EEEA47E4DBAFBDD63811FD13D244F650051FD51D58D357FEEFAC
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qproxystyle.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QProxyStyle : publi

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qpushbutton.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2230
                                                                                                                                                                                              Entropy (8bit):5.142957942400798
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:y098RszhJhfFZEw6FNdQbTTROoo9FQQX46hHRqNTXMZgEZSn:yTszVbEw6i1ObFbX46hHRq5XMCEkn
                                                                                                                                                                                              MD5:D106700D011A8E9E8F0E42C43C47CBFC
                                                                                                                                                                                              SHA1:1B6A961BE4588ED935D7011914A37E27CB913EA8
                                                                                                                                                                                              SHA-256:AF9A519448857BEAE66ED6B8E73238F5C3A9AB9C4E865E87EE3D2C6160F7ABF8
                                                                                                                                                                                              SHA-512:D2782B09D6A678C978E60B8AB53F785BA2265617698B854990B31482776D20D95ECC17804C58CD0A0828F4B6D60919B789CAB0BCE75122F3B0486F4954689D2A
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qpushbutton.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QPushButton : publi

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qpywidgets_qlist.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3094
                                                                                                                                                                                              Entropy (8bit):4.934599718494936
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:j98RszhJhmjY+r4yGLGlJBhSDiMUq314MOWQWAn:gszAMwi8/SDiMUql4M5QWAn
                                                                                                                                                                                              MD5:1CC796A08AFC4D2359E46B60E23FF8E7
                                                                                                                                                                                              SHA1:0589DBAB12600CFB0CF66A4AD58D27CC9FBC6C5B
                                                                                                                                                                                              SHA-256:8BEE949FAF4A05CBC47C72CB2D18AC239567431339E6EC71CBBE713C1BB0D06A
                                                                                                                                                                                              SHA-512:1AAF6EC14F1ACE213C1E35EC5B0E0BE83B140E2F6E61AC37463E708E3969762B402C79D494F1B3A7EC04C4993863463B8EAC1D4E5E353967D6259D4336ABC368
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// This is the SIP interface definition for the QList based mapped types..// specific to the QtWidgets module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%MappedType QList<QWiz

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qradiobutton.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1596
                                                                                                                                                                                              Entropy (8bit):5.119566909516062
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:i8098RszhJhnsMalFNdQbgrQXM46QXL6F:7Tszdsxlic8XMqXL6F
                                                                                                                                                                                              MD5:3793B732C1056C045A339E7D4EED4E00
                                                                                                                                                                                              SHA1:0C605CBA81494430F4C54022DA9311024F3E75FE
                                                                                                                                                                                              SHA-256:DE2E6F8B808B19895650EE734A028023476D5EB673718AFA920A4FA1F564E213
                                                                                                                                                                                              SHA-512:AF4675A07822AF36E60E519F43B0DA16B7CF18CCAF8FDF3134198F305FBC51E00476003A6E6FEE46BC27C20024EA5C4D53557B44EA4FA110F4FE847F2E832C02
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qradiobutton.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QRadioButton : pub

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qrubberband.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1847
                                                                                                                                                                                              Entropy (8bit):5.083788884735032
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:OjcR098mXIpmNDzVZRURU2SnOknJdQB2vZ6JzN6F+Gk5UTlIMfQXL6sY3dr6Ro:V098RszhJhnmQh05UTlIMfQXL6sKgo
                                                                                                                                                                                              MD5:819B0DA43456E100D452669E6595B857
                                                                                                                                                                                              SHA1:D4E831122E3F4D4D4A8CA9FDE195F8E20DAEE929
                                                                                                                                                                                              SHA-256:7C2055C80F2D396FF4839DBED792A771991751CB3EF9D95E34B4E82A22EE1C8A
                                                                                                                                                                                              SHA-512:E3539F3C70E0E2B4B28B54EDF616BE596EA62AE4908F0F087605B2702B975B9C15CFE816E69B276551F39AA13EBC2102B3BE1B1A6DA91145A39F98BC730A7B50
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qrubberband.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QRubberBand : publi

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qscrollarea.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1976
                                                                                                                                                                                              Entropy (8bit):5.145245188243519
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:1k098RszhJhfFVNUm/gLa43MFNdQX2a8/XiX0gsZvXDn:qTszrTdiX2LXiX0gsZzn
                                                                                                                                                                                              MD5:47751DE9A8E4DA8140B0FBA396D8A6D6
                                                                                                                                                                                              SHA1:61AC9DC635396F6FBCBCB3D0A67BE002F06FBDC4
                                                                                                                                                                                              SHA-256:C44D2EDE996CD68C9A180BF9FC555AC5F28A9D87ADB0B27A49F59C459BC3365A
                                                                                                                                                                                              SHA-512:1A2F01E467A6DBCA13E6E22C587E426CF20FB1214EFBC20DB67F2B79533FD5EB118ADC54E900E6886663636C6E2757922764FCE2A9C0EB6DCDB2B839A30C998F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qscrollarea.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QScrollArea : publi

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qscrollbar.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1818
                                                                                                                                                                                              Entropy (8bit):5.104696150464019
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:1O098RszhJhR+NMFNdQXdY8UQ6ewv38ZORGe21:ETszv8MiXdYY6ewv38uGe21
                                                                                                                                                                                              MD5:181F61F64335BC16159CF4799D688A6B
                                                                                                                                                                                              SHA1:42E2EDA65FD7C2066E0EA851F4C6B699E2FFAF63
                                                                                                                                                                                              SHA-256:9B4530F244F3C4DC62E9E03DA5DE8D872920F36128F1022ED5F9969394B20501
                                                                                                                                                                                              SHA-512:14A6DC6F93D80EF65DA22B7342CD81045423EC5D4FF97F5D3FE83BA9004BFE613FE31DE53A1D3E0529B4F36963C1F539503BA8DFC5AFF65125BD9430D2D07696
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qscrollbar.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QScrollBar : public

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qscroller.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3025
                                                                                                                                                                                              Entropy (8bit):4.976270815464152
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:1S098RszhJhbAN0VrnGwXZrHmRXHJhl/MXZYXI3konKhouAE5K+/F+AXsXFmT6h+:QTszlAqawXZ7mRXHJhlOZYi9qPc1mT6Q
                                                                                                                                                                                              MD5:020D5ACA35879091D513B1534C309E97
                                                                                                                                                                                              SHA1:288E2EB7B51AAC5D72C2FC14440BC01123B04E5C
                                                                                                                                                                                              SHA-256:346B6758673D0221BE8E98A97C1AAA545B233A793EBA71DEB265BD9FCCDC0D84
                                                                                                                                                                                              SHA-512:FECA2886ADC91C60FE3DA735BFF324DC62820DE628E2328406AB166EF7BA1749032FFBCAC254274AA7BE4B0F769EFFB95956D7AE4425C9FA3EA22427284660FE
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qscroller.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QScroller : public QO

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qscrollerproperties.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2565
                                                                                                                                                                                              Entropy (8bit):4.897274909762423
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:1hj098RszhJhwW+JQDjtcYQSoKKxvLtyJQ2lr2rcVrt6kI7:3TszyOcYQEIvLtyJQ2N2rAXg
                                                                                                                                                                                              MD5:E51E7896B42F98F710084CB157608DDA
                                                                                                                                                                                              SHA1:D97727924095C0DF401BA91E4E9F1A3727320325
                                                                                                                                                                                              SHA-256:C52B5BEE21C9544963DCA191116A0D144854C6E2776C989343AF1E559F8D358D
                                                                                                                                                                                              SHA-512:104D63C3A4488C7E14C129105898A3D5CF27537179B8F3392A784FC25B02785A2A78A51CA8D9CC1506E6D0F57BA72E0639C44C7D9E5679E919CD1E9391584F92
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qscrollerproperties.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QScrollerPr

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qshortcut.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with very long lines (378), with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3639
                                                                                                                                                                                              Entropy (8bit):4.899761306365121
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:o098RszhJhDAbxm3+6yK2gWbhU5P99Ym569fOyjGe6n1SxgZ/rCXR:oTsz5Aw3+6yBFm5P99j569fljfmbrCXR
                                                                                                                                                                                              MD5:C6924F511D6062B3377122608DBA62F5
                                                                                                                                                                                              SHA1:FA127F52B5CEE3C345B6E311D1613C637B3F07DE
                                                                                                                                                                                              SHA-256:8B5EFDBFD4C1BDCA8BFE221DE28EF9F6EF47FE1E4A6FC2539B0A7F8C5FB17D16
                                                                                                                                                                                              SHA-512:631669E199B287311EE48C520CBF4C8162BAC900E709298D36BAE651449D900F804AF15308847EBEFBEA20D450386B4E47F290E0362DE47401BFB4457E6FEDC0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qshortcut.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QShortcut : public QO

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qsizegrip.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1692
                                                                                                                                                                                              Entropy (8bit):5.102849329637682
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:t098RszhJhb2o3fFNdQF6ewTI3X0XiSIa3IfO:tTsz8qfiF6ewTI3X0XiSIa3IfO
                                                                                                                                                                                              MD5:E0EC210BF4F7F02F0ACB79A182303F23
                                                                                                                                                                                              SHA1:27BA08CFA414928ED61BBBBE95E3FF49EB70D132
                                                                                                                                                                                              SHA-256:897FA824FA45014F078C304F8E49A896E5960EBF8E9A2A4E9868083CF4689906
                                                                                                                                                                                              SHA-512:F639A8DBAC4C154F5623BBFDF1C9F78347DBCBE52E9E5F09821DDA0B3436051CC2BA84098657E93D91FE4CD6FF7277919F24678960BA6D26BF000274AF22B4F5
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qsizegrip.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QSizeGrip : public QW

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qsizepolicy.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3563
                                                                                                                                                                                              Entropy (8bit):5.070023186052934
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:L098RszhJhbz/+vaO61SIeM24Lw4A+edJN3U4GNkUtNBBSiN1IAg4w3uYCOnQDFH:LTsz6a11SA24aQrW+YRnQDFYi6E
                                                                                                                                                                                              MD5:9002349F2C15B7240688F8D2FC07C0BA
                                                                                                                                                                                              SHA1:0E820C1C8411F86CFA86C370305AED91671D423D
                                                                                                                                                                                              SHA-256:B153352C412DD7EB84BDFCCFE22878FBD4649D5086E04A2F3F371D8C434D2B72
                                                                                                                                                                                              SHA-512:DF31E1A36D1D62312FB9DD1A4B7D42E7D9B9B7BF991635B8A50F0B5FA4C1ABDD74FF2AADE5A360A9FABED1FB51760CE40B517257973FF8E6278C065A676DC012
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qsizepolicy.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QSizePolicy..{..%Ty

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qslider.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1977
                                                                                                                                                                                              Entropy (8bit):5.039423585778724
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:x098RszhJhQg2+jFNdQb37QXdY8UQNJenJEJ8j:xTsz92+jiQXdYYNJenJEJ8j
                                                                                                                                                                                              MD5:84772DB8D24DEEDBA2B9EEA5DF1BBBF1
                                                                                                                                                                                              SHA1:64269C1761A73A1F293212A9283DE78C72BA7224
                                                                                                                                                                                              SHA-256:177DD4B68080A8C77BBE96B4FCA6D91A60FF987AAE552509C662954C296C516C
                                                                                                                                                                                              SHA-512:62204428A42C17644EA5A2C0584759392349D6FCA4D47A78BE047561D1581EEB6DA455F08C046C5182BD4EBD8FA91E8C367AC8D3AF2A874C1FE2AC8921F2A9A5
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qslider.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QSlider : public QAbstr

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qspinbox.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3701
                                                                                                                                                                                              Entropy (8bit):5.111701199818089
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:9098RszhJhG3x+CZf3W5rmVxRmrlGRV8QOQqNQXw6QXMsQuk8GQ1YNyU1y/N3xFH:9TszkEmfQY7Rx9DoXblNrZfQnRxLB6n
                                                                                                                                                                                              MD5:421C2E4B06723FC658727471F4AE0C46
                                                                                                                                                                                              SHA1:65A160B2975E1CE30584161EBAB3613D71C22DF7
                                                                                                                                                                                              SHA-256:FF966F245C611C1B02C3F658022D732003D1C94FDA70F02ACC5F96E58A2960DE
                                                                                                                                                                                              SHA-512:524CFAA8FE776023F1B76E99F07F7F8A2FAC3AF9FB5D5F3B6E54602EB00C2D9749C08AD07B287B671B6848D5733B694F5FA4E2EAFB6BA742228AD3F51BA42A2B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qspinbox.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QSpinBox : public QAbs

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qsplashscreen.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2034
                                                                                                                                                                                              Entropy (8bit):5.205072639973588
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:j098RszhJh8Wl5rd5rEjL5rTbN585zOQu6aeoZ6XLem:jTszWErULZZynraRZ6XLem
                                                                                                                                                                                              MD5:028F320B6C3DF75BEB49940F76AF8667
                                                                                                                                                                                              SHA1:792E054D4EEE9D9C1664305527B8DCCD827A19AB
                                                                                                                                                                                              SHA-256:3119DDABA2EF5B104209FC795732ED4059D1765AA6357CF1037DFBDFB5297C75
                                                                                                                                                                                              SHA-512:190DDDF1BD9AF0ED6BF79521FE05F9AF5BFD780AAFEF0CD99E9564404E5866DB631DFF377EFD2CBC30CB97CC66A92686C45FD5F0466C963DA50E2E14E885465D
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qsplashscreen.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QSplashScreen : p

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qsplitter.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3565
                                                                                                                                                                                              Entropy (8bit):4.982582295780845
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:rTszToRMihaKDHC6uqLKBe5XigXDniC3eAa63ewvXE2:XioRMih/DHfuqL0e5XigzniC3Ja635vT
                                                                                                                                                                                              MD5:85205B912D76246F59D0B986DB0DEB7A
                                                                                                                                                                                              SHA1:F739B9FD2BA1818E35789CD734B3DDB2F8ABEF39
                                                                                                                                                                                              SHA-256:B71FDB3902DBCD88EC4B1CC74DDE94EDCE3DA11999943A159134F623E6BAEF27
                                                                                                                                                                                              SHA-512:9850E5725B37C61EEED6DB479099D43483C982A11C53494FC6B3817B8259D2E5AEBE6BC54E887567223B38777C26A2F4F82178E56C36C1763199C108B72D49E8
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qsplitter.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QSplitter : public QF

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qstackedlayout.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3802
                                                                                                                                                                                              Entropy (8bit):4.9192735889039065
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:DTszmc0eKGoZAxjPWwjGzob9AxKPWi3K/Tl6U/iNZy8/nUtXqA:PBE9PjewjGzO+Kei3KLwU/iNZy8/GXqA
                                                                                                                                                                                              MD5:42AB6F7294103759F0EE19119F94F548
                                                                                                                                                                                              SHA1:67C2C51CE3716BD699C155416FE6D12438A06008
                                                                                                                                                                                              SHA-256:44DBF0C8CF2132EB9D8F73ACB35408701DB705308E52678BCB889B15324D97F1
                                                                                                                                                                                              SHA-512:45553F16FBE5BC33412F2B96C800384A473188186B3339EE2332F0EFB49BB8966B21217AAE04E2AA446377248E5F88A31EBFCB96EB2FC6E841A5CFB702A86265
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qstackedlayout.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QStackedLayout :

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qstackedwidget.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1714
                                                                                                                                                                                              Entropy (8bit):5.089220862634824
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:eI+cR098mXIpmNDzVZRURU2SnOkuL8qepLWX2kbwXfMLe4GUlXR:bx098RszhJhxqeEX2kbwXCtlXR
                                                                                                                                                                                              MD5:8071E91D76950C42DE5DEF90FCC7E5C4
                                                                                                                                                                                              SHA1:1211CBBABBE374602AE320068D55D8EE85C58EDF
                                                                                                                                                                                              SHA-256:394080B5375A516B4B13012910B8EE756295229D1DBF99323E10372151E26A64
                                                                                                                                                                                              SHA-512:46B64C76F4E7353485B2D1291835FEB9CC46982216755609607D6215D1D6D4322E93EB2541E79785B19A1C7983A783687B28B887BBCD6D636103E969C183864A
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qstackedwidget.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QStackedWidget :

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qstatusbar.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2018
                                                                                                                                                                                              Entropy (8bit):5.078830512362248
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:eRcR098mXIpmNDzVZRURU2SnOk7QB25ANgJJJ6ZrLnMaUgQ56r6xKQXiY3P:z098RszhJhqmANgJJJ6ZrLn3/E6KRXi8
                                                                                                                                                                                              MD5:1C486BCE60A97A6FF5416F17724F69D1
                                                                                                                                                                                              SHA1:E263F3429E02661869D0701D9D6BA21BE76641B6
                                                                                                                                                                                              SHA-256:F77AAC08A480A0E60D728B8FEBA33C54568BD49372A3B0364E6E500890BD5D18
                                                                                                                                                                                              SHA-512:A5B89A5BABA6CD5EB0D22FDBBD07CC3C6A09D55A5DB5D459FB367A6D6977B8EE38E8B7037BA304A20120F51923632D70EF6087C3B6FEC87192E98D75A891D7B5
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qstatusbar.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QStatusBar : public

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qstyle.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):24194
                                                                                                                                                                                              Entropy (8bit):4.849125659459863
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:LTBoRGXbBlnzcj3hO2s8x+2hj21QRPZVd9RH/i2V2q2c38sxO27pon63IQ+2+yiD:iRH/i2338sxBqn63Ir
                                                                                                                                                                                              MD5:14AB1BBD933A2EFDF2F718355564113E
                                                                                                                                                                                              SHA1:A79FC90FEF4D229271A884F4935016AB4B28CDAC
                                                                                                                                                                                              SHA-256:4E9DA5CAC70635835C1C7201C1EA8BD40888B8B4FB87EF400BC5B417A321A817
                                                                                                                                                                                              SHA-512:ED07400202FC692B06D3FA29AE5DF8E1F34BA00F97B23B6E3C51D3CC51EA6AC8C025716D9F8BC1AE6879729535EDDFBA50BF136AAAAC55D0BF49DBA596FE11A3
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qstyle.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QStyle : public QObject.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qstyleditemdelegate.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2479
                                                                                                                                                                                              Entropy (8bit):5.080306456280007
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:Gc098RszhJhEMZjNOQFNnQ+xQfQDjFdgIWKYhoAjQXSIXb:GcTszfN9Y+WYDvrAkXSIXb
                                                                                                                                                                                              MD5:2EE5034378B87DF8677E247D16660A2E
                                                                                                                                                                                              SHA1:3326F2103EE3088FEC5AE1A6E5181D9973ED4020
                                                                                                                                                                                              SHA-256:839C598EA715FA3DAC0E6C03390F5EF4EABCB27F2C6F1159FF99D29C0DE7C88A
                                                                                                                                                                                              SHA-512:331FF75BC2E55A4153735D3603BE5F32A4079A597C2FEC283B559FB643F946784309516DACEDFBD48995B7FD27372578C4BBFEE7FC7959F4CDAA2381182B6FD7
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qstyleditemdelegate.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QStyledItem

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qstylefactory.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1154
                                                                                                                                                                                              Entropy (8bit):5.125453894325304
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12:jy1XD9wF7R0dJxnOILsBIYFCIX54B++NDK2OsjbojvEZRURuHahLs2aRHAUDOkkU:GRcR098mXIpmNDzVZRURU2SnOkJx7
                                                                                                                                                                                              MD5:B2C0BD313CFE11114805DA93C5BCC197
                                                                                                                                                                                              SHA1:A09F60EAB0B8CAFD4B6F927DBA552C166CC41132
                                                                                                                                                                                              SHA-256:21E7093DF9A5ED7BA3BDCAC8F02D14CDD33A2B8F7984F78727202BBE14E1200A
                                                                                                                                                                                              SHA-512:D98189A7E05435EB30C64C9D099E7277EAC9A59A63E4B0B1B0EAD082BA931309273BC4E8663240DC6FC6A908A77B1998615CA8601CF84CED96038660919F13BC
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qstylefactory.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QStyleFactory..{.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qstyleoption.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):22037
                                                                                                                                                                                              Entropy (8bit):4.796297190946429
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:CGDieW7wqfiP/3j7SaX1sJkUhiHyNbuZR5AFUy1:CGDieW7wqfiP/3j7SaX1sJk7yNbuZsG+
                                                                                                                                                                                              MD5:9706D651FEDCDC9384F00DC896EA66DC
                                                                                                                                                                                              SHA1:721D4AE460F95623A547CE4F7D87D705885EC18F
                                                                                                                                                                                              SHA-256:162F5F679D86F2AA492149373F1C2F59CC2BA798509EDB34C19CEC3F28575E76
                                                                                                                                                                                              SHA-512:3002F72E2893B5AA7B27A0D9DAB754CE62A39A039A7C575F5D8A6A30009AD1094AF3547A4C6C7E24833BFA8D8A34E7F00260CBA88E6E5490067219C3313B3565
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qstyleoption.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QStyleOption..{..%

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qstylepainter.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1780
                                                                                                                                                                                              Entropy (8bit):5.12804059499415
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:G6cR098mXIpmNDzVZRURU2SnOkDG/rf3DdQdEcEMNKRSGdxc3KCaH59:G1098RszhJhC/rf3xkEcEQIxc3KCaH59
                                                                                                                                                                                              MD5:BBD2D9C026DEDEF51D9CC20E736C2AF8
                                                                                                                                                                                              SHA1:165CAE2A0F393873F4CC4BE999B3EFB262BDFBB5
                                                                                                                                                                                              SHA-256:FC16B5CBCA18097310ED24393DF2241FF5CB31FA0602624735F6AE21586E5728
                                                                                                                                                                                              SHA-512:6820A3C35E9918C21AC35AA90EE9C1825C7EE5CF386C54D61402895EA4B05EE45CB1FF72E2AACBEF61192D8AA0F14F19A7DFE52F5D754D197C7AA1BF4EFFB360
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qstylepainter.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QStylePainter : p

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qsystemtrayicon.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2426
                                                                                                                                                                                              Entropy (8bit):5.0553030337976
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:e098RszhJhZArYQdHQnoOfDQzSW5fHIO7PXdO:eTszPAEQdHQn5WfPXdO
                                                                                                                                                                                              MD5:52AA2A6FBBE7C0B5F12B58C121D856FA
                                                                                                                                                                                              SHA1:28A68FB77956FC663C046BBC62F4269B47BF9041
                                                                                                                                                                                              SHA-256:6B02CF1E823F595647C2C79E64A52C3C96F58C13D037AFC90291D480DA84071E
                                                                                                                                                                                              SHA-512:5AFB4948BBCACC10E56423AA64B6757B6C77B018370AB2FD850F9F27E0C9B1F9703407D898EDEC0CEB8ECCAF6FABE21738D882BC8C7CD820E79F7C09993F043E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qsystemtrayicon.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QSystemTrayIcon

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qtabbar.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5623
                                                                                                                                                                                              Entropy (8bit):4.984370623692035
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:CTszRX+aSgPHgBi6zSXCoFLRcXigK6ew3vhiW6LLWOZ8xIy+xUzn:UgX+uABiaSXCoFLRcXigK653vhiW6BZ0
                                                                                                                                                                                              MD5:6433E791BDB2AB76C10EB45715598842
                                                                                                                                                                                              SHA1:E9596B7DB630F3CF63408F1C678F553D4DFF3C1B
                                                                                                                                                                                              SHA-256:A0A7BAA9A6B3AFE6040425C425729916EBEF7DC277F601C3627A9DB4B24FB3E6
                                                                                                                                                                                              SHA-512:FE7CCF1ECF8EBA1A4281770D4025F9FD7CA1C872A60DD15E52C7D306D8FDDFEA14084DFB9EC80DBBA86657509F44D89D1B0D0DD65AF4AF7C6D539B1E4C74D4D3
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qtabbar.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QTabBar : public QWidge

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qtableview.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4963
                                                                                                                                                                                              Entropy (8bit):4.917418544877081
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:JTsz8raaX0w5ra8B5KuoeQ1cU6zxIkyZxYDPEeDmb5tuDuXZ8KX8/6Mhm4:Nzraakw5e8BcR32U6zxIkyZxYjEeCb5E
                                                                                                                                                                                              MD5:0AADE494F07C335EF3C1A4A265A0C11E
                                                                                                                                                                                              SHA1:7E31D47635E6B2451387FF04B260F79B8B1409D1
                                                                                                                                                                                              SHA-256:E3A61B6CC73EBFAA9BB2CF2DDBB2AAD9C79D00F3D83506BC4905E0110DF8769A
                                                                                                                                                                                              SHA-512:20A460A39C81B754F7107248FECBB05A77F53C1F0D4C0F5C8F1ED3FA09800EE420A009CD2BEDBFF4C39EA18BD1A1A757690B721151099AF7FCA3E774EDFC5FC1
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qtableview.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QTableView : public

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qtablewidget.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):9303
                                                                                                                                                                                              Entropy (8bit):4.952257065519281
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:McTh+Vd/nwXh+jFQX/FY0Q3gI0xcxA1uc9uGIFRpXQltJCXLxHs:LTh+Vd/nwXh+jFQXdY0Q3gI0m+9sFRpG
                                                                                                                                                                                              MD5:503FCB09A1114F49AD1BDED6D9E13B7C
                                                                                                                                                                                              SHA1:7CB4DDAAD1EA97B7E204C7599F9775BFFBD93B9B
                                                                                                                                                                                              SHA-256:72998A0153049C47E80676C14E829551482E7AD1B49CB210F23184832C6FAD7A
                                                                                                                                                                                              SHA-512:A077542AFE7FBDC91B36D7A695700BD954076DBCA734BAA0945A4A968261A67C7778CD2AAB46C45B44AD4495E57E6C0A9A6D52AC31D464D1E8A278BE07A2CC82
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qtablewidget.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QTableWidgetSelect

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qtabwidget.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4511
                                                                                                                                                                                              Entropy (8bit):5.008537269210936
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:pxTszcwwuTggxwpmhdXmick+HFLRXiKgh9+WW6ijGXmdn:T7VVviJ+HFLRXiKgh9+WW68GXmdn
                                                                                                                                                                                              MD5:CFB26CABEE0B9C96F04F4045B1D6E776
                                                                                                                                                                                              SHA1:A9CA1501D12121231B34CACBEBD0CB167614618A
                                                                                                                                                                                              SHA-256:16F9C75701DFE34017C3FE60B0C06743C5CD0EAFD7701DD9A68F649139A82C6B
                                                                                                                                                                                              SHA-512:449BDF053AFCFB22A0FE67D625442DFFA6FEA43042421B84B98A4AAA9CC3B2E2A6725E744A120A5CFEDD51BE3401960EC09D93309C32002FC49837AF3EB2E213
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qtabwidget.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QTabWidget : public

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qtextbrowser.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2967
                                                                                                                                                                                              Entropy (8bit):5.1060502493810205
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:vx098RszhJhRFqqzZJ2hhC6uDQMJWJULsv4UlXLaJ8JenJEJqKJXys202rSqLRA4:vxTsz/5lchDuDQGAUS4UlXLaJ8JenJE8
                                                                                                                                                                                              MD5:249E2E6817C69813F5931DC308DC78CB
                                                                                                                                                                                              SHA1:C6773A6D88C953298F683E75D083360C6D8604C0
                                                                                                                                                                                              SHA-256:F92DB8E3F62310FDBDFFC852F16EA7A0BD2B1593693A9A517BEA3FD47C0695F5
                                                                                                                                                                                              SHA-512:CF733ECC239E6BF9C27F4276795757EA9499191403908669FB2B156568B96A0A0E1C947796335E9C3A45D074713005F8EB21A14C238DB58AC5F090F3D11D93E4
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qtextbrowser.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QTextBrowser : pub

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qtextedit.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):8210
                                                                                                                                                                                              Entropy (8bit):5.023320371911588
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:nofThAK2Nl2/RklmyD26bh6AXL/6YgzCsUqXy3LD3Tf/HKqKKJ/jXmnF0nCCvD4n:ofThAK2Nl2qlbD2G6AXL/6YgzCsUqXym
                                                                                                                                                                                              MD5:E50FF618EB60F14E4BDA9D35E1743846
                                                                                                                                                                                              SHA1:9B977D46D711D61307402EBB00C973610F704EC3
                                                                                                                                                                                              SHA-256:17ED82E34C509CAAEC192B7CFC3B29B4B40A36A577EFF635C958BBCC91622F77
                                                                                                                                                                                              SHA-512:EDEDA238E04F52538C7278720F700449E832A3C8B47FEB1238A5B37E82E3AA82879A6C5B0319362BE71FDE53A96540E1196883A7A0FD2DA5DD97C02C086DC790
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qtextedit.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QTextEdit : public QA

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qtoolbar.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4349
                                                                                                                                                                                              Entropy (8bit):5.008217269924836
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:7TszYsdsu80odb0oYuCs7F1j0LI/IlIXdit:nLsdA0y0UC6P0LI/IlIXdit
                                                                                                                                                                                              MD5:ECC0B13B724AABB2DFE8A8E3A60A8E6A
                                                                                                                                                                                              SHA1:FB5F57FB466EE0740E73748E6387097F798BCA49
                                                                                                                                                                                              SHA-256:F0C4B1E5A05859DFE3D4B0E63B3A71E2C018FC6997B6F44AA7C04351085A1AC0
                                                                                                                                                                                              SHA-512:D11EA0C71F5C6ABA50F262DD8AA5C42BF46D4F274BBC8F00AD52374D7352C8D9916A4CA7B07645970513C7A39D3EC8A6B77ACD403C365AA61C778432A57170EB
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qtoolbar.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QToolBar : public QWid

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qtoolbox.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2486
                                                                                                                                                                                              Entropy (8bit):5.002889541621707
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:X098RszhJhi3xbEZGWrWbUkT8CCzfFRXLja:XTszW6VDOCzFRXLja
                                                                                                                                                                                              MD5:08F2664F9BDCE04F049CA9EE408BE4F4
                                                                                                                                                                                              SHA1:061571E165F312882219060BB668908877845519
                                                                                                                                                                                              SHA-256:8317F80E2B09625F3C59BB3C202E5389AAD2A55A0D5A139EB4F6683FBC04F710
                                                                                                                                                                                              SHA-512:E9FCCF51C642D2DA643F97B4711222FE41F0D9A677465595B7730C4493CA3A859CF0953F1AB0A3AB3F41C20551BA091A0CCADE0ACB1DEC95A8E1D6BB188EDC8B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qtoolbox.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QToolBox : public QFra

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qtoolbutton.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2567
                                                                                                                                                                                              Entropy (8bit):5.015094431426271
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:Y098RszhJhR3kdigFNdQbIlyTOoGgr00b9S46QXLew6I83GsvbXMZG:YTszrmigiTObgfRhXLew6I83GsvbXM4
                                                                                                                                                                                              MD5:9700FD6325243D480393835E06774CEA
                                                                                                                                                                                              SHA1:70A4D631F457D70428A8430E472FDE32E350E549
                                                                                                                                                                                              SHA-256:E68BA96B2D8388A495930CA1A6B4971548B35AE7AFDAF7FDF2E4F70580B26ED7
                                                                                                                                                                                              SHA-512:632B77C5E004900D109368E8A6E491201A0E810836B0BDA8BB4604D4EDDEC36A17C662B131212CAB0932B820188EDF7A1ABE6CA278DEFE0B60DE511BF2BF36B0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qtoolbutton.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QToolButton : publi

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qtooltip.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1630
                                                                                                                                                                                              Entropy (8bit):5.093744486166698
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:UcR098mXIpmNDzVZRURU2SnOkRLBEihsPhse/Chse5OF83e7:b098RszhJhRV5aB/iB5C83m
                                                                                                                                                                                              MD5:1603F433195DD12ED41ACBEA2C133AD7
                                                                                                                                                                                              SHA1:019A0D2897876A85015D370C2AC068B5C24577C7
                                                                                                                                                                                              SHA-256:FD0F575E34E1F05B51BB6D2802AE1DCB86D91A9517EA04A29AA05BEFCC2A147C
                                                                                                                                                                                              SHA-512:98A6C175E1A83DFCBB8A2E56B2A121592ADCE6D8E7BF3876BD679C7D2F5F07C50135186F0FA45B7CF69DADF8E504861692EDE57CFACCCDE7E79FEB92395A75A2
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qtooltip.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QToolTip..{..%TypeHead

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qtreeview.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):6715
                                                                                                                                                                                              Entropy (8bit):4.937251244322979
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:pV3aaouz8BcnqeYUUxZkyxYjEezxIkI8BCcIqGICh6XbzU8qARIXXNQiJn:P3aalz8BcnqeYUUxZkyxYjEezxIkI8BW
                                                                                                                                                                                              MD5:D49DE8313D81AE39CBF8900E7914C2DE
                                                                                                                                                                                              SHA1:292F38D69B3182D3DC6226457FF308751B48CC75
                                                                                                                                                                                              SHA-256:A370CECD0778C1A69BBC1D16C620BEF65E87C7D27FAEE5061F7DFC345F939ABE
                                                                                                                                                                                              SHA-512:4AF7FCADA4A7191E20D344B3A2BF203E85E577772009D154075A236D6CF4F36816CCC776B8C8AA8E7A5ADE18291385199B2157ABD506F0E84233EFDD5AAC7630
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qtreeview.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QTreeView : public QA

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qtreewidget.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):10494
                                                                                                                                                                                              Entropy (8bit):4.905692822079317
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:YbO3iVCTd8n9XL+jF3+6y71F6CQ+YaRd0yHkDFR3XBltJNXLx6CGXss:ePVCTd8n9XL+jF3+fQ+YaR6g4FR3XBlu
                                                                                                                                                                                              MD5:EC5A231E882BFAF74576ED74E9D81815
                                                                                                                                                                                              SHA1:396E5513BA7AB2DD2459F6769E382165B75CA10A
                                                                                                                                                                                              SHA-256:1707BB910F5546488F55296E290DD7D56FC558FD4459D875ECDD173BB4643F47
                                                                                                                                                                                              SHA-512:183E5D32D7C40E22002994B0037C25A2E0975F9E098FBDDEBE06863B0A4824B8C8D79010A37F85FB693945B81388F8DF40A8CD11F07E4F82509A4A4FA5157BAA
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qtreewidget.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QTreeWidgetItem /Su

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qtreewidgetitemiterator.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2362
                                                                                                                                                                                              Entropy (8bit):4.9522201155263925
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:DmcR098mXIpmNDzVZRURU2SnOk2lNIK8LB2i5WTk+QOOWFtnNq/NlpsNMNSKNENr:t098RszhJhfL1v1gFnCubMNaB
                                                                                                                                                                                              MD5:47C534E1B1325FF8342D028231186041
                                                                                                                                                                                              SHA1:6EF4ABBD0A36612A5CB1E991A0AA41A1057131D1
                                                                                                                                                                                              SHA-256:0B7E42D9A82C7AB076E0DD90DA93D2C4B79E484509E18B98D833A9095198859F
                                                                                                                                                                                              SHA-512:DE01336301AE2D2CF883C5C67D567C3225C58A3C4A60F664D9C389EFEBE36E105A09D607AF24C9D59D1713A9054E65AA2C5F17271A24425B2DE31709FAB67D4B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qtreewidgetitemiterator.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QTreeWi

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qundogroup.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2110
                                                                                                                                                                                              Entropy (8bit):5.105661161965456
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:CcR098mXIpmNDzVZRURU2SnOkMA2PJD6pjMygvpZEBZUWOu2use:t098RszhJhMAoJDmjMygvpZEBZUWzB
                                                                                                                                                                                              MD5:5919CE37CCC0087625B1CF1AC4D9DB70
                                                                                                                                                                                              SHA1:79EB137B5287B3B117AB6C3DA8700A592495789E
                                                                                                                                                                                              SHA-256:470999886F78E7D1E05D95B09C3485627E4053CAA58F9F7F1CBF5626D9839C94
                                                                                                                                                                                              SHA-512:B5A37ECA8D6A29237E8EE2E36EB128DA4EC9FBDDAA9C28CED51C94F236AE7C8AEC79E9E8795A0C7B2DD5C0A05435A6C9F68929CE9AFD47C7DD22507B494D1280
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qundogroup.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QUndoGroup : public

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qundostack.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3176
                                                                                                                                                                                              Entropy (8bit):5.050235558839131
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:k098RszhJhnDkZpQXTf6+gQqXZlgSt61GqApChpZEBZURZeQCPW9xbHaFMUuG:kTszpYZeXD6+Loll0AU12apCy6Fd
                                                                                                                                                                                              MD5:4CEEA5C6A85B1FAC0142DD5446F4DD72
                                                                                                                                                                                              SHA1:4E803CA345701848B00268A6992647BE214B2565
                                                                                                                                                                                              SHA-256:6C2C2BA35ABD68FDC113E7FC4006F0F365983B52BA9F10A96BCAF649855C94AC
                                                                                                                                                                                              SHA-512:E53EEEB042E16F909AE92EC856BBF53FDB1B7D7683ABA224688247520508C664CCF1A660CD5C036636A6E3DC5DAA54CC9348EFBEA6F5C821B7A6BB029E003316
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qundostack.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QUndoCommand /Supert

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qundoview.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1648
                                                                                                                                                                                              Entropy (8bit):5.165328171233549
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:+zcR098mXIpmNDzVZRURU2SnOkiJJhJM3cGZU0dEUDv+i:+E098RszhJhiJhJM3cqU5sb
                                                                                                                                                                                              MD5:CF5B266C3DFD38B0BF7B706E22AB077C
                                                                                                                                                                                              SHA1:79DB36037B6F848616F0C62D1F3A35CE63B9EF75
                                                                                                                                                                                              SHA-256:41BA04FA209146EC409AE1A6092555CF28BC428499CBC55A6814437703DEF6ED
                                                                                                                                                                                              SHA-512:2E1403D0AE3067688B46483A4F3654B226123100AC40A39555472EC7F3AF0B3083B73D8FC1D5061F376B603604073D81E889A83D98F7DCB0587E3A55E3BB962C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qundoview.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QUndoView : public QL

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qwhatsthis.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1391
                                                                                                                                                                                              Entropy (8bit):5.120088534201757
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:EcR098mXIpmNDzVZRURU2SnOkB9HgJfnhs/6RFz:r098RszhJh3HgJp+6Fz
                                                                                                                                                                                              MD5:78A24A7E9A257C1E8BB6B1CFCFA75930
                                                                                                                                                                                              SHA1:FF7C99CDD117B1344EB3FE5D17E9714C1E84A655
                                                                                                                                                                                              SHA-256:0CA27392A0BA508052A57549A8772C38F910376058AA64689A7C61F13302FC67
                                                                                                                                                                                              SHA-512:9F9791CF06C1BEA6AA32F6432658F56D0FC2EB40A887518760F3B09D83C965BB5AB7220089A7589E0D2ECFFDEDA65C3A00464079992CF7D55533C189238251F4
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qwhatsthis.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QWhatsThis..{..%Type

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qwidget.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):15876
                                                                                                                                                                                              Entropy (8bit):4.958158754930317
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:wm2wqIjoiFpEmXi5vx3GhDxM836+gSuIIimuGK8seFyTXGoyX1oPXLOG:VqI3dz21ofV
                                                                                                                                                                                              MD5:EB4D4F14B49CCCA87DCD682C86BAEC7C
                                                                                                                                                                                              SHA1:79B0CB554FA61D8EC399B6F9D9796BAEECF13C18
                                                                                                                                                                                              SHA-256:DA270E05FE15C7F17AEAB5747B691D342339CDB686CD1A719F9C0E60F8A68096
                                                                                                                                                                                              SHA-512:E4FB11D07D0BE3A2B2ED644F7B287A9741FA02B486D860B281B1EC8228A2D673682538886E262A4BBAEC246C3EDC957F4DB9949B30E7A44C6B85938A1708B04C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qwidget.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......const int QWIDGETSIZE_MAX;...

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qwidgetaction.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1601
                                                                                                                                                                                              Entropy (8bit):5.102816061330261
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:Ix098RszhJhvco6bqpkeFpOHTXiX0lpciG:kTszhJwNePQTXiX0lpcT
                                                                                                                                                                                              MD5:A02000062963ED57E8B25447B305E0AA
                                                                                                                                                                                              SHA1:DB77E25D3B63D30F0F2D90FC7445B7AB4DC03D1E
                                                                                                                                                                                              SHA-256:66F0EC13E04642E98612856885DF6F03DFE68A351DB70D327010EDCAA7B9CFD2
                                                                                                                                                                                              SHA-512:9FC9C08826FF54288242458425F48E6A76B94E27745170A080F6197FC8264040065BE77F69AD3026D5B85F39286BD2BC24FE9EDF9441A11A5EEC40F0227AE607
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qwidgetaction.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QWidgetAction : p

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWidgets\qwizard.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):7998
                                                                                                                                                                                              Entropy (8bit):4.993291380188291
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:jwpdrMRNGVX7rlclJePJXdITIlIxgyilO13c8aiqXIXVLrOu9w0:NGVX78sPJXdITIlIxgbliqXIXVHt
                                                                                                                                                                                              MD5:EED5D80C5DA9FE5059354E99A3321808
                                                                                                                                                                                              SHA1:D7EBD9AD36E926DCE0CDB74ABF5BB4A5E4C531DD
                                                                                                                                                                                              SHA-256:A80E01CAF8EB3F696710D0C5B85B8F616CFC0392CF76FC1EC45A4F7789602B98
                                                                                                                                                                                              SHA-512:1F2C42E4FC435FC898C78AAD6C0218B73E4CAD87760C7D39AF67093171BA0D203436A0630CD5C0AAD92645155C5652F7C3C76E77623C39EBABD087A438564427
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qwizard.sip generated by MetaSIP..//..// This file is part of the QtWidgets Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QWizard : public QDialo

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWinExtras\QtWinExtras.toml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):186
                                                                                                                                                                                              Entropy (8bit):5.1082523156733695
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:SZ3GMiyT8QQCQIMQDKN2KgdCMo9MKxwehyIWWMKxtHO+Cm4o6Mvk/dkC1WiE4yn:SZDim82QIRG2KggMsNthyIXo+Cm4o6Tg
                                                                                                                                                                                              MD5:CF052AA91B8EAF73D040091CF6A2BDFE
                                                                                                                                                                                              SHA1:945B67D699B934A37036F815F240DB5AE9C42C12
                                                                                                                                                                                              SHA-256:AD622D2EC312ABA98C7BEB397AB399E0C3CA9F6C886A74F4C61FC0C8BD510635
                                                                                                                                                                                              SHA-512:7B98AB6D1BDE957DB5AB8729325590BA88CCE8E7E3886B9FBB4D38FD6C304CBB7A2DA02FF6B4B68F3B92F509DBC02115B0CA5D223F9D220E1AD6EF647B88B1D4
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:# Automatically generated configuration for PyQt5.QtWinExtras.....sip-version = "6.8.6"..sip-abi-version = "12.15"..module-tags = ["Qt_5_15_2", "WS_WIN"]..module-disabled-features = []..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWinExtras\QtWinExtrasmod.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2198
                                                                                                                                                                                              Entropy (8bit):5.16835167854766
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:WAC6G98mXIpmNDzVZRURU2SnOkigqPlSI986wiND/fZR02ASBOk/KViQMzM5:C98RszhJhsPJ98tAzhAS//Oazw
                                                                                                                                                                                              MD5:05F263D5CBBF44FA85A736CA1629A1E7
                                                                                                                                                                                              SHA1:AA6FB8B6210608997AD3BDDC0B9B19D022F0BDD6
                                                                                                                                                                                              SHA-256:06ED648A2709C838C836D19FA9E8B8DD3CA537FE98FDE2314C3DC03650BDA985
                                                                                                                                                                                              SHA-512:3DBF5F9C61343473C0C9D9CE4924ABDDB82DBBB5AF101B1F8935BDBA9B674834764B8A22050B05C7331C460E6259453A3083C7B3D8A4AFA2F14DA73289FED8F6
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// This is the SIP interface definition for the QtWinExtras module of PyQt v5...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%Module(name=PyQt5.QtWinExtras, keyword_arguments="Opt

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWinExtras\qwinfunctions.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4424
                                                                                                                                                                                              Entropy (8bit):5.120438876934425
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:rszPxOK5ocg/GUahfMQsrQASZWtAQ9znVznQFnQfkEL/f4qa3qO2qyyQDq9ztjz1:r28AQAJRW9zVzQFQfP4qa3qO2qyyGq9/
                                                                                                                                                                                              MD5:738088FEEDD902E8928B9949008FF835
                                                                                                                                                                                              SHA1:5FAEC09F0206433023C1CF63BCCFDF3215EB16DB
                                                                                                                                                                                              SHA-256:7BB8615A25037A6AFD6A7A3345C2057CCCEA2535267CDA8D7C77C2A4FC0552CF
                                                                                                                                                                                              SHA-512:DF5D91478240FF1412B1FA9C8781ED9D659EB05F9049310CF384A9BFC6F430D5F291EBF399D293CC12861D348C97A3D3E5D016F3078E0E2516913F41FC800DF3
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// This is the SIP interface definition for QtWin...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_2_0 -)....typedef struct HBITMAP__ *HBITMAP;..typedef struct HDC__ *HDC;

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWinExtras\qwinjumplist.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2492
                                                                                                                                                                                              Entropy (8bit):5.241610947815705
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:M98RszhJhpeBAVyWQpwshWKcgouDRWRKmMGUH82Kw:bsz6BACwshWKPsqKw
                                                                                                                                                                                              MD5:75AE8EDEFBAD96B050A7FEC06A0F60F8
                                                                                                                                                                                              SHA1:38BCB55C6269A36B5ED7CBE463AD0A93E58F39CC
                                                                                                                                                                                              SHA-256:062B7E2B4D5A3D2A40E38196C39FFEC518C114FEF82818E8D0129C22BBBA6552
                                                                                                                                                                                              SHA-512:832F8A62CC5D87F6DADBAC9EC7D80A3A67461EF13C2724DEE89B08E06DD77071A899F742149D5248027DEB5A3497DFEDD0EFB250B429D4CF72620EE98382FAA1
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// This is the SIP interface definition for QWinJumpList...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_2_0 -)....class QWinJumpList : public QObject..{..%TypeHeaderCode

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWinExtras\qwinjumplistcategory.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2135
                                                                                                                                                                                              Entropy (8bit):5.0646462841603475
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:VS98RszhJhpeMfjtpcjWKjn+Odwp6jVxK:jsz6QTsHjK
                                                                                                                                                                                              MD5:CE445E184588973CE8051E0F493899AA
                                                                                                                                                                                              SHA1:6C3FDA57EAA1578F1F644332833CCD8B71933FCF
                                                                                                                                                                                              SHA-256:4695D26361CBD01C5E7B9D5B6B7BBA629893301CCBA52DE0FAA822A561D64CA1
                                                                                                                                                                                              SHA-512:9E7E7465F55016BBBF52FD9300658488689B4C0F7B1FAA2B801ED4A18CD25D35951E950CCE80417F12A1EAF3FFD8B865F1A5E21A60B62B56FF37EA8FF4B87595
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// This is the SIP interface definition for QWinJumpListCategory...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_2_0 -)....class QWinJumpListCategory /Supertype=sip.wrapp

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWinExtras\qwinjumplistitem.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1844
                                                                                                                                                                                              Entropy (8bit):5.071676769382164
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:WjC98mXIpmNDzVZRURU2SnOkpelFVwTPJcOc0Hxky2HBd3Q12ubGevSC13V6ha:j98RszhJhpepmxbceP2HB1Q1n9vZ1U8
                                                                                                                                                                                              MD5:B336334F5A23337CB9BBB6E2E47498AA
                                                                                                                                                                                              SHA1:F9E80856B8F93517D9363767A6C4B31C171E11E6
                                                                                                                                                                                              SHA-256:BB7B91AEB472907B0CBA084A54A9035F9D7E7A3B2F2F2826AFE6640713F1BC08
                                                                                                                                                                                              SHA-512:10C3482D29858E43063DB62632D10B393F702058687F3484E46478D9BA16ADF282337F49834981A09BB0B59FF6EA6828FAA92D1813D6BFD1574DA58199A7ACE0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// This is the SIP interface definition for QWinJumpListItem...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_2_0 -)....class QWinJumpListItem /Supertype=sip.wrapper/..{..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWinExtras\qwintaskbarbutton.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1644
                                                                                                                                                                                              Entropy (8bit):5.184962831068816
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:WHce98mXIpmNDzVZRURU2SnOkpeGOA2aUf3cQ6PqWPZsniWABkfF:3e98RszhJhpe9APUfMQ6PbZgiWABs
                                                                                                                                                                                              MD5:513F06E625BE6EBCA2DBBEC0E13EC321
                                                                                                                                                                                              SHA1:401D51E3BBC6D5290AE6690E53B2AE695F37D372
                                                                                                                                                                                              SHA-256:E21C5BE04212AB34CFD1E622FAB364F5A51D2B91EDAE13F1700DA39D0ABF80CC
                                                                                                                                                                                              SHA-512:06E5D6D5CE690BEB8FE0363ADD7FEA24694F8D991BD473763981A0023A78D1E7320A31896CA0805F6103620E4EAAC0928338723DD6B2D9BE893D016D186F5EAB
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// This is the SIP interface definition for QWinTaskbarButton...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_2_0 -)....class QWinTaskbarButton : public QObject..{..%Type

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWinExtras\qwintaskbarprogress.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1923
                                                                                                                                                                                              Entropy (8bit):5.081049756106582
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:F98RszhJhpecAazdPssCp1tWPlVJzalj3:Wsz6cAa98KeJ3
                                                                                                                                                                                              MD5:FFF1C5E4628AB5A790A979A94B59BE1D
                                                                                                                                                                                              SHA1:E631E9CA662770B24019AFF6356254FC585FB0AD
                                                                                                                                                                                              SHA-256:FE0F89DAEF741991ACE6B2CF9D3D0B7C1AF142F07F5DD3EE86E812A93995C5A2
                                                                                                                                                                                              SHA-512:863B05473281E85202BD47C3790BCB884A44CDD2C4DDDCF5B83CE20C204BE781209D257E0074C8B971B0751D68460896223FE8CE5518C52C1EA5C6D1245A5A14
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// This is the SIP interface definition for QWinTaskbarProgress...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_2_0 -)....class QWinTaskbarProgress : public QObject..{..%

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWinExtras\qwinthumbnailtoolbar.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2111
                                                                                                                                                                                              Entropy (8bit):5.204909026233653
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:X98RszhJhpeIAURfPQ6Pptp0bVk6rHTS5l5k9:0sz6IA+PQ6fpRdXQ
                                                                                                                                                                                              MD5:1910C8B25EBF16DFE0FD3205040AAB2E
                                                                                                                                                                                              SHA1:61D2B4A2FCEBCF84D1F3DFDB0DF9A2756B2D7879
                                                                                                                                                                                              SHA-256:DD821FDCE5ECDC32B69DD6BE506490D3D89321ECA9FDEDECBD82E233C8DF10F8
                                                                                                                                                                                              SHA-512:F5EA2B423FCD2D812985420BC36A9CEB1108224352373F5B032403A2DFAD4EC5F13293496D9B89BF3EC50070D34D5DD757FB173A48E68709B754D6F3989942A4
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// This is the SIP interface definition for QWinThumbnailToolBar...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_2_0 -)....class QWinThumbnailToolBar : public QObject..{.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtWinExtras\qwinthumbnailtoolbutton.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1824
                                                                                                                                                                                              Entropy (8bit):5.090068375813715
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:WHke98mXIpmNDzVZRURU2SnOkpeeOA2iYfJP6d3QY6ykoByBfP6KU1:je98RszhJhpeVADYfJS1QY6ykoByBfS9
                                                                                                                                                                                              MD5:C7813A1D930888956CCD2BE196279F54
                                                                                                                                                                                              SHA1:EC88A2C5BF996DB8F4991E4AA56597EF6B3DDC1F
                                                                                                                                                                                              SHA-256:5676E215310B0271198E3080F26D87C22195A02E2559CBE18AAA1D6D7104FE9C
                                                                                                                                                                                              SHA-512:73190D7BC70E7822141751DCBAC3B361910D57F2E144C5B69353146FCEEEDF6AD9E4943DDD98D229C5EA067C95AB68005A3874D207D78542023C439F60E0E9AA
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// This is the SIP interface definition for QWinThumbnailToolButton...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%If (Qt_5_2_0 -)....class QWinThumbnailToolButton : public QObje

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtXmlPatterns\QtXmlPatterns.toml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):188
                                                                                                                                                                                              Entropy (8bit):5.089067865226622
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:SZ3GMiyT8QQCQIMQDKN5F/ovooMKxwehyIWWMKxtHO+Cm4o6Mvk/dkC1WiE4yn:SZDim82QIRG37oNthyIXo+Cm4o6Tdk6A
                                                                                                                                                                                              MD5:01FE70A7F65428199FF0F5DFA9021FA7
                                                                                                                                                                                              SHA1:5861A3C881FCA9F84CA8729FDDB882C523C0A552
                                                                                                                                                                                              SHA-256:383B0F23B8CB164BB6168B34C3881DBC9C8559CE7EEF26D15AFC3A8ABDC486B6
                                                                                                                                                                                              SHA-512:A3695C74ED4D3C260C0A55ED8A5382308F313627EA59EDA09923A48897EB0372C3DFB7FB04B276B38A404C46D25741AEEECE208E88E40C8470D8E1DE12F52079
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:# Automatically generated configuration for PyQt5.QtXmlPatterns.....sip-version = "6.8.6"..sip-abi-version = "12.15"..module-tags = ["Qt_5_15_2", "WS_WIN"]..module-disabled-features = []..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtXmlPatterns\QtXmlPatternsmod.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2436
                                                                                                                                                                                              Entropy (8bit):5.167199269489319
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:szQ098RszhJh1dXxXJ98tAzhAS//O+WJuBS3h:JTszdRmAleaU3h
                                                                                                                                                                                              MD5:6B7F87178C4BEBB131D2077E42E04525
                                                                                                                                                                                              SHA1:EFCEBDD147AB6C4E6BB9145B6B958DC87DB61792
                                                                                                                                                                                              SHA-256:187984660EE2715D624C4FC562DCE4A1521A28491654577FAB03F77350376C3F
                                                                                                                                                                                              SHA-512:A315C5FE3CD5F2B10EC77F5278522F945436D226B64B4E6A2A72766F45F8234CCB35401E31B75AC7FF6B3BDED51160F038E307EB99F0B47EA375CE2CAA49955E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// QtXmlPatternsmod.sip generated by MetaSIP..//..// This file is part of the QtXmlPatterns Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%Module(name=PyQ

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtXmlPatterns\qabstractmessagehandler.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2203
                                                                                                                                                                                              Entropy (8bit):5.06421764988089
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:cPIQ098mXIpmNDzVZRURU2SnOka3vA23yapPFYFBSWNu+BIK0zexLzdw88aRZov:NQ098RszhJhafAmyxSf+xLzdz8Io
                                                                                                                                                                                              MD5:EA185F6307CB92246C82A9205120D63D
                                                                                                                                                                                              SHA1:49C56F67A777300F7CB297EC0D08272B3146FB32
                                                                                                                                                                                              SHA-256:43CE73169D3F77A0D9DF719A7408B87A622306B2C9184C98E4B28C30ADF8D75C
                                                                                                                                                                                              SHA-512:3129DDF849749C989D746CF8BE1CFFBDAFD676044D80B8E8EF11B089CCB1067EBA5E54C484032A1D1389F11EC40D4DF8F1A52F154B3DCC0CDAE972030C0551FA
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qabstractmessagehandler.sip generated by MetaSIP..//..// This file is part of the QtXmlPatterns Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QAb

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtXmlPatterns\qabstracturiresolver.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1290
                                                                                                                                                                                              Entropy (8bit):5.14640338035351
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:/PIQ098mXIpmNDzVZRURU2SnOkRA22wQYCAmov:oQ098RszhJhRAFwQYCAH
                                                                                                                                                                                              MD5:B71A583C8E8CAB7295985FB97B4C2A67
                                                                                                                                                                                              SHA1:D7C4623083E9794D0219435B8D32FA72237E723E
                                                                                                                                                                                              SHA-256:327E56B1D609FECB9B093A6D25079A3166E928F20DDBFD4CA1E34BAE384B0FE0
                                                                                                                                                                                              SHA-512:3DE8EA247486E0AB7171177A35F7FF9B977CBF27592D0F21725BE9D0C1003258DDEF8FB61A1AC04B529146A6B3390BEAD9987772785161C5B0EE640CE9B7C6BD
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qabstracturiresolver.sip generated by MetaSIP..//..// This file is part of the QtXmlPatterns Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QAbstr

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtXmlPatterns\qabstractxmlnodemodel.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4353
                                                                                                                                                                                              Entropy (8bit):5.045521710024932
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:zTsz5BCvE+YRcZmi1tf/+MduLElHp9vU/NKbu:/ECc+YR6mi1tf/+MduLElHfwl
                                                                                                                                                                                              MD5:23C7F459B9BA1F7A4829EE9D3956395F
                                                                                                                                                                                              SHA1:F4D5FB4A49EBA1F21DBED620EA26762E28E4D3C1
                                                                                                                                                                                              SHA-256:754824FE0FFBDF8C509F5907350CCC60D8741B2FD87997B035349D888753CC76
                                                                                                                                                                                              SHA-512:2E45C42E7672D5A54D666F31E6BEC51E14404CE0FD12F3D0734612FF025E595DDCB123E4B92EF96B4D0608A175C11F7CEB2A5CCA3E25C7CB57090A2277021B08
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qabstractxmlnodemodel.sip generated by MetaSIP..//..// This file is part of the QtXmlPatterns Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QXmlN

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtXmlPatterns\qabstractxmlreceiver.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1881
                                                                                                                                                                                              Entropy (8bit):5.081654584787499
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:rwQ098RszhJh/WcVftJc3EilVJYJxiiQqVEJly:lTszYcVtJcEilVJYJxiuVEJly
                                                                                                                                                                                              MD5:362D4EE921CF17B8A158FD4743114307
                                                                                                                                                                                              SHA1:1661D6ABEFF394DC7E5A9056E5723DE87EFE52CD
                                                                                                                                                                                              SHA-256:84FE9115978AC3C441005A07547C00E622C4CB2AFC2503314A77BF94932ABAC6
                                                                                                                                                                                              SHA-512:7AF80746ADEFC41FDF04C1E37DE1EB99E23216F91B1F6A9AD9B739EE2CB6B00C835275B3E6BDF1B10141EC4D585250B5235DBCEE12EC7C6422734146691E7349
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qabstractxmlreceiver.sip generated by MetaSIP..//..// This file is part of the QtXmlPatterns Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QAbstr

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtXmlPatterns\qsimplexmlnodemodel.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1626
                                                                                                                                                                                              Entropy (8bit):5.14514644819171
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:BPIQ098mXIpmNDzVZRURU2SnOkeaxWQOvERlQJrcQQ/0ARQGPiQXmdG:KQ098RszhJhrZOGlQmQQciQPQXmG
                                                                                                                                                                                              MD5:104E0F265172AA44D7AFD1B36DEBE3DC
                                                                                                                                                                                              SHA1:082C9C2BE3BA8C88369BC22FAC9CB9D8F5D0C03F
                                                                                                                                                                                              SHA-256:DE583EEC69098687CE3082FC17FB519F5272CA0B7F6D36A90D6C67FF6C3C8B9F
                                                                                                                                                                                              SHA-512:90492B47FFCABB4FEF5ACD6F363C362B038D6B2E6E3427D2D7BB57D20087782D3E3261CA3DF951C76FAAF9B55858210A6743217CB9B3D17BE0CC7FD48B2968AC
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qsimplexmlnodemodel.sip generated by MetaSIP..//..// This file is part of the QtXmlPatterns Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QSimple

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtXmlPatterns\qsourcelocation.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1659
                                                                                                                                                                                              Entropy (8bit):5.114085657830249
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:QHQ098RszhJhyqtdasVRrj4K6xyw3uYRn:9TszYidaagN+YRn
                                                                                                                                                                                              MD5:C1392DB7A39C0C1AE16AF418DAA6DE81
                                                                                                                                                                                              SHA1:D7EDB422BF012321FC5FA0D2DBEC34F16A73D541
                                                                                                                                                                                              SHA-256:45C726D73437EF9FD266CE5B9245117A315A6EF2F3AF332A0D483D0430519874
                                                                                                                                                                                              SHA-512:11C562E89CEB9044567E6958214F31ABE5DC14FEFAFEF42BDE27E390FEF5D17BAD7FB89682B4839B08A888DED6053F0AA7C1F0800CB22A7D4443E4FEDBAB46CD
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qsourcelocation.sip generated by MetaSIP..//..// This file is part of the QtXmlPatterns Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QSourceLoca

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtXmlPatterns\qxmlformatter.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1786
                                                                                                                                                                                              Entropy (8bit):5.075474493551537
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:TQ098RszhJhi/x9gmEZVw96cY/ZiQRl6G6NguO:0TszM9gmEZW96T/ZNl6G6NnO
                                                                                                                                                                                              MD5:B141BD07EA515BA288176EC7CA60F768
                                                                                                                                                                                              SHA1:CCB30053AE3F609A85422B20C433BEE9EE6E4348
                                                                                                                                                                                              SHA-256:E6CE9CBFDE96E0D8FC8038CF3397B94062A45C2DFC8E65F39636343955FB8808
                                                                                                                                                                                              SHA-512:584966EECD6DDE1EC424BFFF7738873A9678D24D719DC57217D72D7D3487A3B3A20EEED4F72A8D7EF32F07F864958D3C8F85E6942DBDE1EA779837EDA1929154
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qxmlformatter.sip generated by MetaSIP..//..// This file is part of the QtXmlPatterns Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QXmlFormatter

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtXmlPatterns\qxmlname.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1860
                                                                                                                                                                                              Entropy (8bit):5.15395770611283
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:IQ098RszhJhX0bumZbZVZSrnc74KTw3uYRn:BTszzKdP1M+YRn
                                                                                                                                                                                              MD5:084FCEF0DFCFF9986B79CE74455EE1FC
                                                                                                                                                                                              SHA1:E1EDEBFD9FB7D224EF174F35FE9FD4B2B433D194
                                                                                                                                                                                              SHA-256:899F3B161DD059C93B6378085C30A98D51CE0E8D56C06BDF5003623D40FFAD9D
                                                                                                                                                                                              SHA-512:EAB85FD5FCFEF2187482CD48785971C5A35D26CF9BC23177339691BC0B6C87BB7D9E802A277FCE274D443323346E8943FD45559F5A7DDF49D22E059CEB1B2663
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qxmlname.sip generated by MetaSIP..//..// This file is part of the QtXmlPatterns Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QXmlName..{..%Type

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtXmlPatterns\qxmlnamepool.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1157
                                                                                                                                                                                              Entropy (8bit):5.1563041110498
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:83+PIQ098mXIpmNDzVZRURU2SnOkONq0I6X:KHQ098RszhJh4qb6X
                                                                                                                                                                                              MD5:DD303ED19A05B53E672702EE2F3012AC
                                                                                                                                                                                              SHA1:1F65B425A5AC9885020295531B51A7A1B90A46B6
                                                                                                                                                                                              SHA-256:CDA39C1E49D0CB3781A51064CE2A9DBF380E05341B6923D40CAC8D08E3A83575
                                                                                                                                                                                              SHA-512:4B37FBCD0DC47A4864DF52C9D9054ABF0B858A3E61A5141B03910DB64FB7A9268678DADB009405F08FB493E0A0C6D8419428F9EFAAEE585EED140B592E2206A2
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qxmlnamepool.sip generated by MetaSIP..//..// This file is part of the QtXmlPatterns Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QXmlNamePool..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtXmlPatterns\qxmlquery.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4503
                                                                                                                                                                                              Entropy (8bit):5.0382129773213595
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:8PTszbBWuc97q6Lr9HpeENL9pL9lg7Yadz4Iv4hsdzIIv4+e+sIMI:8bW8peEeRdVdwTI
                                                                                                                                                                                              MD5:6FE0D2EE52FF96EA18720765B463212F
                                                                                                                                                                                              SHA1:76FD5D0CAF222FF6E77BA59D15C485C925FBCDC0
                                                                                                                                                                                              SHA-256:5C7CE721B46EFC92D46062FAA8B28CDA31FBB0DFD028BBE53760D3E1E6873682
                                                                                                                                                                                              SHA-512:540B0DF800819C88281C17C135F9996226AD481A8E087D1F994BEBE8AFB40F0018D35B58FE69578CE99BBD63D713E0582EDF10A1BBF842D9F8D4163D770AB8A3
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qxmlquery.sip generated by MetaSIP..//..// This file is part of the QtXmlPatterns Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QXmlQuery..{..%Ty

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtXmlPatterns\qxmlresultitems.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1274
                                                                                                                                                                                              Entropy (8bit):5.137146498922111
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:MvYPIQ098mXIpmNDzVZRURU2SnOk0n7mCR8D6UR3XWR3I3BPv/:iQ098RszhJh8mwQ6UR3XWR3IF/
                                                                                                                                                                                              MD5:9898A353E13C22760092B54D49D00F52
                                                                                                                                                                                              SHA1:2E8A2BAF15FDF293AC5FA368C5BBFE6794EB58CF
                                                                                                                                                                                              SHA-256:A511AE99855A88F7F3B258FC1A923EC81F58667778FFF462CCF320BC9D41010E
                                                                                                                                                                                              SHA-512:BBB8AE86AC8093967010302917641EA7EE76CBA5742F536E2D08AEF3820A38E103A9F399AB0290A75F01FFD5E360E2845D72ED657C3BC825FBA6CEC539A1A655
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qxmlresultitems.sip generated by MetaSIP..//..// This file is part of the QtXmlPatterns Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QXmlResultI

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtXmlPatterns\qxmlschema.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1928
                                                                                                                                                                                              Entropy (8bit):5.14044123564907
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:gQ098RszhJhf4wo41PmXHiKuuyOLAcSyS7ZG:pTszN1Pmhs2
                                                                                                                                                                                              MD5:406BB8AF9502524289431AD83E656762
                                                                                                                                                                                              SHA1:6F0EF7F7BD1FF114242207ABEA3FB98356147925
                                                                                                                                                                                              SHA-256:5C29B0A2300F75F2EF6598DB74EF1B4812ED6DB4F7481E0A9B8B94E0F8FD20C9
                                                                                                                                                                                              SHA-512:ED58551BC643969F5E914D5FF86E2063EC71F62D1F1D90A34584D603B8747317052E6A37C01446A61D7ECA2E8B6E3C6DB89EE20360702A315A2B0EC3CD743BB5
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qxmlschema.sip generated by MetaSIP..//..// This file is part of the QtXmlPatterns Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QXmlSchema..{..%

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtXmlPatterns\qxmlschemavalidator.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2485
                                                                                                                                                                                              Entropy (8bit):5.081059419334597
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:F3wQ098RszhJhQHo9NHBHsQAHqAUjlmHPuIqlveCuuyOLAcSyS7ZYHHHO:F3ZTszSo7ZDgxOlFPleKsYnO
                                                                                                                                                                                              MD5:3A0EAAFE20653334F0EBE8044F12C9E0
                                                                                                                                                                                              SHA1:F2F34676EA6C639628A9375E88ECBFA105A3D458
                                                                                                                                                                                              SHA-256:6A8754160F31FCE93116062F9B52FDF87C1EC949B96EF8E8A5F43A5BC90C3936
                                                                                                                                                                                              SHA-512:28F49904E46742B5D37E4B61BEFBA75578037F975055A115D38839A23DA7559717FE99626861F0E47F13DB9321DF03A4773648FCDD19BD47C660605A3F0E664A
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qxmlschemavalidator.sip generated by MetaSIP..//..// This file is part of the QtXmlPatterns Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QXmlSch

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtXmlPatterns\qxmlserializer.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1912
                                                                                                                                                                                              Entropy (8bit):5.088212975749985
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:nQ098RszhJhxp9gnmEZVw96cY/ZiQRl6G6N5uG:QTszx9gnmEZW96T/ZNl6G6Nl
                                                                                                                                                                                              MD5:86E36CFD54F5BF231FE2495353286070
                                                                                                                                                                                              SHA1:72142CDDCFFAA39F11EA98DAD19A9DF2DA793E30
                                                                                                                                                                                              SHA-256:002A3C3C7EB2D0A7941BCB6A3299EC38D8C675D21C8D8356A7214A1282CBA2F2
                                                                                                                                                                                              SHA-512:87381E47023AC97FD13AA70FA333C56720DDED6F52615E3D461C6FBF0B80A98B2036C6F9033C1CE60E67F0F272EDBC2CB22670589E57D4F18D0A55C8A7D36C13
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qxmlserializer.sip generated by MetaSIP..//..// This file is part of the QtXmlPatterns Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QXmlSerializ

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtXml\QtXml.toml

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):180
                                                                                                                                                                                              Entropy (8bit):5.101634367073669
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:SZ3GMiyT8QQCQIMQDKN57wvAMKxwehyIWWMKxtHO+Cm4o6Mvk/dkC1WiE4yn:SZDim82QIRG7NthyIXo+Cm4o6Tdk6An
                                                                                                                                                                                              MD5:141A7B2580E56D9CA749D110017FBF31
                                                                                                                                                                                              SHA1:A99020B78A6EE718DA37C2C13353717F82419704
                                                                                                                                                                                              SHA-256:1B14D0DF94A26F8F607FD05AC2781E5CC0AB51154255B6440B02DF7551230AD2
                                                                                                                                                                                              SHA-512:525697385419918CC02E6377B0B11FC2C4BCBC7761E1E7D6097015586C568F3E07FD40B21C1F231C65E08DE3E20E6539E64C67CAFAB653CDBE63D860B9BAEE31
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:# Automatically generated configuration for PyQt5.QtXml.....sip-version = "6.8.6"..sip-abi-version = "12.15"..module-tags = ["Qt_5_15_2", "WS_WIN"]..module-disabled-features = []..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtXml\QtXmlmod.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1986
                                                                                                                                                                                              Entropy (8bit):5.162272830181779
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:tWiB098mXIpmNDzVZRURU2SnOka/T986wiND/fZR02ASBOk/KViX:L098RszhJhab98tAzhAS//OE
                                                                                                                                                                                              MD5:96296AF1961A9EF718B64499708C132A
                                                                                                                                                                                              SHA1:CCBDC46179D718061F0E7A162FBBE77F0E03DE03
                                                                                                                                                                                              SHA-256:D3606EE0D194EC61FFF040340511DDA6A68DF1E2C3AF13409C29BBC7AAF55BB4
                                                                                                                                                                                              SHA-512:01F49943D3FADF4582CF4A477A0435BCD50CC26A394E8372F110650CBD3A6FF9DA8BE37AF52105F906C080ED48332596BB9FC86EA0314B5BB08E1AE6D3D53332
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// QtXmlmod.sip generated by MetaSIP..//..// This file is part of the QtXml Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......%Module(name=PyQt5.QtXml, keywor

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtXml\qdom.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):14946
                                                                                                                                                                                              Entropy (8bit):4.93688210140852
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:wdRjiA43UZRe+Qh7QRSKCIBwAGpfn2oZhy4aCA2Vgf5AhQHCe2h7rY:UR+WRSXIB/mfPZhyaydz
                                                                                                                                                                                              MD5:544BFCBCAB7ADEBE55B1DA257C842137
                                                                                                                                                                                              SHA1:2731CD4F5EB278A9C417E506EE2E16C92A7CEED3
                                                                                                                                                                                              SHA-256:644749D664F7F70E38B584CBE520391DBBA9553F88117D7F9454A96D909E6535
                                                                                                                                                                                              SHA-512:17C789A898A0EE7754DE1DDAEA23405CA72A3DBAF5EE6F17401B0C9F3E005538E4293FC9D908C1D813DB571815598A04401D4621626043A4F8B07AA4E595D6F7
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qdom.sip generated by MetaSIP..//..// This file is part of the QtXml Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QDomImplementation..{..%TypeHe

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\bindings\QtXml\qxml.sip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:C++ source, ASCII text, with CRLF line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):12509
                                                                                                                                                                                              Entropy (8bit):4.98635824365365
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:l1L4h9NmnjttbwXmXXBfoXqdQxfQ1RQNfQdLQ5fQlXHX1eX14Xqw3XR9ap2xenuJ:Rt2MCI3oqB5goRVA2GuJUkyPegYMdriN
                                                                                                                                                                                              MD5:C5CF173988B2B73B272E22CCB5E142A8
                                                                                                                                                                                              SHA1:BB1461335F327626F9C31DC2407AF88ACE04AACC
                                                                                                                                                                                              SHA-256:146FC5493AC275778976AEBE2421208B126463BD6DB109ABA5FB62F9BED31CA2
                                                                                                                                                                                              SHA-512:D855F6BDA30843862CB9E3A888C89579DA1E37A58EDC19A964DC092C5F8E0FB5FFE471622BB7E79CD3113DBBB06D67C54D731F6CED330D61E39614A94239F5EE
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:// qxml.sip generated by MetaSIP..//..// This file is part of the QtXml Python extension module...//..// Copyright (c) 2024 Riverbank Computing Limited <info@riverbankcomputing.com>..// ..// This file is part of PyQt5...// ..// This file may be used under the terms of the GNU General Public License..// version 3.0 as published by the Free Software Foundation and appearing in..// the file LICENSE included in the packaging of this file. Please review the..// following information to ensure the GNU General Public License version 3.0..// requirements will be met: http://www.gnu.org/copyleft/gpl.html...// ..// If you do not wish to use this file under the terms of the GPL version 3.0..// then you may purchase a commercial license. For more information contact..// info@riverbankcomputing.com...// ..// This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE..// WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.......class QXmlNamespaceSupport..{..%Type

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\PyQt5\sip.pyi

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Python script, ASCII text executable
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2959
                                                                                                                                                                                              Entropy (8bit):4.867947688553428
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:8x0NnYE4m+XquxNO6jz5e6ouCtu1Ela6JeIZrId4NZpk8aaxUhGVJLEWZ5rXHndg:Rt4m2q2NO6n5e6ouCteEJJeIZrId2/kf
                                                                                                                                                                                              MD5:3D91D607972FF817AEBF990C4002B7E7
                                                                                                                                                                                              SHA1:68813FA4425625343BCA17606DD069EBC6A94B72
                                                                                                                                                                                              SHA-256:FB08D54F87130BD9EBA2B42A99322DF1B687D7DBCF5BD660AC8A6E0FAB446BB7
                                                                                                                                                                                              SHA-512:2E406FB65882E593135B4F5D8BE1DBD5AAC72C92CE7A3DD0AA667555A8CCB3BF7D066DD89E2AF8A17B11ED7FCFAE3F29A130515C4410052FDA615B44BFE18407
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:# SPDX-License-Identifier: BSD-2-Clause..# Copyright (c) 2024 Phil Thompson <phil@riverbankcomputing.com>...from typing import Any, Generic, Iterable, overload, Sequence, TypeVar, Union...# PEP 484 has no explicit support for the buffer protocol so we just name types.# we know that implement it..Buffer = Union[bytes, bytearray, memoryview, 'array', 'voidptr']...# Constants..SIP_VERSION = ... # type: int.SIP_VERSION_STR = ... # type: str...# The bases for SIP generated types..class wrappertype:. def __init__(self, *args, **kwargs) -> None: .....class simplewrapper:. def __init__(self, *args, **kwargs) -> None: .....class wrapper(simplewrapper): ......# The array type.._T = TypeVar('_T')..class array(Sequence[_T], Generic[_T]):.. @overload. def __getitem__(self, key: int) -> _T: .... @overload. def __getitem__(self, key: slice) -> 'array[_T]': ..... @overload. def __setitem__(self, key: int, value: _T) -> None: .... @overload. def __setitem__(self, k

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\VCRUNTIME140.dll

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):98224
                                                                                                                                                                                              Entropy (8bit):6.452201564717313
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:1536:ywqHLG4SsAzAvadZw+1Hcx8uIYNUzUoHA4decbK/zJNuw6z5U:ytrfZ+jPYNzoHA4decbK/FNu51U
                                                                                                                                                                                              MD5:F34EB034AA4A9735218686590CBA2E8B
                                                                                                                                                                                              SHA1:2BC20ACDCB201676B77A66FA7EC6B53FA2644713
                                                                                                                                                                                              SHA-256:9D2B40F0395CC5D1B4D5EA17B84970C29971D448C37104676DB577586D4AD1B1
                                                                                                                                                                                              SHA-512:D27D5E65E8206BD7923CF2A3C4384FEC0FC59E8BC29E25F8C03D039F3741C01D1A8C82979D7B88C10B209DB31FBBEC23909E976B3EE593DC33481F0050A445AF
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......*..qn.."n.."n.."...#l.."g.."e.."n.."B.."<..#c.."<..#~.."<..#q.."<..#o.."<.g"o.."<..#o.."Richn.."................PE..d...%|.a.........." .........`......p................................................{....`A.........................................B..4....J...............p..X....X...'..........h,..T............................,..8............................................text............................... ..`.rdata...@.......B..................@..@.data...@....`.......@..............@....pdata..X....p.......D..............@..@_RDATA...............P..............@..@.rsrc................R..............@..@.reloc...............V..............@..B........................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\VCRUNTIME140_1.dll

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):37256
                                                                                                                                                                                              Entropy (8bit):6.297533243519742
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:5hnvMCmWEKhUcSLt5a9k6KrOE5fY/ntz5txWE6Wc+Xf0+uncS7IO5WrCKWU/tQ0g:YCm5KhUcwrHY/ntTxT6ov07b4SwY1zl
                                                                                                                                                                                              MD5:135359D350F72AD4BF716B764D39E749
                                                                                                                                                                                              SHA1:2E59D9BBCCE356F0FECE56C9C4917A5CACEC63D7
                                                                                                                                                                                              SHA-256:34048ABAA070ECC13B318CEA31425F4CA3EDD133D350318AC65259E6058C8B32
                                                                                                                                                                                              SHA-512:CF23513D63AB2192C78CAE98BD3FEA67D933212B630BE111FA7E03BE3E92AF38E247EB2D3804437FD0FDA70FDC87916CD24CF1D3911E9F3BFB2CC4AB72B459BA
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......D_.O.>...>...>...N...>..RK...>...F^..>...>..1>..RK...>..RK...>..RK...>..RK...>..RK2..>..RK...>..Rich.>..........................PE..d...)|.a.........." .....:...6......`A....................................................`A.........................................l.......m..x....................n...#......<...(b..T............................b..8............P..X............................text...e9.......:.................. ..`.rdata.. "...P...$...>..............@..@.data... ............b..............@....pdata...............d..............@..@.rsrc................h..............@..@.reloc..<............l..............@..B................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\__future__.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4111
                                                                                                                                                                                              Entropy (8bit):5.369041535051993
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:sgdNzUuGd+P2sKNsNWAom2j8SJ4n2OEyEqgZ5UZnlT5EIPiRu8COuc/:N4BRRAom1VIqgDiWlXuc/
                                                                                                                                                                                              MD5:A60B1334D3429A02E70C5A0574F2AF5D
                                                                                                                                                                                              SHA1:CE11640237857D436B089B1E6233F9D4CF2DB271
                                                                                                                                                                                              SHA-256:F18CB1E450A6C67182ADC35C75A89F66E35F4215D7945DEA21FB429DAABAD20B
                                                                                                                                                                                              SHA-512:7281F44FC95CC71E22954829C1FE00258BF2A764F4D8191F53F5C30224B1397FD97DA967E0118D471A07EC4C60A911721FE6D03CB9783671BA58620C288E6B24
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@........d.Z.g.d...Z.d.g.e...Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.G.d.d...d...Z.e.d.d.e...Z.e.d.d.e...Z.e.d.d.e...Z.e.d.d.e...Z.e.d.d.e...Z.e.d.d.e...Z.e.d.d.e...Z.e.d.d.e...Z.e.d.d.e...Z.e.d.d.e...Z.d.S.)..n...Record of phased-in incompatible language changes...Each line is of the form:.. FeatureName = "_Feature(" OptionalRelease "," MandatoryRelease ",". CompilerFlag ")"..where, normally, OptionalRelease < MandatoryRelease, and both are 5-tuples.of the same form as sys.version_info:.. (PY_MAJOR_VERSION, # the 2 in 2.1.0a3; an int. PY_MINOR_VERSION, # the 1; an int. PY_MICRO_VERSION, # the 0; an int. PY_RELEASE_LEVEL, # "alpha", "beta", "candidate" or "final"; string. PY_RELEASE_SERIAL # the 3; an int. )..OptionalRelease records the first release in which.. from __future__ import FeatureName..was accepted...In the case of MandatoryReleases that have not yet occurred,.MandatoryRelease pre

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\_brotli.cp310-win_amd64.pyd

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):820736
                                                                                                                                                                                              Entropy (8bit):6.056282443190043
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12288:tY0Uu7wLsglBv4i5DGAqXMAHhlyL82XTw05nmZfRFo:tp0NA1tAmZfR
                                                                                                                                                                                              MD5:EE3D454883556A68920CAAEDEFBC1F83
                                                                                                                                                                                              SHA1:45B4D62A6E7DB022E52C6159EEF17E9D58BEC858
                                                                                                                                                                                              SHA-256:791E7195D7DF47A21466868F3D7386CFF13F16C51FCD0350BF4028E96278DFF1
                                                                                                                                                                                              SHA-512:E404ADF831076D27680CC38D3879AF660A96AFC8B8E22FFD01647248C601F3C6C4585D7D7DC6BBD187660595F6A48F504792106869D329AA1A0F3707D7F777C6
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......5.r.q...q...q...x...y......s...:...s......|......y......r.....r...q...L.....Q.....p.....p.....p...Richq...........PE..d... ..d.........." ...#.@...H.......F....................................................`.........................................@c..`....c.......................................9..............................P8..@............P...............................text....?.......@.................. ..`.rdata.......P.......D..............@..@.data........p.......`..............@....pdata...............h..............@..@.rsrc...............................@..@.reloc..............................@..B................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\_bz2.pyd

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):83736
                                                                                                                                                                                              Entropy (8bit):6.595094797707322
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:1536:hXOz78ZqjUyAsIi7W/5+D8W35mjZm35ILCVM7SyfYPxe:pOzwpyAFi7WMgW34jZm35ILCVMZoxe
                                                                                                                                                                                              MD5:86D1B2A9070CD7D52124126A357FF067
                                                                                                                                                                                              SHA1:18E30446FE51CED706F62C3544A8C8FDC08DE503
                                                                                                                                                                                              SHA-256:62173A8FADD4BF4DD71AB89EA718754AA31620244372F0C5BBBAE102E641A60E
                                                                                                                                                                                              SHA-512:7DB4B7E0C518A02AE901F4B24E3860122ACC67E38E73F98F993FE99EB20BB3AA539DB1ED40E63D6021861B54F34A5F5A364907FFD7DA182ADEA68BBDD5C2B535
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........d.>...m...m...m.}<m...m.p.l...m.jRm...m.p.l...m.p.l...m.p.l...mup.l...m.}.l...m...m...mup.l...mup.l...mupPm...mup.l...mRich...m................PE..d.....,d.........." .........\..............................................P............`......................................... ...H...h........0....... ..,......../...@......`...T...............................8............................................text.............................. ..`.rdata...=.......>..................@..@.data...............................@....pdata..,.... ......................@..@.rsrc........0......................@..@.reloc.......@......................@..B................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\_compat_pickle.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5850
                                                                                                                                                                                              Entropy (8bit):5.798867776989796
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:4PgbBl/+DUvOvdW7Javt9PVNkpsv7ve6Paki8oV9CBfbywQMKL7KEQ:s9DJnTMEGwa8orGuzL2EQ
                                                                                                                                                                                              MD5:EEB2B8AB4EDE37624F78125E6536B2D6
                                                                                                                                                                                              SHA1:84A839D69C5DA6243A44408CF73FC6D69EDA23E2
                                                                                                                                                                                              SHA-256:2E239A6152E54E6C318AC96EBA30B09C8E7FC107B18367905554078820B71DAF
                                                                                                                                                                                              SHA-512:D204C20E8754B49F0F3ECEDF09E71A20095D34A3AC03ACCC7223D0A70A16970DDC081516239855C0797D6D6A535450B94D3B7469E8BDC02B14CCC80CAD7119EC
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@....$...i.d.d...d.d...d.d...d.d...d.d...d.d...d.d...d.d...d.d...d.d...d.d...d.d...d.d...d.d...d.d...d.d...d d!..i.d"d#..d$d%..d&d'..d(d)..d*d+..d,d-..d.d/..d0d1..d2d3..d4d5..d6d7..d8d9..d:d;..d<d=..d>d?..d@dA..dBdC....dDdEdFdGdHdId2dJdK....Z.i.dLdM..dNdO..dPdQ..dRdS..dTdU..dVdW..dXdY..dZd[..d\d]..d^d_..d`da..dbdc..ddde..dfdg..dhdi..djdk..dldm..i.dndo..dpdq..drds..dtdu..dvdw..dxdy..dzd{..d|d}..d~d...d.d...d.d...d.d...d.d...d.d...d.d...d.d.....Z.d.Z.z.e...W.n...e.y.......Y.n.w.e.d.7.Z.e.D.].Z.d.e.f.e.d.e.f.<.q.d.Z.e.D.].Z.d.e.f.e.d.e.f.<...q.e.d.d...e.....D.....Z.e.e...e.e...k...s#J...e.d.d...e.....D.....Z.e.e...e.e...k...s9J...e...d.d.d.d.d9dDdDd.d.d.d2d.d.d.......e...d.d2d.d4d.d.......e...dUd.dcd.d.......e...dNd.d.d.d.d.d.d.d.d.d.d.d.d.......d.Z.e.D.].Z.d.e.d.e.f.<...qxd.Z.e.D.].Z.d.e.d.e.f.<...q.d.S.)...__builtin__..builtins..copy_reg..copyreg..Queue..queue..SocketServer..socketserver..ConfigParser..configparser..repr..reprlib..tkFileDialog..tkint

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\_compression.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4490
                                                                                                                                                                                              Entropy (8bit):5.165556045339323
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:EnAZxmr5vc6bSCemAP4Q9XEVjFiMOG6u7zTw4QYWvPyfRquDMfHWPw6:EN3DYJfhLww4QYWaRqwMPWPV
                                                                                                                                                                                              MD5:720CB15D3B7E81E5F5B94D49342A1E82
                                                                                                                                                                                              SHA1:1427C71826D2B48E49FACB12824607625C33A1EB
                                                                                                                                                                                              SHA-256:30D93ED2C952313FA7DAD7441A91A7895B7F8639CB659C2DCDFCA18F0FCDFCFC
                                                                                                                                                                                              SHA-512:ABC404A9E4E8B778E7CE8A78E934724DDCCC3962F17329651285FA72AFFC87811EFD9E6DCE664D5BC4BFA07E59BF88520766CF35ACAE7826C9D26054BF1CFA44
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@....B...d.Z.d.d.l.Z.d.d.l.Z.e.j.Z.G.d.d...d.e.j...Z.G.d.d...d.e.j...Z.d.S.)..7Internal classes used by the gzip, lzma and bz2 modules.....Nc....................@....0...e.Z.d.Z.d.Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.S.)...BaseStream..Mode-checking helper functions.c....................C........|.j.r.t.d.....d.S.).N..I/O operation on closed file....closed..ValueError....self..r......_compression.py.._check_not_closed.................BaseStream._check_not_closedc....................C........|.....s.t...d.....d.S.).N..File not open for reading....readable..io..UnsupportedOperationr....r....r....r......_check_can_read.................BaseStream._check_can_readc....................C...r....).N..File not open for writing....writabler....r....r....r....r....r......_check_can_write....r......BaseStream._check_can_writec....................C....(...|.....s.t...d.....|.....s.t...d.....d.S.).N.3Seeking is only supported on files open for reading.3The underlyin

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\_decimal.pyd

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):254744
                                                                                                                                                                                              Entropy (8bit):6.564308911485739
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6144:3LT2sto29vTlN5cdIKdo4/3VaV8FlBa9qWMa3pLW1A/T8O51j4iab9M:H2s/9vTlPcdk4vVtFU98iIu
                                                                                                                                                                                              MD5:20C77203DDF9FF2FF96D6D11DEA2EDCF
                                                                                                                                                                                              SHA1:0D660B8D1161E72C993C6E2AB0292A409F6379A5
                                                                                                                                                                                              SHA-256:9AAC010A424C757C434C460C3C0A6515D7720966AB64BAD667539282A17B4133
                                                                                                                                                                                              SHA-512:2B24346ECE2CBD1E9472A0E70768A8B4A5D2C12B3D83934F22EBDC9392D9023DCB44D2322ADA9EDBE2EB0E2C01B5742D2A83FA57CA23054080909EC6EB7CF3CA
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........76..VX..VX..VX.....VX..#Y..VX..#]..VX..#\..VX..#[..VX.t#Y..VX...Y..VX..VY.+VX.t#[..VX.t#U..VX.t#X..VX.t#...VX.t#Z..VX.Rich.VX.........................PE..d.....,d.........." .....|...:.......................................................r....`..........................................T..P...0U...................'......./......<...0...T...............................8............................................text....{.......|.................. ..`.rdata..............................@..@.data....)...p...$...X..............@....pdata...'.......(...|..............@..@.rsrc...............................@..@.reloc..<...........................@..B........................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\_hashlib.pyd

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):64792
                                                                                                                                                                                              Entropy (8bit):6.223467179037751
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:1536:/smKJPganCspF1dqZAC2QjP2RILOIld7SyEPxDF:/smKpgNoF1dqZDnjP2RILOIv2xB
                                                                                                                                                                                              MD5:D4674750C732F0DB4C4DD6A83A9124FE
                                                                                                                                                                                              SHA1:FD8D76817ABC847BB8359A7C268ACADA9D26BFD5
                                                                                                                                                                                              SHA-256:CAA4D2F8795E9A55E128409CC016E2CC5C694CB026D7058FC561E4DD131ED1C9
                                                                                                                                                                                              SHA-512:97D57CFB80DD9DD822F2F30F836E13A52F771EE8485BC0FD29236882970F6BFBDFAAC3F2E333BBA5C25C20255E8C0F5AD82D8BC8A6B6E2F7A07EA94A9149C81E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........Q..b?..b?..b?......b?..>..b?..:..b?..;..b?..<..b?.2.>..b?..>..b?.7.>..b?..b>.pb?.2.2..b?.2.?..b?.2....b?.2.=..b?.Rich.b?.........PE..d.....,d.........." .....P...........<....................................................`............................................P...0............................/......T....k..T............................k..8............`.. ............................text....N.......P.................. ..`.rdata..4P...`...R...T..............@..@.data...H...........................@....pdata..............................@..@.rsrc...............................@..@.reloc..T...........................@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\_lzma.pyd

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):158488
                                                                                                                                                                                              Entropy (8bit):6.8491143497239655
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3072:j0k3SXjD9aWpAn3rb7SbuDlvNgS4fWqEznfo9mNoFTSlXZ8Ax5ILZ1GIxq:j0kiXjD9v8X7Euk4wYOFTafxn
                                                                                                                                                                                              MD5:7447EFD8D71E8A1929BE0FAC722B42DC
                                                                                                                                                                                              SHA1:6080C1B84C2DCBF03DCC2D95306615FF5FCE49A6
                                                                                                                                                                                              SHA-256:60793C8592193CFBD00FD3E5263BE4315D650BA4F9E4FDA9C45A10642FD998BE
                                                                                                                                                                                              SHA-512:C6295D45ED6C4F7534C1A38D47DDC55FEA8B9F62BBDC0743E4D22E8AD0484984F8AB077B73E683D0A92D11BF6588A1AE395456CFA57DA94BB2A6C4A1B07984DE
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........l.M...M...M...D..I.......O.......F.......E.......N.......N.......O...M...(.......w.......L.......L.......L...RichM...................PE..d...&.,d.........." .....`..........p3...............................................4....`.............................................L.......x....`.......@.......<.../...p..D...H{..T............................{..8............p...............................text....^.......`.................. ..`.rdata.......p.......d..............@..@.data........0......................@....pdata.......@......................@..@.rsrc........`.......0..............@..@.reloc..D....p.......:..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\_py_abc.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4661
                                                                                                                                                                                              Entropy (8bit):5.366184653905742
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:f+v2XIUHa2+J6DQkj152HrcYIRNZS/hGbU5sXoYmwS9/oo8HQU/lisuXaNg6NWyq:u24OzQ6M8152LiRe4bUsXBmwS9/oo8HW
                                                                                                                                                                                              MD5:7A408C1218E8AEE594B89D6FF2400903
                                                                                                                                                                                              SHA1:6B25E97F692480B5433F4E41927BF20A691742F0
                                                                                                                                                                                              SHA-256:16108604C0D58C699155ADCED128D325EA0374E6515AECD4F1748BA8740D37CB
                                                                                                                                                                                              SHA-512:82CF32693B3DD9E52D40BED7DCA30A403A75D85A5703C120288D531AE379179030C136B851F43DA99AB33EA42FD06665F172EAD36301CB05265AEDF6CC354EF2
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@....(...d.d.l.m.Z...d.d...Z.G.d.d...d.e...Z.d.S.)..........WeakSetc....................C........t.j.S.)...Returns the current ABC cache token... The token is an opaque object (supporting equality testing) identifying the. current version of the ABC cache for virtual subclasses. The token changes. with every call to ``register()`` on any ABC.. ....ABCMeta.._abc_invalidation_counter..r....r......_py_abc.py..get_cache_token...........r....c.........................V...e.Z.d.Z.d.Z.d.Z...f.d.d...Z.d.d...Z.d.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.....Z.S.).r.....h...Metaclass for defining Abstract Base Classes (ABCs)... Use this metaclass to create an ABC. An ABC can be subclassed. directly, and then acts as a mix-in class. You can also register. unrelated concrete classes (even built-in classes) and unrelated. ABCs as 'virtual subclasses' -- these and their descendants will. be considered subclasses of the registering ABC b

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\_pydecimal.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):157693
                                                                                                                                                                                              Entropy (8bit):5.529360331452323
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3072:8fxaRDo8V+4x1pX1mjJhWRoq4nz3nvAfT:8fxc834x1pkjJhWRz4nz3vAfT
                                                                                                                                                                                              MD5:4D2E16B1434EFE6959C2FA774F6B86B3
                                                                                                                                                                                              SHA1:66159A4D5CB0444E2D2461F319613B13DCEC5583
                                                                                                                                                                                              SHA-256:31856E427160D4D677E75AE3D73671A01AB05105FDEBB9D4B62DF199E3806593
                                                                                                                                                                                              SHA-512:B8AFE4EFBF28BDB5280F4B221D0DD349A87CF16ABD7DD662865A0DA5E55DC2D2CC9EE8D66FA3B2E9ADF56717DC99A0989739F7FC5CD786958D09C3B165E00C4D
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@....p...d.Z.g.d...Z.e.Z.d.Z.d.Z.d.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.z.d.d.l.m.Z...e.d.d...Z.W.n...e.y4......d.d...Z.Y.n.w.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.e.j.d.k.rUd.Z.d.Z.d.Z.n.d.Z.d.Z.d.Z.e.e.d.....Z.G.d.d...d.e...Z G.d.d...d.e ..Z!G.d.d ..d e ..Z"G.d!d"..d"e"..Z#G.d#d$..d$e e$..Z%G.d%d&..d&e"..Z&G.d'd(..d(e"e$..Z'G.d)d*..d*e ..Z(G.d+d,..d,e"..Z)G.d-d...d.e ..Z*G.d/d0..d0e ..Z+G.d1d2..d2e(e*..Z,G.d3d4..d4e(e*e+..Z-G.d5d6..d6e e...Z/e!e%e(e,e*e-e"e+e/g.Z0e#e"e&e"e'e"e)e"i.Z1e.e.e.e.e.e.e.e.f.Z2d.d.l3Z3e3.4d7..Z5d8d9..Z6d:d;..Z7[3d.d<d=..Z8G.d>d?..d?e9..Z:d.dAdB..Z;e.j<.=e:....G.dCdD..dDe9..Z>G.dEdF..dFe9..Z?G.dGdH..dHe9..Z@d.dIdJ..ZAeBjCZDdKdL..ZEdMdN..ZFdOdP..ZGdQdR..ZHd.dTdU..ZIdVdW..ZJdXdY..ZKG.dZd[..d[e9..ZLeL..jMZNd.d\d]..ZOd^d_..ZPd`da..ZQdbdcdddedfdgdhdidjdk..f.dldm..ZRd.dndo..ZSd.dpdq..ZTe?dre.e%e,e"g.g.dsdtd.d.du..ZUe?dve.e%e,e"e!e-g.g.dw..ZVe?dve.g.g.dw..ZWd.d.lXZXeX.YdxeXjZeXj[B...j\Z]eX.Ydy..j\Z^eX.Ydz..j\Z_eX.Yd{eXjZeXj`B...Za[Xz.d.d.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\_queue.pyd

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):31512
                                                                                                                                                                                              Entropy (8bit):6.563116725717513
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:768:bxrUGCpa6rIxdK/rAwVILQU85YiSyvz5PxWEaAc:trUZIzYrAwVILQUG7SydPxDc
                                                                                                                                                                                              MD5:D8C1B81BBC125B6AD1F48A172181336E
                                                                                                                                                                                              SHA1:3FF1D8DCEC04CE16E97E12263B9233FBF982340C
                                                                                                                                                                                              SHA-256:925F05255F4AAE0997DC4EC94D900FD15950FD840685D5B8AA755427C7422B14
                                                                                                                                                                                              SHA-512:CCC9F0D3ACA66729832F26BE12F8E7021834BBEE1F4A45DA9451B1AA5C2E63126C0031D223AF57CF71FAD2C85860782A56D78D8339B35720194DF139076E0772
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........a............................................V...................V......V......V......V......Rich....................PE..d.....,d.........." .........6......................................................N.....`.........................................@C..L....C..d....p.......`.......L.../...........3..T...........................p3..8............0.. ............................text...~........................... ..`.rdata.......0......................@..@.data........P.......8..............@....pdata.......`.......<..............@..@.rsrc........p.......@..............@..@.reloc...............J..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\_socket.pyd

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):79128
                                                                                                                                                                                              Entropy (8bit):6.284790077237953
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:1536:ZmtvsXhgzrojAs9/s+S+pGLypbyxk/DDTBVILLwX7SyiPx9:c56OzyAs9/sT+pGLypb+k/XFVILLwX4f
                                                                                                                                                                                              MD5:819166054FEC07EFCD1062F13C2147EE
                                                                                                                                                                                              SHA1:93868EBCD6E013FDA9CD96D8065A1D70A66A2A26
                                                                                                                                                                                              SHA-256:E6DEB751039CD5424A139708475CE83F9C042D43E650765A716CB4A924B07E4F
                                                                                                                                                                                              SHA-512:DA3A440C94CB99B8AF7D2BC8F8F0631AE9C112BD04BADF200EDBF7EA0C48D012843B4A9FB9F1E6D3A9674FD3D4EB6F0FA78FD1121FAD1F01F3B981028538B666
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......~...:...:...:...3.i.<...h...8...h...6...h...2...h...9.......8...:.......q...=.......;.......;.......;.......;...Rich:...........PE..d.....,d.........." .....l...........%.......................................P............`.............................................P............0....... ..<......../...@..........T..............................8............................................text...fj.......l.................. ..`.rdata..Ts.......t...p..............@..@.data...............................@....pdata..<.... ......................@..@.rsrc........0......................@..@.reloc.......@......................@..B................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\_ssl.pyd

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):160536
                                                                                                                                                                                              Entropy (8bit):6.027748879187965
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3072:OwYiZ+PtocHnVXhLlasuvMETxoEBA+nbUtGnBSonJCNI5ILC7Gax1:FYk+PtocHVxx/uvPCEwhGJ
                                                                                                                                                                                              MD5:7910FB2AF40E81BEE211182CFFEC0A06
                                                                                                                                                                                              SHA1:251482ED44840B3C75426DD8E3280059D2CA06C6
                                                                                                                                                                                              SHA-256:D2A7999E234E33828888AD455BAA6AB101D90323579ABC1095B8C42F0F723B6F
                                                                                                                                                                                              SHA-512:BFE6506FEB27A592FE9CF1DB7D567D0D07F148EF1A2C969F1E4F7F29740C6BB8CCF946131E65FE5AA8EDE371686C272B0860BD4C0C223195AAA1A44F59301B27
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........C.-...-...-.....-...,...-...(...-...)...-.......-.W.,...-.R.,...-...,...-...,...-.W. ...-.W.-...-.W....-.W./...-.Rich..-.................PE..d.....,d.........." ................l*..............................................%.....`.............................................d...........`.......P.......D.../...p..8.......T...............................8............................................text...(........................... ..`.rdata..6...........................@..@.data....j.......f..................@....pdata.......P....... ..............@..@.rsrc........`.......,..............@..@.reloc..8....p.......6..............@..B................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\_strptime.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):15907
                                                                                                                                                                                              Entropy (8bit):5.802556111574027
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:jiCwA5aGvhcInwHE8HsOBRmvAW2EEMNx9hzx5PtC7:ZJ5z5QE8HHBRmv1EMxhzPk
                                                                                                                                                                                              MD5:16A53F037C6563917F5B6D68459DD104
                                                                                                                                                                                              SHA1:A4EF043008FA7A52AEBD7042E1D83A886CAC9E18
                                                                                                                                                                                              SHA-256:3772874AE98838F1CD53E762D958180E6A67D919B25ECED933055AAFC1DAA7F9
                                                                                                                                                                                              SHA-512:6508540EC07DC0917E5A7245B3D5C18EDBC42890FC0AF8F75E77ECC32852DE62B2FA38B748349141B336E40422EC35340C756EBAAB4A1ABDB41DBE77D20633EB
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@........d.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z.m.Z.m.Z...d.d.l.m.Z...g.Z.d.d...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.e...Z.e...a.d.Z.i.a.d.d...Z.d.d...Z.d.d.d...Z d.d.d...Z!d.d.d...Z"d.S.).....Strptime-related classes and functions...CLASSES:. LocaleTime -- Discovers and stores locale-specific time information. TimeRE -- Creates regexes for pattern matching a string of text containing. time information..FUNCTIONS:. _getlang -- Figure out what language is being used for the locale. strptime -- Calculates the time struct represented by the passed-in string.......N....compile....IGNORECASE....escape....date..timedelta..timezone....allocate_lockc....................C........t...t.j...S.).N....locale..getlocale..LC_TIME..r....r......_strptime.py.._getlang...........r....c....................@....@...e.Z.d.Z.d.Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.S.)...LocaleTime.k...Stores and han

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\_threading_local.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):6523
                                                                                                                                                                                              Entropy (8bit):5.297004545015491
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:W5s4IChC4/ew4oV6TD/Dh83cfAMftK5pUDMMwvAmB82AFwm3r9lUn40G:Wi4mNoIa3c4ITwIZ3rHUndG
                                                                                                                                                                                              MD5:566A7B3A431F06EF7A13B818888AA3B2
                                                                                                                                                                                              SHA1:297C74CAE5CBCB6FB16AA592DD10AE841DE9420D
                                                                                                                                                                                              SHA-256:8E855D1AA8952CEC9D9BB0CA8C9951FEB3EF1616B3D830FAD1E3353D9A7BF837
                                                                                                                                                                                              SHA-512:07315715C2D1CE693DDB256EF9071D5EF42B938465F2357E369ED950277117A8A8E5E4F63C9F116C4D1AE4BFB9810D06721F5790ED67440CC10AC14B0558E6C4
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@....^...d.Z.d.d.l.m.Z...d.d.l.m.Z...d.g.Z.G.d.d...d...Z.e.d.d.....Z.G.d.d...d...Z.d.d.l.m.Z.m.Z...d.S.)..(...Thread-local objects...(Note that this module provides a Python version of the threading.local. class. Depending on the version of Python you're using, there may be a. faster one available. You should always import the `local` class from. `threading`.)..Thread-local objects support the management of thread-local data..If you have data that you want to be local to a thread, simply create.a thread-local object and use its attributes:.. >>> mydata = local(). >>> mydata.number = 42. >>> mydata.number. 42..You can also access the local-object's dictionary:.. >>> mydata.__dict__. {'number': 42}. >>> mydata.__dict__.setdefault('widgets', []). []. >>> mydata.widgets. []..What's important about thread-local objects is that their data are.local to a thread. If we access the data in a different thread:.. >>> log = []. >>> def f():. ...

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\argparse.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):63060
                                                                                                                                                                                              Entropy (8bit):5.395710765053623
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:1536:0pUD+QNFjLL8PelugD8kKNu9HuizYcV9NCksWEMeFFHB44C:0uNl8k5HuyrV9NCxsb
                                                                                                                                                                                              MD5:78650773A499E91AB1E5E317E1D193FC
                                                                                                                                                                                              SHA1:191CBE87829F30A08E6536F38B60C868DA11F42B
                                                                                                                                                                                              SHA-256:9F9C6E5C225ABB38005EF447EFC61D9E99068054CC2D9051054C0FF241C1486A
                                                                                                                                                                                              SHA-512:0975E552B6CCE07BE2E62B0466EE19C8EB32955FC108E2C6FB563D086945436F8D312E2805706FD1D7C4672030306D4F5023F25B3E50ECAF6573C5A814E9F6E2
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@........d.Z.d.Z.g.d...Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.m.Z.m.Z...d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.G.d.d...d.e...Z.d.d...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.d.d...Z.G.d.d...d.e...Z.G.d.d ..d e...Z.G.d!d"..d"e...Z.G.d#d$..d$e...Z G.d%d&..d&e...Z!G.d'd(..d(e...Z"G.d)d*..d*e"..Z#G.d+d,..d,e"..Z$G.d-d...d.e...Z%G.d/d0..d0e...Z&G.d1d2..d2e...Z'G.d3d4..d4e...Z(G.d5d6..d6e...Z)G.d7d8..d8e...Z*G.d9d:..d:e%..Z+G.d;d<..d<e...Z,G.d=d>..d>e...Z-G.d?d@..d@e...Z.G.dAdB..dBe...Z/G.dCdD..dDe/..Z0G.dEdF..dFe.e...Z1d.S.)G.....Command-line parsing library..This module is an optparse-inspired command-line parsing library that:.. - handles both optional and positional arguments. - produces highly informative usage messages. - supports parsers that dispatch to sub-parsers..The following is a simple usage example that sums integers from the.command-line and writes the result to a file::.. parser = argparse.ArgumentParser

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\ast.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):55749
                                                                                                                                                                                              Entropy (8bit):5.342440613876116
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:1536:V4+GlgD7UGQCeB6LFmp2aws7yqDuK4071l:V4WBF7hs7yqDuK/z
                                                                                                                                                                                              MD5:9277296D36CC42B0A1B8C74E73B1FB92
                                                                                                                                                                                              SHA1:221F04F80BB3BC57BFCA1395A7CA342B3272A0B2
                                                                                                                                                                                              SHA-256:5A775817342B9FDA697DE79F66A814A6B5C0A5F8318B07ECC4A2B62F0F93739A
                                                                                                                                                                                              SHA-512:3FBECB7D557E4D9CB438B3514B301FFE791C06820EE99AD8D73CAFA61788DB640B2CA974BE4BAFDCD8889287483DFB1DD652E01CE938739C541032B74DA998ED
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@........d.Z.d.d.l.Z.d.d.l.T.d.d.l.m.Z.m.Z...d.d.l.m.Z.m.Z...d`d.d.d...d.d...Z.d.d...Z.dad.d...d.d...Z.d.d...Z.d.d...Z.dbd.d...Z.d.d...Z.d.d...Z.dcd.d...Z.d.d ..Z.d!d"..Z.d.d#..d$d%..Z.d&d'..Z.G.d(d)..d)e...Z.G.d*d+..d+e...Z.e.e.d,..s.d-d...Z.d/d0..Z.e.e.e...e._.e.e.e...e._.G.d1d2..d2e ..Z!d3d4..Z"G.d5d6..d6e.e!d7..Z#G.d8d9..d9e.e!d7..Z$G.d:d;..d;e.e!d7..Z%G.d<d=..d=e.e!d7..Z&G.d>d?..d?e.e!d7..Z'e#e(e)e*f.e$e+f.e%e,f.e&e d...e-f.e'e d@..f.i.Z.e#e-f.i.Z/e-d=e d...d=e(d6e)d6e*d6e+d9e,d;e d@..d?i.Z0G.dAdB..dBe1..Z2G.dCdD..dDe2..Z3G.dEdF..dFe2..Z4e.e5dG....s"dHdI..Z6dJdK..Z7e.e6e7..e5_8G.dLdM..dMe9..Z:G.dNdO..dOe;..Z<G.dPdQ..dQe;..Z=G.dRdS..dSe;..Z>dTe?e.j@jAd.......ZBG.dUdV..dVe...ZCdWZDdXZEg.eD..eE..R.ZFG.dYdZ..dZe...ZGd[d\..ZHd]d^..ZIeJd_k...ryeI....d.S.d.S.)d.H.... ast. ~~~.. The `ast` module helps Python applications to process trees of the Python. abstract syntax grammar. The abstract syntax itself might change with. each Python re

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\base64.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):17110
                                                                                                                                                                                              Entropy (8bit):5.524272634297277
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:QxayMwXlrYhA1T1cRX6KbWJ5uKLudrIgV3:c3MwlGWIX1b+OrIgV3
                                                                                                                                                                                              MD5:1964FC5D3CD98FABDD626DEDF4760ECE
                                                                                                                                                                                              SHA1:C6CD18D61F79C04E11D33D5CC4425A8937B5E8BA
                                                                                                                                                                                              SHA-256:ACB6F9EC7B6737B931E17EE1A85FE44FB28239CFF6A63ADCCAE8B78CF21C79A0
                                                                                                                                                                                              SHA-512:188C5DB00EADF61106A368B8B15C777C67FF25D40DD26939A2928D07C3500127DBA3E6BCF70A256A2F239DF67192D8FED7F22F3507EF2DCEB6710ECAF2A7CE86
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@........d.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.g.d...Z.e.e.f.Z.d.d...Z.dQd.d...Z.dRd.d...Z.d.d...Z.d.d...Z.e...d.d...Z.e...d.d...Z.d.d...Z.d.d...Z.d.Z.d.Z.d.Z.d.Z.d.Z.i.a.i.a.d.d...Z.dSd.d...Z.d.d...Z.e.j.d d!..e._.dSd"d#..Z.e.j.d e.d$..e._.d%d&..Z.e.j.d'd!..e._.dTd(d)..Z.e.j.d'd*d$..e._.d+d,..Z dTd-d...Z!d.a"d.a#d/Z$d0Z%dUd1d2..Z&d.d.d.d.d3..d4d5..Z'd.d.d6d7..d8d9..Z(d:Z)d.a*d.a+d.a,dTd;d<..Z-d=d>..Z.d?Z/e/d@..dA..Z0dBdC..Z1dDdE..Z2dFdG..Z3dHdI..Z4dJdK..Z5dLdM..Z6dNdO..Z7e8dPk.r.e6....d.S.d.S.)V.DBase16, Base32, Base64 (RFC 3548), Base85 and Ascii85 data encodings.....N....encode..decode..encodebytes..decodebytes..b64encode..b64decode..b32encode..b32decode..b32hexencode..b32hexdecode..b16encode..b16decode..b85encode..b85decode..a85encode..a85decode..standard_b64encode..standard_b64decode..urlsafe_b64encode..urlsafe_b64decodec....................C....l...t.|.t...r.z.|...d...W.S...t.y.......t.d.....w.t.|.t...r.|.S.z.t.|.......W.S...t.y5......t.d.|.j.j.....d...

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\base_library.zip

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:Zip archive data, at least v2.0 to extract, compression method=store
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):880569
                                                                                                                                                                                              Entropy (8bit):5.68298547144186
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12288:cgYJu4KXWyBC6S4IEa8A4a2Ya2xdOVwx/fpEh+rtSLMN6:cgYJiVBFLa2xTVwx/fpEh++MN6
                                                                                                                                                                                              MD5:4C60BCC38288ED81C09957FC6B4CD7CD
                                                                                                                                                                                              SHA1:E7F08D71E567EA73BB30656953837314C8D715A7
                                                                                                                                                                                              SHA-256:9D6F7B75918990EC9CD5820624130AF309A2045119209BD90B4F70BC3ABD3733
                                                                                                                                                                                              SHA-512:856D97B81A2CB53DCBA0136AFA0782E0F3F81BEA46F98E0247582B2E28870B837BE3C03E87562B918EC6BC76469EECC2C22599238D191D3FBA467F7031A2ACAA
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:PK..........!..,..5...5......._collections_abc.pyco....................................@.......d.Z.d.d.l.m.Z.m.Z...d.d.l.Z.e.e.e.....Z.e.d...Z.d.d...Z.e.e...Z.[.g.d...Z.d.Z.e.e.d.....Z.e.e.e.......Z.e.e.i.........Z.e.e.i.........Z.e.e.i.........Z.e.e.g.....Z.e.e.e.g.......Z.e.e.e.d.......Z.e.e.e.d.d.>.......Z.e.e.e.......Z.e.e.d.....Z e.e.d.....Z!e.e.e"......Z#e.i.......Z$e.i.......Z%e.i.......Z&e.e.j'..Z(e.d.d.......Z)d.d...Z*e*..Z*e.e*..Z+e*.,....[*d.d...Z-e-..Z-e.e-..Z.[-d.d...Z/G.d.d...d.e.d...Z0G.d.d...d.e.d...Z1G.d.d...d.e1..Z2e2.3e+....G.d.d...d.e.d...Z4G.d.d ..d e4..Z5G.d!d"..d"e5..Z6e6.3e.....G.d#d$..d$e.d...Z7G.d%d&..d&e7..Z8e8.3e.....e8.3e.....e8.3e.....e8.3e.....e8.3e.....e8.3e.....e8.3e.....e8.3e.....e8.3e.....e8.3e.....e8.3e ....e8.3e!....e8.3e#....G.d'd(..d(e7..Z9G.d)d*..d*e8..Z:e:.3e)....G.d+d,..d,e.d...Z;G.d-d...d.e.d...Z<G.d/d0..d0e;e7e<..Z=G.d1d2..d2e...Z>d3d4..Z?d5d6..Z@d7d8..ZAG.d9d:..d:e.d...ZBG.d;d<..d<e=..ZCeC.3eD....G.d=d>..d>eC..ZEeE.3e.....G.d?d@..d@e=..ZFeF

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\bisect.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2568
                                                                                                                                                                                              Entropy (8bit):5.1890804101228385
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:gfhwHaPJ7Bn7V39r0OCl7VU30bEBn7B3OeuUnCRl7VC3/TZV:8h7Bx39AOC030QB93OeHCRi3VV
                                                                                                                                                                                              MD5:8283A0EA0D93E6D1BF69F545849E25DE
                                                                                                                                                                                              SHA1:85C990B55755104828841378539466EF3419563E
                                                                                                                                                                                              SHA-256:79504CF8F8E2A8F807BD292472C04FA3805CBEA43EC33E8A049711B972BFF313
                                                                                                                                                                                              SHA-512:E72D3A95FC3C2885AE8C9DD8D9E8ACE0C975A2110BCECFC60C12348D41DFB6B2B164C414FC3F7BFDAE0E981F4009EB49B9F6858AFAD524A4876BC41EDAC6D6A3
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@....p...d.Z.d.d.d...d.d...Z.d.d.d...d.d...Z.d.d.d...d.d...Z.d.d.d...d.d...Z.z.d.d.l.T.W.n...e.y1......Y.n.w.e.Z.e.Z.d.S.)...Bisection algorithms......N....keyc....................C....>...|.d.u.r.t.|.|.|.|...}.n.t.|.|.|...|.|.|.d...}.|...|.|.....d.S.)...Insert item x in list a, and keep it sorted assuming a is sorted... If x is already in a, insert it to the right of the rightmost x... Optional args lo (default 0) and hi (default len(a)) bound the. slice of a to be searched.. Nr........bisect_right..insert....a..x..lo..hir......r......bisect.py..insort_right.................r....c....................C.......|.d.k.r.t.d.....|.d.u.r.t.|...}.|.d.u.r1|.|.k.r/|.|...d...}.|.|.|...k.r'|.}.n.|.d...}.|.|.k.s.|.S.|.|.k.rN|.|...d...}.|.|.|.|.....k.rF|.}.n.|.d...}.|.|.k.s5|.S.).....Return the index where to insert item x in list a, assuming a is sorted... The return value i is such that all e in a[:i] have e <= x, and all e in. a[i:] have e

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\brotli.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1493
                                                                                                                                                                                              Entropy (8bit):5.314098095660373
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:gHYNJ2IC+q0z3aPm3rgJsS6WY+VBONjiiVwGajNserHwk6f8qtVT2iGDk860Hm:gH+9Ch0pgP6WY++ixjNAk6EqtVTPGlG
                                                                                                                                                                                              MD5:645249CA25C7D51736BE8E827A558652
                                                                                                                                                                                              SHA1:BB8D4E12B125966715EB6C302D4B4A60F04BCE64
                                                                                                                                                                                              SHA-256:0F091CC03E165E408134F3A20CF77FA13C683BE503A55C2651040480C186D534
                                                                                                                                                                                              SHA-512:158B3E5DE25C0F87F4BD21163919C1A9553C7B58F301B5C8E1B40F54431C91E5185407EE85D6873EA196DFE1F1BE473520A7B9EEF2E135B69A6A82DB41ABF709
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@....V...d.Z.d.d.l.Z.e.j...Z.Z.e.j.Z.e.j.Z.e.j.Z.e.j.Z.e.j.Z.e.d.d.d.f.d.d...Z.e.j.Z.e.j.Z.d.S.)..CFunctions to compress and decompress data using the Brotli library......N..........c....................C...."...t.|.|.|.|.d...}.|...|...|.......S.)..a...Compress a byte string... Args:. string (bytes): The input data.. mode (int, optional): The compression mode can be MODE_GENERIC (default),. MODE_TEXT (for UTF-8 format text input) or MODE_FONT (for WOFF 2.0).. quality (int, optional): Controls the compression-speed vs compression-. density tradeoff. The higher the quality, the slower the compression.. Range is 0 to 11. Defaults to 11.. lgwin (int, optional): Base 2 logarithm of the sliding window size. Range. is 10 to 24. Defaults to 22.. lgblock (int, optional): Base 2 logarithm of the maximum input block size.. Range is 16 to 24. If set to 0, the value will be set based on the. q

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\bz2.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):10850
                                                                                                                                                                                              Entropy (8bit):5.284896366892046
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:eURZ9KATZ38E9/5v7iv25L9Dz+zJ74k17vVfuxwmTy+6GY8hABFFUATxtStyCcQA:BP6Eb22dRCzZlvVowmTVABpbS6t+2
                                                                                                                                                                                              MD5:6742F99C98780ADE923EBBF36EB9AB92
                                                                                                                                                                                              SHA1:0DC7CA9351C2DC6E2B42495D506BB7FF4CB381EA
                                                                                                                                                                                              SHA-256:14340CB02529EBF0D8EE34D0600CB9C8BB054D97D248565A6CD362A55FCA1C5D
                                                                                                                                                                                              SHA-512:4E9FBAE2F6B1CE56BAE910A9A5A55DDA586B5BD2F4A6ABBE61664B8BB5ACE5AFC73622E615496BB306664E6837F90380824294EA4504EA1770E0B7405AF887B6
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@.......d.Z.g.d...Z.d.Z.d.d.l.m.Z...d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.m.Z.m.Z...d.Z.d.Z.d.Z.G.d.d...d.e.j...Z.....d.d.d...Z.d.d.d...Z.d.d...Z.d.S.)...Interface to the libbzip2 compression library...This module provides a file interface, classes for incremental.(de)compression, and functions for one-shot (de)compression......BZ2File..BZ2Compressor..BZ2Decompressor..open..compress..decompress.%Nadeem Vawda <nadeem.vawda@gmail.com>.......r....N..r....r..............c....................@.......e.Z.d.Z.d.Z.d*d.d...d.d...Z.d.d...Z.e.d.d.....Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d+d.d...Z.d,d.d...Z.d,d.d...Z.d.d...Z.d,d.d...Z.d,d.d ..Z.d!d"..Z.d#d$..Z.e.j.f.d%d&..Z.d'd(..Z.d)S.)-r.....@...A file object providing transparent bzip2 (de)compression... A BZ2File can act as a wrapper for an existing file object, or refer. directly to a named file on disk... Note that BZ2File provides a *binary* file interface - data read is. returned as bytes, and data t

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\calendar.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):26227
                                                                                                                                                                                              Entropy (8bit):5.273500257644362
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:r9ZsjX1NmHeR3PgF94uDxilyQOjjmzsSLA14xnoMEcHW8t9s/I5VZJsbKP7:rCNeKu4uDxilyBjmxOcoMEcH2XKP7
                                                                                                                                                                                              MD5:9F293014C1B9136415D112FF3B3FA5D3
                                                                                                                                                                                              SHA1:CB285F3575D9DA3A19A3275DFA3E71839345A2F4
                                                                                                                                                                                              SHA-256:4819BC122521D85FD73D2D877292D97A95050B0B44541F5195FF322AA61840DB
                                                                                                                                                                                              SHA-512:B940F710677D97A01BEE6A0FF074A3F67F09E3A22F989EC53B7721D74B6641A620EAC6005859897CCA356C02F4A7DAA586C6159F9654C2D4AC26A2A4E31C0CC9
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@........d.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.m.Z...g.d...Z.e.Z.G.d.d...d.e...Z.G.d.d...d.e...Z.d.Z.d.Z.g.d...Z.G.d.d...d...Z.G.d.d...d...Z.e.d...Z.e.d...Z.e.d...Z.e.d...Z.e.d...\.Z.Z.Z.Z.Z.Z.Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z d.d...Z!d.d ..Z"d!d"..Z#G.d#d$..d$e$..Z%G.d%d&..d&e%..Z&G.d'd(..d(e%..Z'G.d)d*..d*..Z(G.d+d,..d,e&..Z)G.d-d...d.e'..Z*e&..Z+e+j,Z-d/d0..Z.e+j/Z0e+j1Z1e+j2Z3e+j4Z5e+j6Z6e+j7Z8e+j9Z:e+j;Z<d1Z=d2Z>e=e>f.d3d4..Z?e=e>f.d5d6..Z@d7ZAe..BeAd.d....C..ZDd8d9..ZEd:d;..ZFeGd<k.r.eFe.jH....d.S.d.S.)=.$...Calendar printing functions..Note when comparing these calendars to the ones printed by cal(1): By.default, these calendars have Monday as the first day of the week, and.Sunday as the last (the European convention). Use setfirstweekday() to.set the first day of the week (0=Monday, 6=Sunday)......N....repeat....IllegalMonthError..IllegalWeekdayError..setfirstweekday..firstweekday..isleap..leapdays..weekday..monthrange..monthcalendar..prmonth..m

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\certifi\__init__.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):225
                                                                                                                                                                                              Entropy (8bit):4.590851707868208
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:gexsZvEG/XgcdLTC2Q/22Q//N6/lqNS4G:geeeGBPQJQ3N68NS7
                                                                                                                                                                                              MD5:256FF684929D966CB6C44D7E7D852F05
                                                                                                                                                                                              SHA1:D8F7E6238AE75E8E237A27E5522BCB6465EA2378
                                                                                                                                                                                              SHA-256:731E0D0464BC7CE534C36A6C36B673BE346414D87010A610D7462D525A57D72A
                                                                                                                                                                                              SHA-512:FB3091876FB8A3B51F673C3F71BEB51584BBBEE02D4683D6E7C4698FBFB227FB4069BAA4DB4E20B50FDE674787DE9B64BFFE55F84A6E2328301524876F93266A
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@.... ...d.d.l.m.Z.m.Z...d.d.g.Z.d.Z.d.S.)..........contents..wherer....r......2024.08.30N....corer....r......__all__..__version__..r....r....z.certifi\__init__.py..<module>...............

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\certifi\cacert.pem

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):299427
                                                                                                                                                                                              Entropy (8bit):6.047872935262006
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6144:QW1x/M8fRR1jplkXURrVADwYCuCigT/QRSRqNb7d8iu5Nahx:QWb/TRJLWURrI5RWavdF08/
                                                                                                                                                                                              MD5:50EA156B773E8803F6C1FE712F746CBA
                                                                                                                                                                                              SHA1:2C68212E96605210EDDF740291862BDF59398AEF
                                                                                                                                                                                              SHA-256:94EDEB66E91774FCAE93A05650914E29096259A5C7E871A1F65D461AB5201B47
                                                                                                                                                                                              SHA-512:01ED2E7177A99E6CB3FBEF815321B6FA036AD14A3F93499F2CB5B0DAE5B713FD2E6955AA05F6BDA11D80E9E0275040005E5B7D616959B28EFC62ABB43A3238F0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.# Issuer: CN=GlobalSign Root CA O=GlobalSign nv-sa OU=Root CA.# Subject: CN=GlobalSign Root CA O=GlobalSign nv-sa OU=Root CA.# Label: "GlobalSign Root CA".# Serial: 4835703278459707669005204.# MD5 Fingerprint: 3e:45:52:15:09:51:92:e1:b7:5d:37:9f:b1:87:29:8a.# SHA1 Fingerprint: b1:bc:96:8b:d4:f4:9d:62:2a:a8:9a:81:f2:15:01:52:a4:1d:82:9c.# SHA256 Fingerprint: eb:d4:10:40:e4:bb:3e:c7:42:c9:e3:81:d3:1e:f2:a4:1a:48:b6:68:5c:96:e7:ce:f3:c1:df:6c:d4:33:1c:99.-----BEGIN CERTIFICATE-----.MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG.A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv.b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw.MDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i.YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT.aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ.jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp.xy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\certifi\core.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2100
                                                                                                                                                                                              Entropy (8bit):4.875601670596195
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:gq5BUoxmgDZLaSLlEZxF81g69ehWFCtCewnGJ:dfUC/cZx6aIeGPGJ
                                                                                                                                                                                              MD5:574D9B80C511D453E76F7A1500C00989
                                                                                                                                                                                              SHA1:BD211E262A0AB19453D7E2A58DEF1D6C021CEE36
                                                                                                                                                                                              SHA-256:D3CE6589F2DC0626B706B196A53F205B56056CEE55463D6FF1DABC7E300185F1
                                                                                                                                                                                              SHA-512:3F6FB0ADC3A7920B4CE1F9B094DADE0CAB529B2DC8BD0BC58715FD5C49D3AB145C1AFF341917D76FA7130D3FDEDF8ED33F307F1CE823CE7F22DDB87466C42A20
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@........d.Z.d.d.l.Z.d.d.l.Z.d.d.d...Z.e.j.d.k.r0d.d.l.m.Z.m.Z...d.a.d.a.d.e.f.d.d...Z.d.e.f.d.d...Z.d.S.e.j.d.k.rQd.d.l.m.Z.m.Z...d.a.d.a.d.e.f.d.d...Z.d.e.f.d.d...Z.d.S.d.d.l.Z.d.d.l.Z.d.d.l.m.Z...e.e.j.e.f...Z.e.e.d.f...Z.....d.d.e.d.e.d.e.d.e.d.e.f.d.d...Z.d.e.f.d.d...Z.d.e.f.d.d...Z.d.S.)..e.certifi.py.~~~~~~~~~~..This module returns the installation location of cacert.pem or its contents.......N..returnc....................C........t...d.d.d.....d.S.).N...._CACERT_CTX..__exit__..r....r......certifi\core.py..exit_cacert_ctx...........r....................as_file..filesc....................C....4...t.d.u.r.t.t.d.....d.....a.t.t.......a.t...t.....t.S.).N..certifi..cacert.pem...._CACERT_PATHr....r......joinpathr......str..__enter__..atexit..registerr....r....r....r....r......where...................r....c....................C........t.d.....d...j.d.d...S.).Nr....r......ascii....encoding..r....r......read_textr....r....r....r......contents.........

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\charset_normalizer\__init__.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1521
                                                                                                                                                                                              Entropy (8bit):5.675472519363452
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:gAV4U0b8ybWPxg+QQMzy/ClB3N/PLo3bIB3Nvh4VMhGlXwu+H2C/ZC/BgYfUy:go4jbqjQtyat/c2vhCMhju/C/o/6YfUy
                                                                                                                                                                                              MD5:9B3F6D9382897CA9275CBD21112111DC
                                                                                                                                                                                              SHA1:E87E6C8311BCFE63198A5A60A1EE4B499569D6DA
                                                                                                                                                                                              SHA-256:BE018CCD65BD8B3D4F2561A42A5D780E3B9D3D5DD5917AD95911D5892B37B5AE
                                                                                                                                                                                              SHA-512:E988B9B99E52721DA1B46E0DD9232B0BA79EE2DF249E26755D50800286F1C3D03CB4EEF4AD519352DBFC29C47AD15C7F74832B598ED55FD54DCF485463A976CB
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@....x...d.Z.d.d.l.Z.d.d.l.m.Z.m.Z.m.Z.m.Z...d.d.l.m.Z...d.d.l.m.Z.m.Z...d.d.l.m.Z...d.d.l.m.Z.m.Z...d.Z.e...d.....e.........d.S.).......Charset-Normalizer.~~~~~~~~~~~~~~.The Real First Universal Charset Detector..A library that helps you read text from an unknown charset encoding..Motivated by chardet, This package is trying to resolve the issue by taking a new approach..All IANA character set names for which the Python core library provides codecs are supported...Basic usage:. >>> from charset_normalizer import from_bytes. >>> results = from_bytes('B.... ..... ... ..... .. ............ O............!'.encode('utf_8')). >>> best_guess = results.best(). >>> str(best_guess). 'B.... ..... ... ..... .. ............ O............!'..Others methods and usages are available - see the full documentation.at <https://github.com/Ousret/charset_normalizer>..:copyright

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\charset_normalizer\api.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):11648
                                                                                                                                                                                              Entropy (8bit):5.852461555091965
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:XWeJLv8V6fy4TM8eIGOD5vUD3MHz9ZZER6gJzasTZyZPF8oxA0zIfAgHSKNJCA:XWeJLvc0TM8N630ZZaFzas9WBxA0sfA4
                                                                                                                                                                                              MD5:90DEE46904EBA1AFDB40A6F0E221FA21
                                                                                                                                                                                              SHA1:C8D1A153D01D2610792D6D0E01A4A764C01570F3
                                                                                                                                                                                              SHA-256:21B89DA7C1BD1AE06E6533D82AF62FC9B36FAD81D325FEE4A9049348302874FB
                                                                                                                                                                                              SHA-512:243F484B60655957DFD20F5B9DFE14AEE6042BD36CE72078E49A98B81E8A49CE94190A797CC70292D3E8AA6CEDC5CD98ECE94D146B62C0BAF43F55569C0CE818
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@....L...d.d.l.Z.d.d.l.m.Z...d.d.l.m.Z.m.Z.m.Z.m.Z.m.Z...d.d.l.m.Z.m.Z.m.Z.m.Z...d.d.l.m.Z.m.Z.m.Z.m.Z...d.d.l.m.Z...d.d.l.m.Z.m.Z...d.d.l.m.Z.m.Z.m.Z.m.Z.m.Z.m.Z.m.Z...e.. d...Z!e.."..Z#e#.$e..%d.........................d(d.e.e&e'f...d.e(d.e(d.e)d.e.e.e*....d.e.e.e*....d.e+d.e+d.e)d.e+d.e.f.d.d...Z,..................d(d.e.d.e(d.e(d.e)d.e.e.e*....d.e.e.e*....d.e+d.e+d.e)d.e+d.e.f.d d!..Z-..................d(d"e.e*e&e.f...d.e(d.e(d.e)d.e.e.e*....d.e.e.e*....d.e+d.e+d.e)d.e+d.e.f.d#d$..Z...................d)d%e.e.e*e.e&f...d.e(d.e(d.e)d.e.e.e*....d.e.e.e*....d.e+d.e+d.e)d.e+d.e+f.d&d'..Z/d.S.)*.....N....PathLike....BinaryIO..List..Optional..Set..Union.........coherence_ratio..encoding_languages..mb_encoding_languages..merge_coherence_ratios....IANA_SUPPORTED..TOO_BIG_SEQUENCE..TOO_SMALL_SEQUENCE..TRACE....mess_ratio....CharsetMatch..CharsetMatches....any_specified_encoding..cut_sequence_chunks..iana_name..identify_sig_or_bom..is_cp_similar..is_multi_b

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\charset_normalizer\cd.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):9597
                                                                                                                                                                                              Entropy (8bit):5.544858614968908
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:ozqRXboHRH+tBqz+mspqUuOKMpPc7Gsvo+JORJtTatBAg/mZ6TpC:oe9S+nmySOKGPc7Gsvo+JORJQ7AgOAtC
                                                                                                                                                                                              MD5:18F7604974BD2F1105CDE21524357515
                                                                                                                                                                                              SHA1:B33BF30E83B5D2D931821B981A5A01742935D9F4
                                                                                                                                                                                              SHA-256:95C64CE9DE92FD32555C8E23180FAF6357CA889827924DCF9BC2F7469D311A06
                                                                                                                                                                                              SHA-512:FE9EA0D4A6E5D62E222AA25C033354B3C263CCCD19625A370A5CB45A8D12C1F376859B07F8ED8AEE13EB926FE22ABEE41D6496F4FCCD96D6D19FB830C641040E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@........d.d.l.Z.d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z.m.Z.m.Z.m.Z.m.Z...d.d.l.m.Z.m.Z.m.Z.m.Z.m.Z...d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z.m.Z.m.Z.m.Z.m.Z...d.e.d.e.e...f.d.d...Z.d.e.d.e.e...f.d.d...Z.e...d.e.d.e.e...f.d.d.....Z e...d.e.d.e.e...f.d.d.....Z!e.e.d...d.e.d.e.e"e"f...f.d.d.....Z#..d0d.e.e...d.e"d.e.e...f.d.d...Z$d.e.d.e.e...d.e%f.d d!..Z&d"e.d.e.e...f.d#d$..Z'd%e.e...d.e.f.d&d'..Z(d%e.d.e.f.d(d)..Z)e.d*d.....d1d"e.d,e%d-e.e...d.e.f.d.d/....Z*d.S.)2.....N....IncrementalDecoder....Counter....lru_cache..r......Dict..List..Optional..Tuple.........FREQUENCIES..KO_NAMES..LANGUAGE_SUPPORTED_COUNT..TOO_SMALL_SEQUENCE..ZH_NAMES... is_suspiciously_successive_range....CoherenceMatches....is_accentuated..is_latin..is_multi_byte_encoding..is_unicode_range_secondary..unicode_range..iana_name..returnc............................t.|...r.t.d.....t...d...|.....j.}.|.d.d...}.i...d...t.d.d...D.]/}.|...t.|.g.....}.|.rNt.|...}.|.d.u.r4q.t.|...d.u.rN|...

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\charset_normalizer\constant.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):30393
                                                                                                                                                                                              Entropy (8bit):5.9803133241204
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:768:XvZKN0taqbKcwWiSqCDEOuV6OWNwFP1SoLsyXAp2dcrr+LlR//fkqapWYnXZGrou:XvZ6EKcRiSH4ORRO/RLv0draZZ9cxok4
                                                                                                                                                                                              MD5:7FAD4D654E3F7A55F78CEA4571802AC7
                                                                                                                                                                                              SHA1:5EF32ACD6E512F8398F9194DED50A776FE181EF7
                                                                                                                                                                                              SHA-256:31A1BD5ED4A42DC09F78A7F051321CB29FEB8D2B5D80FED5298CEBCEA54E0056
                                                                                                                                                                                              SHA-512:472FF663429942EB425D0394215659470F344FBE2C6340246255EDC4178811C54103413D208A6075E9EC24CA7F864B73D793CBB0D1DC7BCAD27B1F0A0006BEDF
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@....~...U.d.d.l.m.Z.m.Z.m.Z.m.Z.m.Z...d.d.l.m.Z...d.d.l.m.Z.m.Z...d.d.l.m.Z.m.Z.m.Z.m.Z...e.g.d...d.e.e.g.e.e.g.d...Z.e.e.e.e.e.e...f...f...e.d.<.d.Z.e.e.d.<.e.d...Z.e.e.d.<.d.Z.e.e.d.<.i.d.e.d.....d.e.d.d.....d.e.d.d.....d.e.d.d.....d.e.d.d.....d.e.d.d.....d.e.d.d.....d.e.d.d.....d.e.d.d.....d e.d.d!....d"e.d!d#....d$e.d#d%....d&e.d%d'....d(e.d'd)....d*e.d)d+....d,e.d+d-....d.e.d-d/....i.d0e.d/d1....d2e.d1d3....d4e.d3d5....d6e.d5d7....d8e.d7d9....d:e.d9d;....d<e.d;d=....d>e.d=d?....d@e.d?dA....dBe.dAdC....dDe.dCdE....dFe.dEdG....dHe.dGdI....dJe.dIdK....dLe.dKdM....dNe.dMdO....dPe.dOdQ......i.dRe.dQdS....dTe.dSdU....dVe.dUdW....dXe.dWdY....dZe.dYd[....d\e.d[d]....d^e.d]d_....d`e.d_da....dbe.dadc....dde.dcde....dfe.dedg....dhe.dgdi....dje.didk....dle.dkdm....dne.dmdo....dpe.dodq....dre.dqds......i.dte.dsdu....dve.dudw....dxe.dwdy....dze.dyd{....d|e.d{d}....d~e.d}d.....d.e.d.d.....d.e.d.d.....d.e.d.d.....d.e.d.d.....d.e.d.d.....d.e.d.d.....d.e.d.d...

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\charset_normalizer\legacy.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2126
                                                                                                                                                                                              Entropy (8bit):5.4711551179822
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:ggSnE81Pny81wYbebSh3Ue75yubxKp4/hXqI+:fG1Py8eYbebSyo5ycFxqD
                                                                                                                                                                                              MD5:907E8CC1A5B538D59068A9EC12890B61
                                                                                                                                                                                              SHA1:DC1EF73299589C136B6BEDC739424E331DA56F32
                                                                                                                                                                                              SHA-256:30B739980333F3980546AB66AB046C094D48E9DCEDFECA2EF3DA6D3E76EFB041
                                                                                                                                                                                              SHA-512:09A674FF746B61CEE8E91CB7DFA40418B57B9FA91653B37D27E43EB4EF39F8E7608D2F8FE566C4D35A8AF3C7340D9B05B1813377E9D481FBAA826E8360BF2BEC
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@....v...d.d.l.m.Z...d.d.l.m.Z.m.Z.m.Z...d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...e.r2d.d.l.m.Z...G.d.d...d.e...Z...d.d.d.d...Z.d.S.)..........annotations....TYPE_CHECKING..Any..Optional....warn.........from_bytes....CHARDET_CORRESPONDENCE....TypedDictc....................@....&...e.Z.d.Z.U.d.e.d.<.d.e.d.<.d.e.d.<.d.S.)...ResultDict..Optional[str]..encoding..str..language..Optional[float]..confidenceN....__name__..__module__..__qualname__..__annotations__..r....r......charset_normalizer\legacy.pyr.....................r....F..byte_str..bytes..should_rename_legacy..bool..kwargsr......returnc....................K........t.|...r.t.d.d...t.|...........d.......t.|.t.t.f...s#t.d...t.|.........t.|.t...r,t.|...}.t.|.......}.|.d.u.r9|.j.n.d.}.|.d.u.rG|.j.d.k.rG|.j.n.d.}.|.d.u.rRd.|.j...n.d.}.|.d.u.rc|.d.k.rc|.j.rc|.d.7.}.|.d.u.ro|.t.v.rot.|...}.|.|.|.d...S.)..J.... chardet legacy method. Detect the encoding of the given byte string. It should be mostly backw

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\charset_normalizer\md.cp310-win_amd64.pyd

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):10752
                                                                                                                                                                                              Entropy (8bit):4.82516630102953
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:700fK74ACb0xx2uKynu10YLsgxwJiUNiL0U5IZsJFPGDtCFOCQAASmHcX6g8H4ao:QFCk2z1/t12iwU5usJFqCyVcqgg
                                                                                                                                                                                              MD5:F4F7F634791F26FC62973350D5F89D9A
                                                                                                                                                                                              SHA1:6BE643BD21C74ED055B5A1B939B1F64B055D4673
                                                                                                                                                                                              SHA-256:45A043C4B7C6556F2ACFC827F2FF379365088C3479E8EE80C7F0A2CEB858DCC6
                                                                                                                                                                                              SHA-512:4325807865A76427D05039A2922F853287D420BCEBDA81F63A95BF58502E7DA0489060C4B6F6FFD65AA294E1E1C1F64560ADD5F024355922103C88B2CF1FD79B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$....................X...................................^............................4...........Rich....................PE..d...c#.g.........." ...).....................................................p............`..........................................'..p...`(..d....P.......@...............`..,...`#.............................. "..@............ ...............................text............................... ..`.rdata....... ......................@..@.data........0......."..............@....pdata.......@.......$..............@..@.rsrc........P.......&..............@..@.reloc..,....`.......(..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\charset_normalizer\md__mypyc.cp310-win_amd64.pyd

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):122368
                                                                                                                                                                                              Entropy (8bit):5.903697891709302
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:1536:5ewkbk74PoxchHGTm/SCtg5MbfFPjPNoSLn2dkp2A/2pQKP:5endPox6HGTOLtg6bfFhDLkkCpQK
                                                                                                                                                                                              MD5:47EE4516407B6DE6593A4996C3AE35E0
                                                                                                                                                                                              SHA1:293224606B31E45B10FB67E997420844AE3FE904
                                                                                                                                                                                              SHA-256:F646C3B72B5E7C085A66B4844B5AD7A9A4511D61B2D74153479B32C7AE0B1A4C
                                                                                                                                                                                              SHA-512:EFA245C6DB2AEE2D9DB7F99E33339420E54F371A17AF0CF7694DAF51D45AEBFBAC91FC52DDB7C53E9FC73B43C67D8D0A2CAA15104318E392C8987A0DAD647B81
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Antivirus:
                                                                                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........VyR.7...7...7...O...7.......7...O...7.......7.......7.......7..JB...7...7..b7......7......7......7......7..Rich.7..........PE..d...b#.g.........." ...).6...........7.......................................0............`......................................... ...d.................................... ......@...................................@............P...............................text...(4.......6.................. ..`.rdata...Y...P...Z...:..............@..@.data....=.......0..................@....pdata..............................@..@.rsrc...............................@..@.reloc....... ......................@..B................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\charset_normalizer\models.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):11963
                                                                                                                                                                                              Entropy (8bit):5.232135678893072
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:Rj8lTF3s0UVo82H7ADp8AvOv4ARWouIfxrftLdwHYHC7XiyRh+O2uZ5DrpVx2K9/:RiTF80UVo82H7ADOAvO4ARWouIfxjtL8
                                                                                                                                                                                              MD5:E81FA915ED4D6CAA728EC1C3052759AD
                                                                                                                                                                                              SHA1:21D3F620F2C13B0D00B02E4CAE5E1A3926AC05F8
                                                                                                                                                                                              SHA-256:9DCA7D56E8DCF92CC7E563B30C437FF162C352CE9B5D58B7EA8591A317340596
                                                                                                                                                                                              SHA-512:F01B337E1E4434F63B97885823F650546C4A3298C760AF03D0373704A28C9CF3B8AD62BF6A3EA48D2598805FF62D0832374CC7F5B85CCD4AC3AF5E8D133E27A9
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@.......d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z.m.Z.m.Z.m.Z.m.Z.m.Z.m.Z...d.d.l.m.Z.m.Z...d.d.l.m.Z.m.Z.m.Z...G.d.d...d...Z.G.d.d...d...Z.e.e.e.f...Z.e.e...Z.G.d.d...d...Z.d.S.)..........aliases....sha256....dumps....sub....Any..Dict..Iterator..List..Optional..Tuple..Union.........RE_POSSIBLE_ENCODING_INDICATION..TOO_BIG_SEQUENCE....iana_name..is_multi_byte_encoding..unicode_rangec....................@........e.Z.d.Z.....d>d.e.d.e.d.e.d.e.d.d.d.e.e...d.e.e...f.d.d...Z.d.e.d.e.f.d.d...Z.d.e.d.e.f.d.d...Z.e.d.e.f.d.d.....Z.d.e.f.d.d...Z.d.e.f.d.d...Z.d?d.d...Z.e.d.e.f.d.d.....Z.e.d.e.e...f.d.d.....Z.e.d.e.f.d.d.....Z.e.d.e.f.d d!....Z.e.d.e.e...f.d"d#....Z.e.d.e.f.d$d%....Z.e.d.e.f.d&d'....Z.e.d.e.f.d(d)....Z.e.d.e.f.d*d+....Z.e.d.e.f.d,d-....Z.e.d.e.f.d.d/....Z.e.d.e.d...f.d0d1....Z.e.d.e.f.d2d3....Z.e.d.e.e...f.d4d5....Z.e.d.e.e...f.d6d7....Z d@d9e.d.e.f.d:d;..Z!e.d.e.f.d<d=....Z"d.S.)A..CharsetMatchN..payload..guessed_encoding..m

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\charset_normalizer\utils.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):8855
                                                                                                                                                                                              Entropy (8bit):5.4921226311548965
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:ynaWBnyfyXwAmTpiNO6wK6jxQzpbzOoALuw80i2AZo/6sfzBx7N/ZbKi9LbqO:5LA6jwSuwtiFZstzSALb5
                                                                                                                                                                                              MD5:8414851E26FC4043190C78A55D8D1ECE
                                                                                                                                                                                              SHA1:D9B8CA98B8DB0207E7CB63E178E83139A85252C3
                                                                                                                                                                                              SHA-256:3DAA72B18ABAF8794C93705699C77C660A7EC4DBD71219A9B9E9272BD70728D3
                                                                                                                                                                                              SHA-512:A8C52F54AA8D9D7708F484603AB0134E40876B4AAB3CA3097FA38AC60FF57A43C08142AAFDC4C2C0ED9A5970F923948B2355882D1C2530E6D7519C48E9233516
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@........d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z.m.Z.m.Z.m.Z.m.Z.m.Z...d.d.l.m.Z...d.d.l.m.Z.m.Z.m.Z.m.Z.m.Z.m.Z...e.e.d...d.e.d.e.f.d.d.....Z.e.e.d...d.e.d.e.f.d.d.....Z.e.e.d...d.e.d.e.e...f.d.d.....Z.e.e.d...d.e.d.e.f.d.d.....Z e.e.d...d.e.d.e.f.d.d.....Z!e.e.d...d.e.d.e.f.d.d.....Z"e.e.d...d.e.d.e.f.d.d.....Z#e.e.d...d.e.d.e.f.d.d.....Z$e.e.d...d.e.d.e.f.d.d.....Z%e.e.d...d.e.d.e.f.d.d ....Z&e.e.d...d.e.d.e.f.d!d"....Z'e.e.d...d.e.d.e.f.d#d$....Z(e.e.d...d.e.d.e.f.d%d&....Z)e.e.d...d.e.d.e.f.d'd(....Z*e.e.d...d.e.d.e.f.d)d*....Z+e.e.d...d.e.d.e.f.d+d,....Z,e.e-e...d...d-e.d.e.f.d.d/....Z.e.e.d...d.e.d.e.f.d0d1....Z/d_d3e0d4e1d.e.e...f.d5d6..Z2e.d7d...d8e.d.e.f.d9d:....Z3d3e0d.e.e.e...e0f...f.d;d<..Z4d=e.d.e.f.d>d?..Z5d`dAe.dBe.d.e.f.dCdD..Z6dEe.d.e.e...f.dFdG..Z7dHe.dIe.d.e8f.dJdK..Z9dHe.dIe.d.e.f.dLdM..Z:dNe.j;dOf.d8e.dPe1dQe.d.d.f.dRdS..Z<..dadTe0dUe.dVe=dWe1dXe.dYe.dZe0d[e.d\e.e...d.e.e.d.d.f...f.d]d^

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\charset_normalizer\version.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):207
                                                                                                                                                                                              Entropy (8bit):4.895217425847445
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:ztWl/zlr/bkszHuBmh2V5XL6rLynKCLcTkWwlflLNEG06GVyWD8ITkTi:g/zGszf2rb6rLrbie6G3D8Isi
                                                                                                                                                                                              MD5:DDA1F43C9841229EFF43B34D814D9E3C
                                                                                                                                                                                              SHA1:6CAAD919A585667FF520F9121CCC51E58B6A4054
                                                                                                                                                                                              SHA-256:79C8C31DF336025A317E803EB4648666E7A03FBADBA0660FD27D915F28684F90
                                                                                                                                                                                              SHA-512:C840E62F790E12F357D3A24A8189F4291CD090D30871627D19ABA60B694F0EA6EA7AF6C1D74AD51695EFB6223656CA7B56919D91E45B24B275D9F6C74C657854
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@........d.Z.d.Z.e...d...Z.d.S.)....Expose version...3.4.0...N....__doc__..__version__..split..VERSION..r....r....z.charset_normalizer\version.py..<module>...............

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\contextlib.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):20822
                                                                                                                                                                                              Entropy (8bit):5.108191398869505
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:/rdg3xgjpX8UbC62VT92iLqN7VENxUCqgIN8KHaJ:jdg3QX8kcT9Hq8N/RKHQ
                                                                                                                                                                                              MD5:F10F76E4AA08F7107C353ED5D7256054
                                                                                                                                                                                              SHA1:569826BDB242287F086A517D645FAA24117D7B9B
                                                                                                                                                                                              SHA-256:DE98FE3546614B65772548D67038F4F799000CBAD2367672530F3AC165B1AE50
                                                                                                                                                                                              SHA-512:7CA962BF60AC1B22E2014AE90D17BB3BA921A012372CC89DB5760D13F631BCCB17E4D1BA422F723FE6F4F71A45A26A5B0337D60D8888896B29EC20B33F5EB79C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@....~...d.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z.m.Z...g.d...Z.G.d.d...d.e.j...Z.G.d.d...d.e.j...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.G.d.d...d...Z.G.d.d...d.e.e.e...Z.G.d.d...d.e.e.e...Z.d.d...Z.d.d...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.G.d.d ..d e...Z.G.d!d"..d"e...Z.G.d#d$..d$e...Z.G.d%d&..d&..Z.G.d'd(..d(e.e...Z.G.d)d*..d*e.e...Z.G.d+d,..d,e.e...Z d.S.)-.4Utilities for with-statement contexts. See PEP 343......N....deque....wraps....MethodType..GenericAlias....asynccontextmanager..contextmanager..closing..nullcontext..AbstractContextManager..AbstractAsyncContextManager..AsyncExitStack..ContextDecorator..ExitStack..redirect_stdout..redirect_stderr..suppress..aclosingc....................@....:...e.Z.d.Z.d.Z.e.e...Z.d.d...Z.e.j.d.d.....Z.e.d.d.....Z.d.S.).r.....,An abstract base class for context managers.c....................C........|.S.)..0Return `self` upon entering the runtime context.......selfr....r......co

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\contextvars.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):226
                                                                                                                                                                                              Entropy (8bit):4.520999270328814
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:gexsZv2e2equ9ypTSEATIF/El3ZlqzcIVtZId:geeA2lypvnFsRWjVcd
                                                                                                                                                                                              MD5:62609BAA0490C03BF48884DACA865090
                                                                                                                                                                                              SHA1:48A28B6F4643BFDF1323FF397C6E917EDFD8D579
                                                                                                                                                                                              SHA-256:88DD9F4C211CFC25E964E2A11CD53DAFE4AF0115AD7EFD78E78951CC963BFB0C
                                                                                                                                                                                              SHA-512:FBF70ED76DA60FB7DA43B17523A89EEECA8655503B98AD0DF685C7EDF65874F400026D565CB3F6383EE1A142A7A33B4EBD98B88DD3E52A9148C9B12EC9F98CD4
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@.... ...d.d.l.m.Z.m.Z.m.Z.m.Z...d.Z.d.S.)..........Context..ContextVar..Token..copy_contextN...._contextvarsr....r....r....r......__all__..r....r....z.contextvars.py..<module>.............

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\copy.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):6963
                                                                                                                                                                                              Entropy (8bit):5.438461030836543
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:2xPakDZxS5GiVc3isTm2jbbOUyrmuh7Md+dqMMQkNRDq:Ua0/S5G4cRKQbrh4dkc
                                                                                                                                                                                              MD5:F1C09EE419D22059F218336B72CFD767
                                                                                                                                                                                              SHA1:02A143BA5195B10AC28AA47F7018C6684235E07A
                                                                                                                                                                                              SHA-256:0ED2C70FEA770F0DB3881B34D9AC6E4CCCCBC2D5245D0ECD37329E7477FDEA74
                                                                                                                                                                                              SHA-512:39DFF4101EFF9255E799C435C5C77C9F65A237AE60D2A5752F40C9A5D011002A830C76939C6B0F3BA93C8E7246DC7CD6D5F8723AB52D43B5479D870EE6509930
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@....V...d.Z.d.d.l.Z.d.d.l.Z.d.d.l.m.Z...G.d.d...d.e...Z.e.Z.z.d.d.l.m.Z...W.n...e.y-......d.Z.Y.n.w.g.d...Z.d.d...Z.i...Z.Z.d.d...Z.e.d...e.e.e.e.e.e.e.e.e.e.e.e.e.j.e.e...e.e...e.j.e.j f.D.].Z!e.e.e!<.q[e"e.d.d...Z!e!d.u.rpe.e.e!<.e#j.e.e#<.e$j.e.e$<.e%j.e.e%<.e&j.e.e&<.e.d.u.r.e.j.e.e.<.[.[!d.g.f.d.d...Z'i...Z(Z.d.d...Z)e)e.e.d...<.e)e.e.e...<.e)e.e.e...<.e)e.e.<.e)e.e.<.e)e.e.<.e)e.e.<.e)e.e.<.e)e.e.<.e)e.e.j*<.e)e.e.<.e)e.e.<.e)e.e.j.<.e)e.e.j.<.e)e.e.j <.e)e.e.<.e'f.d.d...Z+e+e.e#<.e'f.d.d...Z,e,e.e.<.e'f.d.d...Z-e-e.e$<.e.d.u...r.e-e.e.<.d.d...Z.e.e.e.j/<.[.d.d...Z0..d.e'd...d.d...Z1[.[.[.d.S.)......Generic (shallow and deep) copying operations...Interface summary:.. import copy.. x = copy.copy(y) # make a shallow copy of y. x = copy.deepcopy(y) # make a deep copy of y..For module specific errors, copy.Error is raised...The difference between shallow and deep copying is only relevant for.compound objects (object

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\csv.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):11756
                                                                                                                                                                                              Entropy (8bit):5.473410103904829
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:VJq1+BvzXv6AomtdBs4DqwZQyrzKbydGA3LYPqO0GX8GWFoKzckOMsotMdD2C9q:VJqqzXv6AHq4GyWWQA0tghzJfCd9q
                                                                                                                                                                                              MD5:01EBD51112A10F9399D1F081F9A0852C
                                                                                                                                                                                              SHA1:3ECF4580C6959EB8BEDC2CF74F744426078F11B4
                                                                                                                                                                                              SHA-256:7D2102B6268B7A04E8BEFD19351BB7F2BEA97E38918881327AB0B3647826E927
                                                                                                                                                                                              SHA-512:C8E1C3A402CD3090CD8AFE34D0C2430CD483D997CBFF7712B69174DD1D446D39891C1F56590BFF495D91D20FC1600108EF4B518708ADF46D642F9F3D12392728
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@........d.Z.d.d.l.Z.d.d.l.m.Z.m.Z.m.Z.m.Z.m.Z.m.Z.m.Z.m.Z.m.Z.m.Z.m.Z.m.Z.m.Z.m.Z...d.d.l.m.Z...d.d.l.m.Z...g.d...Z.G.d.d...d...Z.G.d.d...d.e...Z.e.d.e.....G.d.d...d.e...Z.e.d.e.....G.d.d...d.e...Z.e.d.e.....G.d.d...d...Z.G.d.d...d...Z.z.e...W.n...e.y.......e.Z.Y.n.w.G.d.d...d...Z.d.S.)..+.csv.py - read/write/investigate CSV files......N....Error..__version__..writer..reader..register_dialect..unregister_dialect..get_dialect..list_dialects..field_size_limit..QUOTE_MINIMAL..QUOTE_ALL..QUOTE_NONNUMERIC..QUOTE_NONE..__doc__....Dialect....StringIO..r....r....r....r....r....r....r......excel..excel_tabr....r....r....r....r....r......Snifferr....r......DictReader..DictWriter..unix_dialectc....................@....D...e.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.d...Z.d.d...Z.d.S.).r......Describe a CSV dialect... This must be subclassed (see csv.excel). Valid attributes are:. delimiter, quotechar, escapechar, doublequote, skipinitialspace,.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\dataclasses.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):26480
                                                                                                                                                                                              Entropy (8bit):5.409121759857592
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:768:PmB3+fSRd6t4QqKFS9jsZTHzSyw5RDHh0unW3kff5g:PmB3+SRd3QqKUVsZ/Syw5RDHh2kff5g
                                                                                                                                                                                              MD5:9E1FD5EFA92A1639341BA5D928E54408
                                                                                                                                                                                              SHA1:3E22917854B49BD1EA3D5EC8D44B03FA783660C0
                                                                                                                                                                                              SHA-256:5354E09FE3C8377D118D83065E81C1EE8A5BB1D02BA0EFD5A2E17EF01B28C691
                                                                                                                                                                                              SHA-512:BB13E51F9BA2BF2C460B6E22BC8A7ED2AE8EB41F4ED27631094307444254F70FDEE25CD199C32296CDC2C329EEFAD76CEFFD33FBED6329B6211C43218929525B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@........d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.m.Z.m.Z...g.d...Z.G.d.d...d.e...Z.G.d.d...d...Z.e...Z.G.d.d...d...Z.e...Z.G.d.d...d...Z.e...Z.e...i...Z.G.d.d...d...Z.e.d...Z.e.d...Z.e.d...Z.d.Z.d.Z.d.Z.e...d...Z.d.d...Z G.d.d...d...Z!G.d.d...d...Z"G.d.d...d...Z#e.e.d.d.d.d.d.e.d...d.d ..Z$d!d"..Z%d#d$..Z&d.d.e.d%..d&d'..Z'd(d)..Z(d*d+..Z)d,d-..Z*d.d/..Z+d0d1..Z,d2d3..Z-d4d5..Z.d6d7..Z/d8d9..Z0d:d;..Z1d<d=..Z2d>d?..Z3d@dA..Z4dBdC..Z5dDdE..Z6dFdG..Z7dHdI..Z8dJdK..Z9i.dLd...dMd...dNd...dOd...dPe7..dQd...dRe8..dSd...dTe8..dUe9..dVe8..dWe9..dXe8..dYe9..dZe8..d[e9..Z:d\d]..Z;d^d_..Z<d`da..Z=dbdc..Z>d~d.d.d.ddddddd.ddddde..dfdg..Z?dhdi..Z@djdk..ZAdldm..ZBeCdn..dodp..ZDdqdr..ZEeFds..dtdu..ZGdvdw..ZHdxd.d.d.d.ddddddd.dddddy..dzd{..ZId|d}..ZJd.S.)......N....FunctionType..GenericAlias....dataclass..field..Field..FrozenInstanceError..InitVar..KW_ONLY..MISSING..fields..asdict..astuple..make_dataclass..replace..is_da

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\datetime.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):56605
                                                                                                                                                                                              Entropy (8bit):5.305031144785569
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:1536:0oPVWeEp4kIe83VF3GLq8L1fhDhnR7stF:0WsHoNCq8ZN7sH
                                                                                                                                                                                              MD5:85EDB9E15DE2E1CC72E91BB340763078
                                                                                                                                                                                              SHA1:371BAA6199D5EF80D7580164259AD5925CC52A18
                                                                                                                                                                                              SHA-256:2B395208738C74CB0CF4D4E8EB46C2CAC115BF28F1528466120C6E9763861B30
                                                                                                                                                                                              SHA-512:6FCE0984D907465BD35A5597A7CEF0F50D135F1ADCFA258D443AE0B12E093B1C45CD0B3C326E072C0CB110C3B4AD9914EF0E3E2F047E45C175F2A6316845FC4F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@....r...d.Z.d.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.m.Z...d.d...Z.d.Z.d.Z.d.Z.g.d...Z.d.g.Z.d.Z.e.d.d.....D.].Z.e...e.....e.e.7.Z.q/[.[.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.e.d...Z.e.d...Z.e.d...Z.e.d.k.scJ...e.d.e...d...k.smJ...e.d.e...d...k.swJ...d.d...Z.g.d...Z.g.d...Z.d d!..Z.d\d#d$..Z.d%d&..Z d'd(..Z!d)d*..Z"d+d,..Z#d-d...Z$d/d0..Z%d1d2..Z&d3d4..Z'd5d6..Z(d7d8..Z)d9d:..Z*d;d<..Z+G.d=d>..d>..Z,e,d?..e,_-e,d@dAdBdBdCdD..e,_.e,d.dE..e,_/G.dFdG..dG..Z0e0Z1e0d.d.d...e0_-e0d.dHdI..e0_.e,d.dJ..e0_/G.dKdL..dL..Z2G.dMdN..dNe3..Z4e4Z5[4e2Z6G.dOdP..dP..Z.e.Z7e.d.d.d...e._-e.dAdBdBdC..e._.e,d.dE..e._/G.dQdR..dRe0..Z8e8d.d.d...e8_-e8d.dHdIdAdBdBdC..e8_.e,d.dE..e8_/dSdT..Z9G.dUdV..dVe2..Z:e:.;e,d.....e:_<e:.;e,dAdBdW......e:_-e:.;e,dAdBdW....e:_.e8dXd.d.e:j<dY..Z=z.d.dZl>T.W.n...e?..y.......Y.d.S.w.[.[.[.[.[.[.[=[.[.[.['[([)[%[&[.[*[1[.[.[.[.[ [.[.[9[.[.[.[7[6[![.[+["[$[#[5d.d[l>m.Z...d.S.)]..Concrete date/time and related types...See http://www.iana.org/time-

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\decimal.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):342
                                                                                                                                                                                              Entropy (8bit):4.557545897065008
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:gUR/WbkbVvkqXEG1OghzwNkHE9VlJrEXNJMoC2sgQIPIb:gU5WAZJJhhz8kk9Vll+NCoDcIPk
                                                                                                                                                                                              MD5:AEB78EDB5C7DA307531BCF8C3736CE16
                                                                                                                                                                                              SHA1:4D43A839CA5633ED18F8C20C05588D6F4B5B640E
                                                                                                                                                                                              SHA-256:06C0506327ABFCBF2821FD5C6447DE84D0BC84D483CAF4A423C69F38BA27791C
                                                                                                                                                                                              SHA-512:03CB9501DE17A8BA5F3F7C4EDB2431DD8489949F8C04AF66F14515BEBC985507058957AB655A04B47915A3F18ACBC3B6721E463BD841F00B983631CEF80698D3
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@....t...z.d.d.l.T.d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...W.d.S...e.y9......d.d.l.T.d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...Y.d.S.w.)..........*....__doc__....__version__....__libmpdec_version__N...._decimalr....r....r......ImportError.._pydecimal..r....r....z.decimal.py..<module>...............................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\dis.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):15636
                                                                                                                                                                                              Entropy (8bit):5.496861983103317
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:xDdPwGD0g888L7sDBPhMoIDfl2mTq6SxtsTdFdx2tv:xDdR4iuplInxKTdFatv
                                                                                                                                                                                              MD5:6B466EA646ACB5C8CE5D3DA303C481BC
                                                                                                                                                                                              SHA1:9C102B1182AC62E2B6B30D9093B019C610BCE016
                                                                                                                                                                                              SHA-256:632246E845E8741C16A6333F19096086619B5CB4BEF417BC7192AD626AF56208
                                                                                                                                                                                              SHA-512:E897B8279093FA00B57EEF8A422097F3717BCB04BE24D8FC55626EC9B7D62FC1C6795BA4161B0A24ED7F60E71B63DA6776EEDFE1C624154394AC0427C2580B66
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@........d.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.T.d.d.l.m.Z...g.d...e...Z.[.e.j.e.j.e.j.e.e.e.f.Z.e.d...Z.d.e.d.f.e.d.f.e.d.f.f.Z.e.d...Z.d.Z.d.d...Z.dVd.d.d...d.d...Z.dVd.d...d.d...Z.d.d.d.d.d.d.d.d.d.d.d...Z.d d!..Z.d"d#..Z.d$d%..Z.d&d'..Z.d.d...d(d)..Z.e.. d*d+..Z!d,e!j"_.d-e!j._.d.e!j#_.d/e!j$_.d0e!j%_.d1e!j&_.d2e!j'_.d3e!j(_.d4Z)d5Z*G.d6d7..d7e!..Z+d.d8..d9d:..Z,d;d<..Z-d=d>..Z.....dWd?d@..Z/dXd.d...dBdC..Z0d.d.d...dDdE..Z1....dYd.d.dF..dGdH..Z2dIdJ..Z3e0Z4dKdL..Z5dMdN..Z6dOdP..Z7G.dQdR..dR..Z8dSdT..Z9e:dUk...r.e9....d.S.d.S.)Z.0Disassembler of Python byte code into mnemonics......N....*....__all__....code_info..dis..disassemble..distb..disco..findlinestarts..findlabels..show_code..get_instructions..Instruction..Bytecode..FORMAT_VALUE..N....str..repr..ascii..MAKE_FUNCTION....defaults..kwdefaults..annotations..closurec....................C....4...z.t.|.|.d...}.W.|.S...t.y.......t.|.|.d...}.Y.|.S.w.)...Attempts to compile the given source, fir

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\email\__init__.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1540
                                                                                                                                                                                              Entropy (8bit):4.829104347753114
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:gaiwQTrfch6OD9UULNo7fH6fNB4NgqNQY:riprfch6Olorw+gWQY
                                                                                                                                                                                              MD5:7F86EA377A15AF20EFF991C4DA31336F
                                                                                                                                                                                              SHA1:359E4EFE753E8EA8221B65A2F8622F132A334193
                                                                                                                                                                                              SHA-256:7E81800D915AC24E331F4B5DE01D508E68F2FA4E235EFBB5A98B1410338C5F9B
                                                                                                                                                                                              SHA-512:8BD58379E21769D8ADA4201543A4B083EB55E876BBE38BAF22CFE6D0B0B0D38C30F28E5FC167A7CA6D66B0B517CAEEBFDBC82FF1A3267F98AAD591DA9E0919CD
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@....0...d.Z.g.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.S.)..?A package for parsing, handling, and generating email messages.....base64mime..charset..encoders..errors..feedparser..generator..header..iterators..message..message_from_file..message_from_binary_file..message_from_string..message_from_bytes..mime..parser..quoprimime..utilsc....................O.... ...d.d.l.m.}...|.|.i.|.......|...S.)..vParse a string into a Message object model... Optional _class and strict are passed to the Parser constructor.. .........Parser....email.parserr......parsestr....s..args..kwsr......r!.....email\__init__.pyr.... ............r....c....................O...r....)..|Parse a bytes string into a Message object model... Optional _class and strict are passed to the Parser constructor.. r........BytesParser..r....r&.....parsebytes..r....r....r ...r&...r!...r!...r"...r....(...r#...r....c....................O...r....)...Read a file and parse its contents i

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\email\_encoded_words.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5718
                                                                                                                                                                                              Entropy (8bit):5.438341704589463
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:lOU9w0nDwRCpgTTu2Q+cqsqTta3T8qCpjjRtPk6eXLvHLnrg8NNOGbM/Qfe:FDvCuRDYRy8h7PUL/gGN6Yfe
                                                                                                                                                                                              MD5:F11DB3FCFDFDDC66D5B8876753ABD314
                                                                                                                                                                                              SHA1:C6920B536CD564215D2826385417ED71C4433E14
                                                                                                                                                                                              SHA-256:87753655845D8FEE48B62E19B672622319B812CA585C90E14AC31B6FFEA6C60F
                                                                                                                                                                                              SHA-512:F0E9BCD9C8750A02714F16017BF71C6F6F29684F4713BD52DF5650C3B743A9B3183C62887BD3B6EE43042DED510B2095ADFD973204563524943642B227044AC8
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@........d.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.m.Z.m.Z...d.d.l.m.Z...g.d...Z.e...e...d...j.d.d.....Z.d.d...Z.G.d.d...d.e...Z.e...Z.d.e.e.d...<.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.e.e.d...Z.d.d...Z.e.e.d...Z.e.e.d...Z.d d.d...Z.d.S.)!.. Routines for manipulating RFC2047 encoded words...This is currently a package-private API, but will be considered for promotion.to a public API if there is demand........N....ascii_letters..digits....errors....decode_q..encode_q..decode_b..encode_b..len_q..len_b..decode..encode.....=([a-fA-F0-9]{2})c....................C........t...|...d.........S.).N.........bytes..fromhex..groupr........m..r......email\_encoded_words.py..<lambda>A..........r....c....................C........|...d.d...}.t.|...g.f.S.).N....._..... ....replace.._q_byte_subber....encodedr....r....r....r....C............r....c....................@....,...e.Z.d.Z.d.e...d.....e...d.....Z.d.d...Z.d.S.)..._QByteMap.....-!*+/..asciic..................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\email\_header_value_parser.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):77829
                                                                                                                                                                                              Entropy (8bit):5.4161446748399005
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:1536:SBIcwfUUSzw9CKgVlUJFdiNPgzpC9iZh+0KH0wGRhN2GRB97LxSxf4031QJzJTkp:eFwFn76At7114z
                                                                                                                                                                                              MD5:5957D050512ED87D77ABC3FE3E790C41
                                                                                                                                                                                              SHA1:4FB2D2FAF2688E145B7391511184B803C2F62F32
                                                                                                                                                                                              SHA-256:3D8962F0AD8ECA0611A5BE1C5A5FDD61667FF560E75F70C956C2154B075E1226
                                                                                                                                                                                              SHA-512:D7B61011B56FFEFEF2B584244E1A6D28B817358F7DB4B02F502D840664E50EC877C1E0F7BB6A8CA63C43045E3B3BEA5E69FE45D5ACCA3FC536EFE38C3A07665F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@.......d.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...e.d...Z.e.e.d...B.Z.e.d...Z.e.e.B.Z.e.e.d.....Z.e.e.d.....Z.e.e.d...B.e.d.....Z.e.e.B.Z.e.e.d...B.Z.e.e.B.Z.e.e.d.....Z.d.d...Z.e...d.e.j.e.j.B...Z.G.d.d...d.e...Z.G.d.d...d.e...Z G.d.d...d.e...Z!G.d.d...d.e...Z"G.d.d...d.e...Z#G.d.d...d.e ..Z$G.d.d ..d e...Z%G.d!d"..d"e...Z&G.d#d$..d$e...Z'G.d%d&..d&e...Z(G.d'd(..d(e(..Z)G.d)d*..d*e ..Z*G.d+d,..d,e...Z+G.d-d...d.e...Z,G.d/d0..d0e...Z-G.d1d2..d2e...Z.G.d3d4..d4e...Z/G.d5d6..d6e...Z0G.d7d8..d8e...Z1G.d9d:..d:e...Z2G.d;d<..d<e...Z3G.d=d>..d>e...Z4G.d?d@..d@e...Z5G.dAdB..dBe...Z6G.dCdD..dDe...Z7G.dEdF..dFe...Z8G.dGdH..dHe...Z9G.dIdJ..dJe...Z:G.dKdL..dLe"..Z;G.dMdN..dNe...Z<G.dOdP..dPe...Z=G.dQdR..dRe...Z>G.dSdT..dTe...Z?G.dUdV..dVe?..Z@G.dWdX..dXe...ZAG.dYdZ..dZe...ZBG.d[d\..d\e...ZCG.d]d^..d^e...ZDG.d_d`..d`e...ZEG.dadb..dbeE..ZFG.dcdd..ddeE..ZGG.dedf..dfe...ZHG.dgdh..dhe...ZIG.didj..dje...ZJG.dkdl..dleJ..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\email\_parseaddr.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):12478
                                                                                                                                                                                              Entropy (8bit):5.428357601712171
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:k8hkBPanIUuAmAN6gBaPiqv44Vununaar5mwj7mF47PitYCqgHtgZSHwcaZFube:jKMuBXPuutKK3EwL
                                                                                                                                                                                              MD5:0D8BC598EE399F6E73AE8988DF2B29D9
                                                                                                                                                                                              SHA1:5B999978E5562775200A64EB124A0AC15038B044
                                                                                                                                                                                              SHA-256:A9BAA9B18D250AB8759655B29FBE98B3C95628A72815BD31BB41B3BF7233914A
                                                                                                                                                                                              SHA-512:2535AF6DEAF18BB5FFA6BDDDBC309843617E06648B50CBB70E6AA14A005501BF826B7FC189F6E2733E46B655A9A4CE1B56B48A3CC71CC51F35482A438E9B2A9C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@.......d.Z.g.d...Z.d.d.l.Z.d.d.l.Z.d.Z.d.Z.d.Z.g.d...Z.g.d...Z.d.d.d.d.d.d.d.d.d.d.d.d.d.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.G.d.d...d...Z.G.d.d...d.e...Z.d.S.)..cEmail address parsing code...Lifted directly from rfc822.py. This should eventually be rewritten......mktime_tz..parsedate..parsedate_tz..quote.....N.. ...., ....jan..feb..mar..apr..may..jun..jul..aug..sep..oct..nov..dec..january..february..march..aprilr......june..july..august..september..october..november..december....mon..tue..wed..thu..fri..sat..sun.p..................D............UT..UTC..GMT..Z..AST..ADT..EST..EDT..CST..CDT..MST..MDT..PST..PDTc....................C....,...t.|...}.|.s.d.S.|.d...d.u.r.d.|.d.<.t.|...S.)..QConvert a date string to a time tuple... Accounts for military timezones.. N.....r........_parsedate_tz..tuple....data..res..rJ.....email\_parseaddr.pyr....-....................r....c....................C........|.s.d.S.|.....}.|.s.d.S.|.d.....d..

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\email\_policybase.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):14762
                                                                                                                                                                                              Entropy (8bit):5.0843223593228055
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:/b3dx+wPI6I2CaFNAyJAebMqnZbFkIJWAysMNmJd/GazkdZOIv+d/zfz90ArK5L6:/bt1g6IBiTAiZPWApMUjeazMZOsu1ra6
                                                                                                                                                                                              MD5:315D6914F0509D4FABC2DB5BE7D579FC
                                                                                                                                                                                              SHA1:F5398AA9AD1BE4782F8B6609AE2AF4621357396A
                                                                                                                                                                                              SHA-256:3AF1E55ACD0EC5E8862EB59FF8DB9CD53A78E109802C6AB7CA5AD867E9B8111C
                                                                                                                                                                                              SHA-512:78A5A240916ACD4CD0038A9AAAE9EC30B91918D461642F14D50617517DAB4A0DBB1768159F82CE56610AA16585883715B237DBF72291AC0F4B023707ECB57C7A
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@.......d.Z.d.d.l.Z.d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...g.d...Z.G.d.d...d...Z.d.d...Z.d.d...Z.G.d.d...d.e.e.j.d...Z.e.G.d.d...d.e.....Z.e...Z.d.S.)..wPolicy framework for the email package...Allows fine grained feature control of how the package parses and emits data.......N....header....charset...._has_surrogates....Policy..Compat32..compat32c.........................@...e.Z.d.Z.d.Z...f.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.....Z.S.)..._PolicyBase....Policy Object basic framework... This class is useless unless subclassed. A subclass should define. class attributes with defaults for any values that are to be. managed by the Policy object. The constructor will then allow. non-default values to be set for these attributes at instance. creation time. The instance will be callable, taking these same. attributes keyword arguments, and returning a new instance. identical to the called instance except for those values changed.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\email\base64mime.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3220
                                                                                                                                                                                              Entropy (8bit):5.3601785846025125
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:gInFLYxoMN59tl3kWReNFOsrQC/sMGQHb9uxJZtEtINnig2b41+M78ozxtEho:vFLsbReNFxrn2QcxftEiig2mV78oFtEu
                                                                                                                                                                                              MD5:5B6C91BEEBCC1CCB65BD99FD0B1FFD57
                                                                                                                                                                                              SHA1:993D363AC05E98ECD4E8E54C7F5548D0406535C0
                                                                                                                                                                                              SHA-256:5E34BB28F4481406DD4F587B7D7034F1F2F7F96B10793A71C1801025D3D507EE
                                                                                                                                                                                              SHA-512:7463DD1D587B2E02E9D6BE0DC2016AC0365646C967D4ECD1A9EE7DAA590A188C0BDC06A6F0D24FDDF265A80615A2BF5497B39439822BA6961776F211172ADA6E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@....l...d.Z.g.d...Z.d.d.l.m.Z...d.d.l.m.Z.m.Z...d.Z.d.Z.d.Z.d.Z.d.d...Z.d.d.d...Z.d.e.f.d.d...Z.d.d...Z.e.Z.e.Z.d.S.).....Base64 content transfer encoding per RFCs 2045-2047...This module handles the content transfer encoding method defined in RFC 2045.to encode arbitrary 8-bit data using the three 8-bit bytes in four 7-bit.characters encoding known as Base64...It is used in the MIME standards for email to attach images, audio, and text.using some 8-bit character sets to messages...This module provides an interface to encode and decode both headers and bodies.with Base64 encoding...RFC 2045 defines a method for including character set information in an.`encoded-word' in a header. This method is commonly used for 8-bit real names.in To:, From:, Cc:, etc. fields, as well as Subject: lines...This module does not do the line wrapping or end-of-line character conversion.necessary for proper internationalized headers; it only does dumb encoding and.dec

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\email\charset.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):11551
                                                                                                                                                                                              Entropy (8bit):5.35249710360486
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:jZq2eQFtz+wYzF8cGmchcQx6Pk/pOHoU7uOb9XJ//abe8+opjno54Cw:dZeQFh+ZRVGfz/pA7uOb6by5Rw
                                                                                                                                                                                              MD5:3CCF8AC0D7014D6973CE7A0D8E77AB77
                                                                                                                                                                                              SHA1:54F50EE0A942DD61C569D39348B497BD4036BB43
                                                                                                                                                                                              SHA-256:7013B04455A43698152BE12CBA476AA36CD61CAB038AAC853D12F18C687D20AD
                                                                                                                                                                                              SHA-512:0543F3F9B57D1676882ECA96052D5D649246EE30123DA9C21B6DCCC76C6B4C3BBE9B1ED67E2D0859FB903DA211D01EA26CEADFD066CEEA7E8FAE42493C53521E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@........g.d...Z.d.d.l.m.Z...d.d.l.Z.d.d.l.Z.d.d.l.m.Z...d.d.l.m.Z...d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.i.d.e.e.d.f...d.e.e.d.f...d.e.e.d.f...d.e.e.d.f...d.e.e.d.f...d.e.e.d.f...d.e.e.d.f...d.e.e.d.f...d.e.e.d.f...d.e.e.d.f...d.e.e.d.f...d.e.e.d.f...d.d...d.e.e.d.f...d.e.e.d.f...d.e.d.d.f...d.e.d.d.f...e.d.d.f.e.e.d.f.e.e.d.f.d ....Z.i.d!d...d"d...d#d...d$d...d%d...d&d...d'd...d(d...d)d...d*d...d+d...d,d...d-d...d.d...d/d...d0d...d1d...d.d.d.d2d.d3d.d4....Z.d5d6d.d7..Z.d.d8d9..Z.d:d;..Z.d<d=..Z.d>d?..Z.G.d@dA..dA..Z.d.S.)B....Charset..add_alias..add_charset..add_codec.........partialN....errors....encode_7or8bit......................us-ascii..unknown-8bit....iso-8859-1..iso-8859-2..iso-8859-3..iso-8859-4..iso-8859-9..iso-8859-10..iso-8859-13..iso-8859-14..iso-8859-15..iso-8859-16..windows-1252..viscii..NNN..big5..gb2312..euc-jp..iso-2022-jp..shift_jis..utf-8..r%...z.koi8-rr'.....latin_1..latin-1..latin_2..latin-2..latin_3..latin-3..latin_4..latin-4..latin_

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\email\contentmanager.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):7361
                                                                                                                                                                                              Entropy (8bit):5.298634353178582
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:FFuZuYEHBgaEBI3Dux4bcUFrEfsX/05X0C2LN:TmuY2E+3Dux4bZvX/05XsLN
                                                                                                                                                                                              MD5:6A73749CCA27296E9CB717534717C020
                                                                                                                                                                                              SHA1:2DE754F7D794D029CF612F8294D3C604AD091DF2
                                                                                                                                                                                              SHA-256:D5793B8DC1F3262EFD736476FA3D6CE92CB2E1C4B34D8ECA076023AC5FEAE8E4
                                                                                                                                                                                              SHA-512:24F80EA887E1EBF574BD2DED172F4868AB133972C0EA89DF3FE326345C03804673E706552B56094E7C51013DC3EF32C5040EC9C298C8372D02097A0472621047
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@....>...d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.m.Z...G.d.d...d...Z.e...Z.d%d.d...Z.e...d.e.....d.d...Z.d.....D.].Z.e...e.e.....q3d.d...Z.d.....D.].Z.e...d.e...e.....qDd.d...Z.e...d.e.....d.d...Z.d.d...Z.d.d...Z.d.d...Z.......d&d.d...Z.e...e.e...........d'd d!..Z.e...e.j.j.e......"....d(d#d$..Z.e.e.e.f.D.].Z.e...e.e.....q.d.S.)).....N....quoprimimec....................@....<...e.Z.d.Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.S.)...ContentManagerc....................C........i.|._.i.|._.d.S.).N....get_handlers..set_handlers....self..r......email\contentmanager.py..__init__...............ContentManager.__init__c....................C........|.|.j.|.<.d.S.).N..r......r......key..handlerr....r....r......add_get_handler.............ContentManager.add_get_handlerc....................O.......|.....}.|.|.j.v.r.|.j.|...|.g.|...R.i.|.....S.|.....}.|.|.j.v.r.|.j.|...|.g.|...R.i.|.....S.d.|.j.v.rA|.j.d...|.g.|...R.i.|.....S.t.|.....).N......get_content_

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\email\encoders.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1607
                                                                                                                                                                                              Entropy (8bit):5.050932192600656
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:g5y7gaT9r3CrNNTxw7WXT7dq6BFDEK10ZYSaXFVJ4DZoT3kOCDwOjB:g5/sWlW7WX9qQFYKaYSkhEDwOt
                                                                                                                                                                                              MD5:65242D873C85F444E5BB3D08DC19B0E6
                                                                                                                                                                                              SHA1:D13736330B8612639C1EA365E959CDA62BFF64B3
                                                                                                                                                                                              SHA-256:4826318BA5D4519E1EDB7BEFC4DDD450332EE2E612DD5BA8FBC3FD57415F4127
                                                                                                                                                                                              SHA-512:732C613A7D477E492F1B71C7BF3B3A8BF58470B5663D47A1C87B38692FDFD53370560D2BF9E0FF28E1B05E244DB963EE0D1F8FC25886F6E97B6B0ED37DE18B9A
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@....P...d.Z.g.d...Z.d.d.l.m.Z...d.d.l.m.Z...d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.S.).. Encodings and related functions.....encode_7or8bit..encode_base64..encode_noop..encode_quopri.........encodebytes....encodestringc....................C........t.|.d.d...}.|...d.d...S.).NT....quotetabs..... .....=20...._encodestring..replace....s..enc..r......email\encoders.py.._qencode.............r....c....................C....0...|.j.d.d...}.t.t.|...d...}.|...|.....d.|.d.<.d.S.)..lEncode the message's payload in Base64... Also, add an appropriate Content-Transfer-Encoding header.. T....decode..ascii..base64..Content-Transfer-EncodingN....get_payload..str.._bencode..set_payload....msg..orig..encdatar....r....r....r.....................r....c....................C....*...|.j.d.d...}.t.|...}.|...|.....d.|.d.<.d.S.)..vEncode the message's payload in quoted-printable... Also, add an appropriate Content-Transfer-Encoding header.. Tr......quoted-printa

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\email\errors.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5676
                                                                                                                                                                                              Entropy (8bit):4.742287667772295
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:aYI+E7YT1ZoHqqBqqfqquqquqqiXIyJ87aqq+qqOqqW1bqq9qq0sqqwJEqq5Fqqt:aYTEO+HqqBqqfqquqquqqByJ87aqq+q4
                                                                                                                                                                                              MD5:2ADB0AEDCEB94F916B874EFEF9BDFC3E
                                                                                                                                                                                              SHA1:F0599E7A2FD6DCF4F175B34C658EE07447F61D51
                                                                                                                                                                                              SHA-256:D2CB7644A80B5C7879EBB3816E3B73BC3A0A42A6943D6856AD25248B409500DD
                                                                                                                                                                                              SHA-512:3F69E9E21BCF352F8F1FF06252BF702D34A420299BC889A360D8D913839937ED552FEFD15AB9A16C98CF2241B8E00D18B589F9AA287C9A8A49F920AE18A986D3
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@.......d.Z.G.d.d...d.e...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.G.d.d...d.e.e...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.e.Z.G.d.d...d.e...Z.G.d.d...d.e...Z.G.d.d ..d e...Z.G.d!d"..d"e...Z.G.d#d$..d$e...Z.G.d%d&..d&e...Z.G.d'd(..d(e...Z.G.d)d*..d*e...Z.G.d+d,..d,e...Z.G.d-d...d.e...Z.G.d/d0..d0e...Z.G.d1d2..d2e...Z.G.d3d4..d4e...Z.d5S.)6. email package exception classes.c....................@........e.Z.d.Z.d.Z.d.S.)...MessageError.+Base class for errors in the email package.N....__name__..__module__..__qualname__..__doc__..r....r......email\errors.pyr.................r....c....................@...r....)...MessageParseError.&Base class for message parsing errors.Nr....r....r....r....r....r........r....r....c....................@...r....)...HeaderParseError..Error while parsing headers.Nr....r....r....r....r....r........r....r....c...................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\email\feedparser.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):10549
                                                                                                                                                                                              Entropy (8bit):5.475890918893798
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:CQt3ufpui5ERmXZvdZDd6ZCwKTbefqMU04c3H2hjD8g4B:9t+Bui5ZlZDcCwSbeiM/H29D8xB
                                                                                                                                                                                              MD5:3030FB5B261CF98F8EE5EB5639C8A589
                                                                                                                                                                                              SHA1:3D701257029AF3C770BF080B481F4716E130BD12
                                                                                                                                                                                              SHA-256:143A79BAE215BC3F85CF08561DBE4AA0D87BF6E6F9ACD60E1AC713CE2C08407E
                                                                                                                                                                                              SHA-512:83B71605EE28AB424D26E66161F45C089228F2B703A3B6529513C9F995BBA78B5D871048B74BDCB152E6505DF91212A61DF5EE7470912DBB5F9E788331E59E73
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@.......d.Z.d.d.g.Z.d.d.l.Z.d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...e...d...Z.e...d...Z.e...d...Z.e...d...Z.e...d...Z.d.Z.d.Z.e...Z.G.d.d...d.e...Z.G.d.d...d...Z.G.d.d...d.e...Z.d.S.)......FeedParser - An email feed parser...The feed parser implements an interface for incrementally parsing an email.message, line by line. This has advantages for certain applications, such as.those reading email messages off a socket...FeedParser.feed() is the primary interface for pushing new data into the.parser. It returns when there's nothing more it can do with the available.data. When you have no more data to push into the parser, call .close()..This completes the parsing and returns the root message object...The other advantage of this parser is that it will never raise a parsing.exception. Instead, when it finds something unexpected, it adds a 'defect' to.the current message. Defects are just instances that live on the message.object's .defects a

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\email\generator.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):12570
                                                                                                                                                                                              Entropy (8bit):5.366193521624641
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:9jni4Wf6dOGOMLqmnnM4VNcn53eMN+QcwntAgH/ceafZwml7pviBc1:97fWwOGjWeHVeh9N+QcwntXgwmQw
                                                                                                                                                                                              MD5:071B64067178E89D8D8FF94285908419
                                                                                                                                                                                              SHA1:8B4EF1E8894C3B222B7487CD43C14645377C32D3
                                                                                                                                                                                              SHA-256:065933929E55E03D60EB348AB2EE3F87681DDEF02C7164F5DDDE3DE373561B3A
                                                                                                                                                                                              SHA-512:946B718A04FE5005BE0591754E61D2C51449144D3F48E7ABB051D4C3AC00DC368D6E721D8BF1A12041EE4DF337FDEF9D2A7A3126700663446416531052C0D516
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@........d.Z.g.d...Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.m.Z...d.d.l.m.Z.m.Z...d.d.l.m.Z...d.Z.d.Z.e...d...Z.e...d.e.j...Z.G.d.d...d...Z.G.d.d...d.e...Z.d.Z.G.d.d...d.e...Z.e.e.e.j.d.......Z.d.e...Z.e.j.Z.d.S.)..:Classes to generate plain text from a message object tree.....Generator..DecodedGenerator..BytesGenerator.....N....deepcopy....StringIO..BytesIO...._has_surrogates.._.....\r\n|\r|\n..^From c....................@.......e.Z.d.Z.d.Z.d'd.d...d.d...Z.d.d...Z.d(d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.e.Z.d.d...Z.d.d...Z.d.d ..Z.d!d"..Z.e.d)d#d$....Z.e.d%d&....Z.d.S.)*r......Generates output from a Message object tree... This basic generator writes the message to the given file object as plain. text.. N....policyc....................C....6...|.d.u.r.|.d.u.r.d.n.|.j.}.|.|._.|.|._.|.|._.|.|._.d.S.)......Create the generator for message flattening... outfp is the output file-like object for writing t

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\email\header.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16421
                                                                                                                                                                                              Entropy (8bit):5.408195412547922
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:WEojVdCuwA8tzfSNlwn8w4EElPb/bl0rSXAc7uqKjQNWnPXbOidChI18DkVh:WE28tjS3wn8w4vhbcAguW9Vh
                                                                                                                                                                                              MD5:AA1B628F56E4FF40585807C072336F6B
                                                                                                                                                                                              SHA1:78E36D6DD448BEA2B2092596F76875C01F29FFC1
                                                                                                                                                                                              SHA-256:21DCCE4C51903F5789636ABEF46C7DC99E6597ECD0DE45BC0570579CEBFE3370
                                                                                                                                                                                              SHA-512:B1ABA136B253DBA2228BFF63268AE5C56D40A2949F4001732B41A92498134472042E2598B88C5AC90B2D753CC5CAB65902F39AEA2650CA3388603B96AF3C848E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@........d.Z.g.d...Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.m.Z...d.d.l.m.Z...e.j.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.d.Z.e.d...Z.e.d...Z.e...d.e.j.e.j.B...Z.e...d...Z.e...d...Z.e.j.j.Z.d.d...Z.....d.d.d...Z.G.d.d...d...Z.G.d.d...d...Z G.d.d...d.e!..Z"d.S.)..+Header encoding and decoding functionality.....Header..decode_header..make_header.....N....HeaderParseError....charset..... ..... .. ...N..... ...us-ascii..utf-8.i.... =\? # literal =?. (?P<charset>[^?]*?) # non-greedy up to the next ? is the charset. \? # literal ?. (?P<encoding>[qQbB]) # either a "q" or a "b", case insensitive. \? # literal ?. (?P<encoded>.*?) # non-greedy up to the next ?= is the encoded string. \?= # literal ?=. ..[\041-\176]+:$..\n[^ \t]+:c....................C.......t.|.d...r.d.d...|.j.D...S.t...|...s.|.d.f.g.S.g.}.|.....D.]A}.t...|...}.d.}.|.r^|...d...}.|.r5|.....}.d.}.|.r?|...|.d.d.f.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\email\headerregistry.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):21838
                                                                                                                                                                                              Entropy (8bit):5.160948854123433
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:stn16ElmJgvtMCFMlJj2voTpzzH3ON0MbfP3uY1oaWXf95yHF:stn1tO0FMvqvoNH3ONZbSml
                                                                                                                                                                                              MD5:6B7B638CA42B9D71EBED9FED7EE28823
                                                                                                                                                                                              SHA1:6A866E869E39CF24298A426FD3F5719EFAAE89E6
                                                                                                                                                                                              SHA-256:FE620999075F4C874B007293452CB3F81AD102782BAAE0A9459B9BC8AA45E9B5
                                                                                                                                                                                              SHA-512:7254CB00A9F51553D94B7D066D10A47F2C120FB8A80647344E06B9BA5EFD96DBEA06454564904C1D4B6F9559A02488B67469CAD5BCE0D245462EDC20E3C15A82
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@........d.Z.d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...G.d.d...d...Z.G.d.d...d...Z.G.d.d...d.e...Z.d.d...Z.G.d.d...d...Z.G.d.d...d.e...Z.G.d.d...d...Z.G.d.d...d.e...Z.G.d.d...d...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.G.d.d...d...Z.G.d d!..d!..Z.G.d"d#..d#e...Z.G.d$d%..d%e...Z.G.d&d'..d'..Z.G.d(d)..d)..Z.i.d*e...d+e...d,e...d-e...d.e...d/e...d0e...d1e...d2e...d3e...d4e...d5e...d6e...d7e...d8e...d9e...d:e...e.e.e.d;....Z.G.d<d=..d=..Z.d>S.)?..Representing and manipulating email headers via custom objects...This module provides an implementation of the HeaderRegistry API..The implementation is designed to flexibly follow RFC5322 rules...........MappingProxyType....utils....errors...._header_value_parserc....................@....^...e.Z.d.Z.d.d.d...Z.e.d.d.....Z.e.d.d.....Z.e.d.d.....Z.e.d.d.....Z.d.d...Z.d.d...Z.d.d...Z.d.S.)...Address..Nc....................C.......d...t.d.|.|.|.|.f.....}.d.|.v.s.d.|.v.r.t.d.....|.d.u.rC|.s |.r$t.d.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\email\iterators.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1948
                                                                                                                                                                                              Entropy (8bit):5.320183547419749
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:gahA49ILWjxazvfuDpoSQLfMbhTGogy1eLUhz/CIi:prIWdi+DPsMbhPg82
                                                                                                                                                                                              MD5:0476633308A180C6747EE321B8E378C6
                                                                                                                                                                                              SHA1:E8321A6E1A8F50C93107EADDA64CEF16B69FA4F7
                                                                                                                                                                                              SHA-256:3E9565D45AD26A172DBA43910263F8CC7A24DB52F1EAB78967C16C36B23AE911
                                                                                                                                                                                              SHA-512:0141FD8B71E1B0E8009C6583644C4CC32D2384BC0981A3F71EC33D3A0A3FBA9DA8A9363C9F8315842F82C9E181CA94ADC72F5BE27AB1756269D9625DBE9E3FF7
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@....J...d.Z.g.d...Z.d.d.l.Z.d.d.l.m.Z...d.d...Z.d.d.d...Z.d.d.d...Z.d.d.d...Z.d.S.)..1Various types of useful iterators and generators.....body_line_iterator..typed_subpart_iterator..walk.....N....StringIOc....................c....4.....|.V...|.....r.|.....D.].}.|.....E.d.H...q.d.S.d.S.)...Walk over the message tree, yielding each subpart... The walk is performed in depth-first order. This method is a. generator.. N....is_multipart..get_payloadr........self..subpart..r......email\iterators.pyr...........................r....Fc....................c....8.....|.....D.].}.|.j.|.d...}.t.|.t...r.t.|...E.d.H...q.d.S.)...Iterate over the parts, returning string payloads line-by-line... Optional decode (default False) is passed through to .get_payload().. ....decodeN..r....r......isinstance..strr........msgr....r......payloadr....r....r....r...."......................r......textc....................c....:.....|.....D.].}.|.....|.k.r.|.d.u.s.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\email\message.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):37754
                                                                                                                                                                                              Entropy (8bit):5.321669694122612
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:768:mUGhq3cffG9nAn2Rmzq0Y8kcol91IyggNhN:mtBffG9xehTTA92oN
                                                                                                                                                                                              MD5:2C213B514919CC8D972E518DAA1BE9B7
                                                                                                                                                                                              SHA1:14DCFD435FE5E24063F9A8C67B346274DFCEAB19
                                                                                                                                                                                              SHA-256:B99D4872773D7C2940559FCB143F54C0BECD5DAAB973B8693E4C29ADB98E61F0
                                                                                                                                                                                              SHA-512:65BB4B30128AEDDD22DD9273D06732079BB394366C1A1F24B0054AFCC0221BC120CF61EADB985408A7C0A4E96EF31975C82F14467C1CECEFCF6FAD06AC8C22CE
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@........d.Z.d.d.g.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.m.Z.m.Z...d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z.m.Z...d.d.l.m.Z...d.d.l.m.Z...e.j.Z.d.Z.e...d...Z.d.d...Z.d.d.d...Z.d.d...Z.d.d...Z.G.d.d...d...Z.G.d.d...d.e...Z.G.d.d...d.e...Z.d.S.)..8Basic message object for the email package object model...Message..EmailMessage.....N....BytesIO..StringIO....utils....errors....Policy..compat32....charset....decode_b..; ..[ \(\)<>@,;:\\"/\[\]\?=]c....................C....4...t.|.....d...\.}.}.}.|.s.|.....d.f.S.|.....|.....f.S.).N..;....str..partition..strip....param..a..sep..b..r!.....email\message.py.._splitparam.................r#...Tc....................C........|.d.u.r^t.|...d.k.r^t.|.t...r&|.d.7.}.t...|.d...|.d...|.d.....}.d.|.|.f...S.z.|...d.....W.n...t.yG......|.d.7.}.t...|.d.d...}.d.|.|.f.....Y.S.w.|.sOt...|...rXd.|.t...|...f...S.d.|.|.f...S.|.S.)..~...Convenience function to format and return a key=value pair... This will quote the value if needed or if qu

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\email\parser.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5656
                                                                                                                                                                                              Entropy (8bit):4.935115598818016
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:g7O7L2QFUCnoK4b7TGPerSZUWyT9Bzug4DcCTDQFlhnoKL2pG6kTy+erSIoVgTns:84LQtB7ue5PlWToe3oF++eto2FZSVk6b
                                                                                                                                                                                              MD5:441304A5F9E2971955CE423AF65A73CC
                                                                                                                                                                                              SHA1:457B51D876A5C24488B168BCF0568954A6C13185
                                                                                                                                                                                              SHA-256:6D5279E7E4AA776449F132E09F881525EE5F9B4CCED9F782DA05D36B3CAAC523
                                                                                                                                                                                              SHA-512:7D86CE54BDAF01B55D521FEE488B4512B4BD55B00A96578F5FC5B2A1FC03797B37503EBD75CA88700557CDB91827952DB21663F16F5C1C10741BD9A0922FA7E0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@....x...d.Z.g.d...Z.d.d.l.m.Z.m.Z...d.d.l.m.Z.m.Z...d.d.l.m.Z...G.d.d...d...Z.G.d.d...d.e...Z.G.d.d...d...Z.G.d.d...d.e...Z.d.S.)..-A parser of RFC 2822 and MIME email messages.....Parser..HeaderParser..BytesParser..BytesHeaderParser..FeedParser..BytesFeedParser.........StringIO..TextIOWrapper..r....r........compat32c....................@....0...e.Z.d.Z.d.e.d...d.d...Z.d.d.d...Z.d.d.d...Z.d.S.).r....N....policyc....................C........|.|._.|.|._.d.S.).....Parser of RFC 2822 and MIME email messages... Creates an in-memory object tree representing the email message, which. can then be manipulated and turned over to a Generator to return the. textual representation of the message... The string must be formatted as a block of RFC 2822 headers and header. continuation lines, optionally preceded by a `Unix-from' header. The. header block is terminated either by the end of the string or by a. blank

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\email\policy.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):9633
                                                                                                                                                                                              Entropy (8bit):4.931258605408404
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:oXlDAHhSVVbT6AGKJU/LYMp1Btoozt8FcQ+evaaLb2ec8v:oXlsHhQZT6SJUNDBWoztHevaM
                                                                                                                                                                                              MD5:4CC32D9DC22FECB43DC2665C49C0E6DF
                                                                                                                                                                                              SHA1:F64AA150A478D3C01FA7697A9CB4C772009CC72C
                                                                                                                                                                                              SHA-256:A2E972DA28F1D082E21FE48A94D54948EA07FABD9461580CD06B59EB5DDB4AC7
                                                                                                                                                                                              SHA-512:91820248B18204CD92DA6805ADBC54799EDB86567DCF55721BA2C2810AD5E81068C9B3167C2906FD1285B97F5ADEDC6F94923D1B34FA39E7C130627B49006958
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@........d.Z.d.d.l.Z.d.d.l.Z.d.d.l.m.Z.m.Z.m.Z.m.Z...d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...g.d...Z.e...d...Z.e.G.d.d...d.e.....Z.e...Z.e.`.e.j.d.d...Z.e.j.d.d...Z.e.j.d.d.d...Z.e.j.d.d...Z.d.S.)..cThis will be the home for the policy that hooks in the new.code that adds all the email6 features.......N....Policy..Compat32..compat32.._extend_docstrings...._has_surrogates....HeaderRegistry....raw_data_manager....EmailMessage..r....r....r......EmailPolicy..default..strict..SMTP..HTTP..\n|\rc.........................p...e.Z.d.Z.d.Z.e.Z.d.Z.d.Z.e...Z.e.Z...f.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d...Z.d.d.d...Z.....Z.S.).r.....Q...+. PROVISIONAL.. The API extensions enabled by this policy are currently provisional.. Refer to the documentation for details... This policy adds new header parsing and folding algorithms. Instead of. simple strings, headers are custom objects with custom attributes. depending on the type

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\email\quoprimime.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):7599
                                                                                                                                                                                              Entropy (8bit):5.51186480963117
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:DLJLyjCY2rlgeRk/SE8HiIf3HH94gxyV7pmZ5ZftOcF/NkFUyq2n1/RY9XDr7d7V:fJYUGQ2SEeagoV7pzyyFhRKTrPPMmlL
                                                                                                                                                                                              MD5:2A2AC2D91A781D816AA570B3D7B274A8
                                                                                                                                                                                              SHA1:E3B62D74AF0D18764C964CF46930900ADEC80CD1
                                                                                                                                                                                              SHA-256:C5E78AD3FF81BE188BA1876D505F7394C07BF4F55B38E1B4B23C6F7D8A6FE4A2
                                                                                                                                                                                              SHA-512:B638DF6C89013315D75DBD7179D57D03FF153DC1D12682F7556B5091B78A59F7FCE3FBA605BA88FCF227F3F1C2F9751E4F49974F9C76B333C3453101D06FC43B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@....F...d.Z.g.d...Z.d.d.l.Z.d.d.l.m.Z.m.Z.m.Z...d.Z.d.Z.d.Z.d.d...e.d...D...Z.e.d.d.....Z.e.d.d.....Z.d.e...d.....e...d.....D.].Z.e.e...e.e.<.q;d.e.e.d...<.d.D.].Z.e.e...e.e.<.qLd.d...Z.d.d...Z.d.d...Z.d.d...Z.d+d.d...Z.d.d...Z.d.d...Z.d,d.d ..Z.e.d.d.....Z.d!D.].Z.e.e...e.e.<.q.d"e.f.d#d$..Z.e.f.d%d&..Z.e.Z.e.Z.d'd(..Z.d)d*..Z d.S.)-.F...Quoted-printable content transfer encoding per RFCs 2045-2047...This module handles the content transfer encoding method defined in RFC 2045.to encode US ASCII-like 8-bit data called `quoted-printable'. It is used to.safely encode text that is in a character set similar to the 7-bit US ASCII.character set, but that includes some 8-bit characters that are normally not.allowed in email bodies or headers...Quoted-printable is very space-inefficient for encoding binary files; use the.email.base64mime module for that instead...This module provides an interface to encode and decode both headers and bodies.with quoted-p

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\email\utils.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):9666
                                                                                                                                                                                              Entropy (8bit):5.5630765218102995
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:7bGMhTYU1ba/bcRIpnc8PNMw1gBQl7EdE1J/mezcA5aJCSStw3TG/3Q48mt8U:mQTQTcqFSwaBQl7ogVVvAfGyGfft8U
                                                                                                                                                                                              MD5:B573D5BD8B7562F42D39411D50A09D28
                                                                                                                                                                                              SHA1:9B70CF2621A611B86C3888C284E2D331E69470FA
                                                                                                                                                                                              SHA-256:C9EBAF9F1E9F19F2C492DB9C2BA066D6EAB844EF4BE241F160D6613A0C47160B
                                                                                                                                                                                              SHA-512:5EFE8F8F33D660DCBA373E14953B53C9B492D57D6B7362715D6DE6981443CEE8766BEDC745B43779675315689C9388E4185F8B641F9CFCFBAFF45755E4940CE4
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@....T...d.Z.g.d...Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z...d.d.l.m.Z.m.Z.m.Z...d.d.l.m.Z...d.Z.d.Z.d.Z.d.Z.d.Z.e...d...Z.e...d...Z.d.d...Z.d.d...Z.d5d.d...Z.d.d...Z.d.d...Z d6d.d...Z!d7d.d...Z"d8d.d ..Z#d!d"..Z$d#d$..Z%d%d&..Z&d'd(..Z'd8d)d*..Z(e...d+e.j)..Z*d,d-..Z+.../d9d0d1..Z,d:d3d4..Z-d.S.);..Miscellaneous utilities.....collapse_rfc2231_value..decode_params..decode_rfc2231..encode_rfc2231..formataddr..formatdate..format_datetime..getaddresses..make_msgid..mktime_tz..parseaddr..parsedate..parsedate_tz..parsedate_to_datetime..unquote.....N....quote....AddressList..r......r....r......_parsedate_tz....Charset.., ........'..[][\\()<>@,:;".]..[\\"]c....................C....$...z.|.......W.d.S...t.y.......Y.d.S.w.)..8Return True if s contains surrogate-escaped binary data.FT....encode..UnicodeEncodeError....s..r*.....email\utils.py.._has_surrogates3....................r,...c....................C...

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\_MEI71122\fnmatch.pyc

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4224
                                                                                                                                                                                              Entropy (8bit):5.672816850634758
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:tZ1NvFl7gPHnfnTdD7RykUATq7Y1qYmWVzHRJwLaL1F3rGz6:t1vFl7g/fnTF7gkDzTRFxm6
                                                                                                                                                                                              MD5:E75B05D9847E69F881417036910CF144
                                                                                                                                                                                              SHA1:BDD6B3B95B7A97DF99519A6DEFCE8BEE711595BF
                                                                                                                                                                                              SHA-256:38E88B1607E9CAE72DAD8E232949F85DBE3F4A3A09028601A9D42A8B49340ED8
                                                                                                                                                                                              SHA-512:5E10410232012FE00C4F1B2D99B1AA36A4496A2CACB561C5769663F350A60A3C3CFF0BBCEB0FEBE4804F567FEFFA0EDC758A16AA43156DBCF9718F05EB1DA2E4
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:o....................................@....|...d.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.d.d.l.Z.g.d...Z.d.d.l.m.Z...e...j.Z.[.d.d...Z.e.j.d.d.d...d.d.....Z.d.d...Z.d.d...Z.d.d...Z.d.S.).....Filename matching with shell patterns...fnmatch(FILENAME, PATTERN) matches according to the local convention..fnmatchcase(FILENAME, PATTERN) always takes case in account...The functions operate by translating the pattern into a regular.expression. They cache the compiled regular expressions for speed...The function translate(PATTERN) returns a regular expression.corresponding to PATTERN. (It does not compile it.)......N....filter..fnmatch..fnmatchcase..translate....countc....................C...."...t.j...|...}.t.j...|...}.t.|.|...S.).....Test whether FILENAME matches PATTERN... Patterns are Unix shell style:.. * matches everything. ? matches any single character. [seq] matches any character in seq. [!seq] matches any char not in seq.. An initial period in FILENAME is not spec

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\h_29ka9k

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4
                                                                                                                                                                                              Entropy (8bit):2.0
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:qn:qn
                                                                                                                                                                                              MD5:3F1D1D8D87177D3D8D897D7E421F84D6
                                                                                                                                                                                              SHA1:DD082D742A5CB751290F1DB2BD519C286AA86D95
                                                                                                                                                                                              SHA-256:F02285FB90ED8C81531FE78CF4E2ABB68A62BE73EE7D317623E2C3E3AEFDFFF2
                                                                                                                                                                                              SHA-512:2AE2B3936F31756332CA7A4B877D18F3FCC50E41E9472B5CD45A70BEA82E29A0FA956EE6A9EE0E02F23D9DB56B41D19CB51D88AAC06E9C923A820A21023752A9
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:blat

                                                                                                                                                                                              Static File Info

                                                                                                                                                                                              General

                                                                                                                                                                                              File type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                              Entropy (8bit):7.996980962078941
                                                                                                                                                                                              TrID:
                                                                                                                                                                                              • Win64 Executable GUI (202006/5) 92.65%
                                                                                                                                                                                              • Win64 Executable (generic) (12005/4) 5.51%
                                                                                                                                                                                              • Generic Win/DOS Executable (2004/3) 0.92%
                                                                                                                                                                                              • DOS Executable Generic (2002/1) 0.92%
                                                                                                                                                                                              • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                                                                              File name:HmP9fn8NM9.exe
                                                                                                                                                                                              File size:58'303'966 bytes
                                                                                                                                                                                              MD5:1b4fa73741b1e40003326d8bed4b39dc
                                                                                                                                                                                              SHA1:7a23e3650d530a8bb4f7aa8c80690ed423f0b819
                                                                                                                                                                                              SHA256:c9a1ab7b39fcca82619ec34ee3c2a92a72100f28d5686d5f899a1b37c814dd57
                                                                                                                                                                                              SHA512:99123c8c6f1c8662ebffabce377f50f958210d9e24d71fceb8d8b30b57543dc15b2c53888986a0a4500bf6bcd7981f454789440e6636d114fd58b6dad25defc1
                                                                                                                                                                                              SSDEEP:1572864:dXG+DVNXukNqWb9CLXSCU/+Pyz0SljCjbQ:dddukNqDSC++Py5jk
                                                                                                                                                                                              TLSH:4DD73393B9DC02A7E1B378B8F4498A08F8EAB45ACB53D39620E441C709977859DFDF50
                                                                                                                                                                                              File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......t..30t.`0t.`0t.`{..a7t.`{..a.t.`{..a:t.` ..`3t.` ..a9t.` ..a!t.` ..a.t.`{..a;t.`0t.`.t.`{..a)t.`{..a1t.`Rich0t.`........PE..d..

                                                                                                                                                                                              File Icon

                                                                                                                                                                                              Icon Hash:f0dcccd496cef870

                                                                                                                                                                                              Static PE Info

                                                                                                                                                                                              General

                                                                                                                                                                                              Entrypoint:0x14000dc40
                                                                                                                                                                                              Entrypoint Section:.text
                                                                                                                                                                                              Digitally signed:false
                                                                                                                                                                                              Imagebase:0x140000000
                                                                                                                                                                                              Subsystem:windows gui
                                                                                                                                                                                              Image File Characteristics:EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE
                                                                                                                                                                                              DLL Characteristics:HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, GUARD_CF, TERMINAL_SERVER_AWARE
                                                                                                                                                                                              Time Stamp:0x67636335 [Thu Dec 19 00:05:09 2024 UTC]
                                                                                                                                                                                              TLS Callbacks:
                                                                                                                                                                                              CLR (.Net) Version:
                                                                                                                                                                                              OS Version Major:6
                                                                                                                                                                                              OS Version Minor:0
                                                                                                                                                                                              File Version Major:6
                                                                                                                                                                                              File Version Minor:0
                                                                                                                                                                                              Subsystem Version Major:6
                                                                                                                                                                                              Subsystem Version Minor:0
                                                                                                                                                                                              Import Hash:b35782a64f6490d7964c291e00dd0025

                                                                                                                                                                                              Entrypoint Preview

                                                                                                                                                                                              Instruction
                                                                                                                                                                                              dec eax
                                                                                                                                                                                              sub esp, 28h
                                                                                                                                                                                              call 00007FE5B91F0E1Ch
                                                                                                                                                                                              dec eax
                                                                                                                                                                                              add esp, 28h
                                                                                                                                                                                              jmp 00007FE5B91F0A3Fh
                                                                                                                                                                                              int3
                                                                                                                                                                                              int3
                                                                                                                                                                                              int3
                                                                                                                                                                                              int3
                                                                                                                                                                                              int3
                                                                                                                                                                                              int3
                                                                                                                                                                                              int3
                                                                                                                                                                                              int3
                                                                                                                                                                                              int3
                                                                                                                                                                                              int3
                                                                                                                                                                                              int3
                                                                                                                                                                                              int3
                                                                                                                                                                                              int3
                                                                                                                                                                                              int3
                                                                                                                                                                                              dec eax
                                                                                                                                                                                              sub esp, 28h
                                                                                                                                                                                              call 00007FE5B91F11E8h
                                                                                                                                                                                              test eax, eax
                                                                                                                                                                                              je 00007FE5B91F0BE3h
                                                                                                                                                                                              dec eax
                                                                                                                                                                                              mov eax, dword ptr [00000030h]
                                                                                                                                                                                              dec eax
                                                                                                                                                                                              mov ecx, dword ptr [eax+08h]
                                                                                                                                                                                              jmp 00007FE5B91F0BC7h
                                                                                                                                                                                              dec eax
                                                                                                                                                                                              cmp ecx, eax
                                                                                                                                                                                              je 00007FE5B91F0BD6h
                                                                                                                                                                                              xor eax, eax
                                                                                                                                                                                              dec eax
                                                                                                                                                                                              cmpxchg dword ptr [0003892Ch], ecx
                                                                                                                                                                                              jne 00007FE5B91F0BB0h
                                                                                                                                                                                              xor al, al
                                                                                                                                                                                              dec eax
                                                                                                                                                                                              add esp, 28h
                                                                                                                                                                                              ret
                                                                                                                                                                                              mov al, 01h
                                                                                                                                                                                              jmp 00007FE5B91F0BB9h
                                                                                                                                                                                              int3
                                                                                                                                                                                              int3
                                                                                                                                                                                              int3
                                                                                                                                                                                              dec eax
                                                                                                                                                                                              sub esp, 28h
                                                                                                                                                                                              test ecx, ecx
                                                                                                                                                                                              jne 00007FE5B91F0BC9h
                                                                                                                                                                                              mov byte ptr [00038915h], 00000001h
                                                                                                                                                                                              call 00007FE5B91F0315h
                                                                                                                                                                                              call 00007FE5B91F1600h
                                                                                                                                                                                              test al, al
                                                                                                                                                                                              jne 00007FE5B91F0BC6h
                                                                                                                                                                                              xor al, al
                                                                                                                                                                                              jmp 00007FE5B91F0BD6h
                                                                                                                                                                                              call 00007FE5B91FE11Fh
                                                                                                                                                                                              test al, al
                                                                                                                                                                                              jne 00007FE5B91F0BCBh
                                                                                                                                                                                              xor ecx, ecx
                                                                                                                                                                                              call 00007FE5B91F1610h
                                                                                                                                                                                              jmp 00007FE5B91F0BACh
                                                                                                                                                                                              mov al, 01h
                                                                                                                                                                                              dec eax
                                                                                                                                                                                              add esp, 28h
                                                                                                                                                                                              ret
                                                                                                                                                                                              int3
                                                                                                                                                                                              int3
                                                                                                                                                                                              inc eax
                                                                                                                                                                                              push ebx
                                                                                                                                                                                              dec eax
                                                                                                                                                                                              sub esp, 20h
                                                                                                                                                                                              cmp byte ptr [000388DCh], 00000000h
                                                                                                                                                                                              mov ebx, ecx
                                                                                                                                                                                              jne 00007FE5B91F0C29h
                                                                                                                                                                                              cmp ecx, 01h
                                                                                                                                                                                              jnbe 00007FE5B91F0C2Ch
                                                                                                                                                                                              call 00007FE5B91F115Eh
                                                                                                                                                                                              test eax, eax
                                                                                                                                                                                              je 00007FE5B91F0BEAh
                                                                                                                                                                                              test ebx, ebx
                                                                                                                                                                                              jne 00007FE5B91F0BE6h
                                                                                                                                                                                              dec eax
                                                                                                                                                                                              lea ecx, dword ptr [000388C6h]
                                                                                                                                                                                              call 00007FE5B91FDF12h

                                                                                                                                                                                              Data Directories

                                                                                                                                                                                              NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_IMPORT0x40b340x78.rdata
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_RESOURCE0x4b0000xf2f1.rsrc
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_EXCEPTION0x480000x2268.pdata
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_BASERELOC0x5b0000x770.reloc
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_DEBUG0x3e1300x1c.rdata
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x3dff00x140.rdata
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_IAT0x2c0000x4b8.rdata
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                              Sections

                                                                                                                                                                                              NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                              .text0x10000x2ad900x2ae006c292d4d86679f74132342110d81a106False0.5512424836005831data6.489405095438984IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                              .rdata0x2c0000x15b7c0x15c001c35e350acf51f6965bd2a560832e051False0.4835219109195402data5.653662199985552IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                              .data0x420000x54380xe00334e36c907bd2fe277bb395a1022fb7fFalse0.14006696428571427data1.8977897981870555IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                              .pdata0x480000x22680x2400b656b1c7ddfed89de66a31a44074ea59False0.4696180555555556data5.3237366571282125IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                              .rsrc0x4b0000xf2f10xf4005e404cef470f70d7357658c689355eadFalse0.8818679559426229data7.4770182079502545IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                              .reloc0x5b0000x7700x800fd38dd03a2209d0f0da1e25b4c2ae23cFalse0.55517578125data5.285514796186651IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                                                                                                                                                                                              Resources

                                                                                                                                                                                              NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                                                                              RT_ICON0x4b1f00x852fPNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced1.0006159260888694
                                                                                                                                                                                              RT_ICON0x537200x2635PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced1.0011246293834986
                                                                                                                                                                                              RT_ICON0x55d580x2668Device independent bitmap graphic, 48 x 96 x 32, image size 97920.5839096826688365
                                                                                                                                                                                              RT_ICON0x583c00x1128Device independent bitmap graphic, 32 x 64 x 32, image size 43520.6350182149362478
                                                                                                                                                                                              RT_ICON0x594e80x468Device independent bitmap graphic, 16 x 32 x 32, image size 10880.7668439716312057
                                                                                                                                                                                              RT_GROUP_ICON0x599500x4cdata0.7894736842105263
                                                                                                                                                                                              RT_VERSION0x5999c0x448data0.4443430656934307
                                                                                                                                                                                              RT_MANIFEST0x59de40x50dXML 1.0 document, ASCII text0.4694508894044857

                                                                                                                                                                                              Imports

                                                                                                                                                                                              DLLImport
                                                                                                                                                                                              USER32.dllCreateWindowExW, ShutdownBlockReasonCreate, MsgWaitForMultipleObjects, ShowWindow, DestroyWindow, RegisterClassW, DefWindowProcW, PeekMessageW, DispatchMessageW, TranslateMessage, PostMessageW, GetMessageW, MessageBoxW, MessageBoxA, SystemParametersInfoW, DestroyIcon, SetWindowLongPtrW, GetWindowLongPtrW, GetClientRect, InvalidateRect, ReleaseDC, GetDC, DrawTextW, GetDialogBaseUnits, EndDialog, DialogBoxIndirectParamW, MoveWindow, SendMessageW
                                                                                                                                                                                              COMCTL32.dll
                                                                                                                                                                                              KERNEL32.dllGetACP, IsValidCodePage, GetStringTypeW, GetFileAttributesExW, SetEnvironmentVariableW, FlushFileBuffers, GetCurrentDirectoryW, LCMapStringW, CompareStringW, FlsFree, FlsSetValue, GetOEMCP, GetCPInfo, GetModuleHandleW, MulDiv, OutputDebugStringA, OutputDebugStringW, FormatMessageW, GetLastError, GetModuleFileNameW, LoadLibraryExW, SetDllDirectoryW, CreateSymbolicLinkW, GetProcAddress, GetEnvironmentStringsW, CreateDirectoryW, GetCommandLineW, GetEnvironmentVariableW, ExpandEnvironmentStringsW, DeleteFileW, FindClose, FindFirstFileW, FindNextFileW, GetDriveTypeW, RemoveDirectoryW, GetTempPathW, CloseHandle, QueryPerformanceCounter, QueryPerformanceFrequency, WaitForSingleObject, Sleep, GetCurrentProcess, TerminateProcess, GetExitCodeProcess, CreateProcessW, GetStartupInfoW, FreeLibrary, LocalFree, SetConsoleCtrlHandler, K32EnumProcessModules, K32GetModuleFileNameExW, CreateFileW, FindFirstFileExW, GetFinalPathNameByHandleW, MultiByteToWideChar, WideCharToMultiByte, FlsGetValue, FreeEnvironmentStringsW, GetProcessHeap, GetTimeZoneInformation, HeapSize, HeapReAlloc, WriteConsoleW, SetEndOfFile, SetErrorMode, RtlCaptureContext, RtlLookupFunctionEntry, RtlVirtualUnwind, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsProcessorFeaturePresent, GetCurrentProcessId, GetCurrentThreadId, GetSystemTimeAsFileTime, InitializeSListHead, IsDebuggerPresent, RtlUnwindEx, SetLastError, EnterCriticalSection, LeaveCriticalSection, DeleteCriticalSection, InitializeCriticalSectionAndSpinCount, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, EncodePointer, RaiseException, RtlPcToFileHeader, GetCommandLineA, GetFileInformationByHandle, GetFileType, PeekNamedPipe, SystemTimeToTzSpecificLocalTime, FileTimeToSystemTime, ReadFile, GetFullPathNameW, SetStdHandle, GetStdHandle, WriteFile, ExitProcess, GetModuleHandleExW, HeapFree, GetConsoleMode, ReadConsoleW, SetFilePointerEx, GetConsoleOutputCP, GetFileSizeEx, HeapAlloc, FlsAlloc
                                                                                                                                                                                              ADVAPI32.dllOpenProcessToken, GetTokenInformation, ConvertStringSecurityDescriptorToSecurityDescriptorW, ConvertSidToStringSidW
                                                                                                                                                                                              GDI32.dllDeleteObject, SelectObject, CreateFontIndirectW

                                                                                                                                                                                              Network Behavior

                                                                                                                                                                                              Network Port Distribution

                                                                                                                                                                                              TCP Packets

                                                                                                                                                                                              TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                              Dec 19, 2024 12:40:31.637494087 CET49731443192.168.2.592.113.16.201
                                                                                                                                                                                              Dec 19, 2024 12:40:31.637533903 CET4434973192.113.16.201192.168.2.5
                                                                                                                                                                                              Dec 19, 2024 12:40:31.637636900 CET49731443192.168.2.592.113.16.201
                                                                                                                                                                                              Dec 19, 2024 12:40:31.638324976 CET49731443192.168.2.592.113.16.201
                                                                                                                                                                                              Dec 19, 2024 12:40:31.638339996 CET4434973192.113.16.201192.168.2.5
                                                                                                                                                                                              Dec 19, 2024 12:40:33.033739090 CET4434973192.113.16.201192.168.2.5
                                                                                                                                                                                              Dec 19, 2024 12:40:33.034354925 CET49731443192.168.2.592.113.16.201
                                                                                                                                                                                              Dec 19, 2024 12:40:33.034370899 CET4434973192.113.16.201192.168.2.5
                                                                                                                                                                                              Dec 19, 2024 12:40:33.035881996 CET4434973192.113.16.201192.168.2.5
                                                                                                                                                                                              Dec 19, 2024 12:40:33.035965919 CET49731443192.168.2.592.113.16.201
                                                                                                                                                                                              Dec 19, 2024 12:40:33.036727905 CET49731443192.168.2.592.113.16.201
                                                                                                                                                                                              Dec 19, 2024 12:40:33.036869049 CET49731443192.168.2.592.113.16.201

                                                                                                                                                                                              UDP Packets

                                                                                                                                                                                              TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                              Dec 19, 2024 12:40:31.267990112 CET5529653192.168.2.51.1.1.1
                                                                                                                                                                                              Dec 19, 2024 12:40:31.632299900 CET53552961.1.1.1192.168.2.5

                                                                                                                                                                                              DNS Queries

                                                                                                                                                                                              TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                              Dec 19, 2024 12:40:31.267990112 CET192.168.2.51.1.1.10x7b22Standard query (0)palegreen-cheetah-217044.hostingersite.comA (IP address)IN (0x0001)false

                                                                                                                                                                                              DNS Answers

                                                                                                                                                                                              TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                              Dec 19, 2024 12:40:31.632299900 CET1.1.1.1192.168.2.50x7b22No error (0)palegreen-cheetah-217044.hostingersite.comfree.cdn.hstgr.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                              Dec 19, 2024 12:40:31.632299900 CET1.1.1.1192.168.2.50x7b22No error (0)free.cdn.hstgr.net92.113.16.201A (IP address)IN (0x0001)false

                                                                                                                                                                                              Statistics

                                                                                                                                                                                              CPU Usage

                                                                                                                                                                                              Click to jump to process

                                                                                                                                                                                              Memory Usage

                                                                                                                                                                                              Click to jump to process

                                                                                                                                                                                              High Level Behavior Distribution

                                                                                                                                                                                              Click to dive into process behavior distribution

                                                                                                                                                                                              Behavior

                                                                                                                                                                                              Click to jump to process

                                                                                                                                                                                              System Behavior

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:0
                                                                                                                                                                                              Start time:06:40:02
                                                                                                                                                                                              Start date:19/12/2024
                                                                                                                                                                                              Path:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:"C:\Users\user\Desktop\HmP9fn8NM9.exe"
                                                                                                                                                                                              Imagebase:0x7ff7774d0000
                                                                                                                                                                                              File size:58'303'966 bytes
                                                                                                                                                                                              MD5 hash:1B4FA73741B1E40003326D8BED4B39DC
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Reputation:low
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:3
                                                                                                                                                                                              Start time:06:40:29
                                                                                                                                                                                              Start date:19/12/2024
                                                                                                                                                                                              Path:C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:"C:\Users\user\Desktop\HmP9fn8NM9.exe"
                                                                                                                                                                                              Imagebase:0x7ff7774d0000
                                                                                                                                                                                              File size:58'303'966 bytes
                                                                                                                                                                                              MD5 hash:1B4FA73741B1E40003326D8BED4B39DC
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Reputation:low
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              Disassembly

                                                                                                                                                                                              Reset < >

                                                                                                                                                                                                Execution Graph

                                                                                                                                                                                                Execution Coverage:10%
                                                                                                                                                                                                Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                Signature Coverage:17.4%
                                                                                                                                                                                                Total number of Nodes:2000
                                                                                                                                                                                                Total number of Limit Nodes:41
                                                                                                                                                                                                execution_graph 19808 7ff7774fba73 19809 7ff7774fba83 19808->19809 19812 7ff7774e6308 LeaveCriticalSection 19809->19812 16450 7ff7774dc970 16451 7ff7774dc99e 16450->16451 16452 7ff7774dc985 16450->16452 16452->16451 16455 7ff7774ee48c 16452->16455 16456 7ff7774ee4d7 16455->16456 16461 7ff7774ee49b _get_daylight 16455->16461 16465 7ff7774e5d98 16456->16465 16457 7ff7774ee4be HeapAlloc 16459 7ff7774dc9fe 16457->16459 16457->16461 16461->16456 16461->16457 16462 7ff7774f4420 16461->16462 16468 7ff7774f4460 16462->16468 16474 7ff7774ec158 GetLastError 16465->16474 16467 7ff7774e5da1 16467->16459 16473 7ff7774f1168 EnterCriticalSection 16468->16473 16475 7ff7774ec17c 16474->16475 16476 7ff7774ec199 FlsSetValue 16474->16476 16475->16476 16489 7ff7774ec189 SetLastError 16475->16489 16477 7ff7774ec1ab 16476->16477 16476->16489 16491 7ff7774efa28 16477->16491 16481 7ff7774ec1d8 FlsSetValue 16484 7ff7774ec1f6 16481->16484 16485 7ff7774ec1e4 FlsSetValue 16481->16485 16482 7ff7774ec1c8 FlsSetValue 16483 7ff7774ec1d1 16482->16483 16498 7ff7774eb7d8 16483->16498 16504 7ff7774ebd84 16484->16504 16485->16483 16489->16467 16494 7ff7774efa39 _get_daylight 16491->16494 16492 7ff7774efa8a 16496 7ff7774e5d98 _get_daylight 10 API calls 16492->16496 16493 7ff7774efa6e HeapAlloc 16493->16494 16495 7ff7774ec1ba 16493->16495 16494->16492 16494->16493 16497 7ff7774f4420 _get_daylight 2 API calls 16494->16497 16495->16481 16495->16482 16496->16495 16497->16494 16499 7ff7774eb7dd RtlFreeHeap 16498->16499 16500 7ff7774eb80c 16498->16500 16499->16500 16501 7ff7774eb7f8 GetLastError 16499->16501 16500->16489 16502 7ff7774eb805 Concurrency::details::SchedulerProxy::DeleteThis 16501->16502 16503 7ff7774e5d98 _get_daylight 9 API calls 16502->16503 16503->16500 16509 7ff7774ebc5c 16504->16509 16521 7ff7774f1168 EnterCriticalSection 16509->16521 16523 7ff7774ea7f1 16535 7ff7774eb268 16523->16535 16540 7ff7774ebfe0 GetLastError 16535->16540 16541 7ff7774ec004 FlsGetValue 16540->16541 16542 7ff7774ec021 FlsSetValue 16540->16542 16543 7ff7774ec01b 16541->16543 16545 7ff7774ec011 16541->16545 16544 7ff7774ec033 16542->16544 16542->16545 16543->16542 16547 7ff7774efa28 _get_daylight 11 API calls 16544->16547 16546 7ff7774ec08d SetLastError 16545->16546 16549 7ff7774ec0ad 16546->16549 16550 7ff7774eb271 16546->16550 16548 7ff7774ec042 16547->16548 16551 7ff7774ec060 FlsSetValue 16548->16551 16552 7ff7774ec050 FlsSetValue 16548->16552 16553 7ff7774eb394 __GetCurrentState 38 API calls 16549->16553 16562 7ff7774eb394 16550->16562 16555 7ff7774ec07e 16551->16555 16556 7ff7774ec06c FlsSetValue 16551->16556 16554 7ff7774ec059 16552->16554 16557 7ff7774ec0b2 16553->16557 16558 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16554->16558 16559 7ff7774ebd84 _get_daylight 11 API calls 16555->16559 16556->16554 16558->16545 16560 7ff7774ec086 16559->16560 16561 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 16560->16561 16561->16546 16571 7ff7774f44e0 16562->16571 16605 7ff7774f4498 16571->16605 16610 7ff7774f1168 EnterCriticalSection 16605->16610 21375 7ff7774dd9e0 21376 7ff7774dd9f0 21375->21376 21392 7ff7774eaa38 21376->21392 21378 7ff7774dd9fc 21398 7ff7774ddcd8 21378->21398 21380 7ff7774ddfbc 7 API calls 21381 7ff7774dda95 21380->21381 21382 7ff7774dda14 _RTC_Initialize 21390 7ff7774dda69 21382->21390 21403 7ff7774dde88 21382->21403 21384 7ff7774dda29 21406 7ff7774e9ea4 21384->21406 21390->21380 21391 7ff7774dda85 21390->21391 21393 7ff7774eaa49 21392->21393 21394 7ff7774e5d98 _get_daylight 11 API calls 21393->21394 21397 7ff7774eaa51 21393->21397 21395 7ff7774eaa60 21394->21395 21396 7ff7774eb770 _invalid_parameter_noinfo 37 API calls 21395->21396 21396->21397 21397->21378 21399 7ff7774ddce9 21398->21399 21402 7ff7774ddcee __scrt_release_startup_lock 21398->21402 21400 7ff7774ddfbc 7 API calls 21399->21400 21399->21402 21401 7ff7774ddd62 21400->21401 21402->21382 21431 7ff7774dde4c 21403->21431 21405 7ff7774dde91 21405->21384 21407 7ff7774dda35 21406->21407 21408 7ff7774e9ec4 21406->21408 21407->21390 21430 7ff7774ddf5c InitializeSListHead 21407->21430 21409 7ff7774e9ee2 GetModuleFileNameW 21408->21409 21410 7ff7774e9ecc 21408->21410 21414 7ff7774e9f0d 21409->21414 21411 7ff7774e5d98 _get_daylight 11 API calls 21410->21411 21412 7ff7774e9ed1 21411->21412 21413 7ff7774eb770 _invalid_parameter_noinfo 37 API calls 21412->21413 21413->21407 21415 7ff7774e9e44 11 API calls 21414->21415 21416 7ff7774e9f4d 21415->21416 21417 7ff7774e9f55 21416->21417 21420 7ff7774e9f6d 21416->21420 21418 7ff7774e5d98 _get_daylight 11 API calls 21417->21418 21419 7ff7774e9f5a 21418->21419 21422 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 21419->21422 21421 7ff7774e9f8f 21420->21421 21424 7ff7774e9fd4 21420->21424 21425 7ff7774e9fbb 21420->21425 21423 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 21421->21423 21422->21407 21423->21407 21428 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 21424->21428 21426 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 21425->21426 21427 7ff7774e9fc4 21426->21427 21429 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 21427->21429 21428->21421 21429->21407 21432 7ff7774dde66 21431->21432 21434 7ff7774dde5f 21431->21434 21435 7ff7774eb07c 21432->21435 21434->21405 21438 7ff7774eacb8 21435->21438 21445 7ff7774f1168 EnterCriticalSection 21438->21445 19945 7ff7774ebe60 19946 7ff7774ebe65 19945->19946 19947 7ff7774ebe7a 19945->19947 19951 7ff7774ebe80 19946->19951 19952 7ff7774ebec2 19951->19952 19953 7ff7774ebeca 19951->19953 19954 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 19952->19954 19955 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 19953->19955 19954->19953 19956 7ff7774ebed7 19955->19956 19957 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 19956->19957 19958 7ff7774ebee4 19957->19958 19959 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 19958->19959 19960 7ff7774ebef1 19959->19960 19961 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 19960->19961 19962 7ff7774ebefe 19961->19962 19963 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 19962->19963 19964 7ff7774ebf0b 19963->19964 19965 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 19964->19965 19966 7ff7774ebf18 19965->19966 19967 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 19966->19967 19968 7ff7774ebf25 19967->19968 19969 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 19968->19969 19970 7ff7774ebf35 19969->19970 19971 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 19970->19971 19972 7ff7774ebf45 19971->19972 19977 7ff7774ebd24 19972->19977 19991 7ff7774f1168 EnterCriticalSection 19977->19991 21449 7ff7774eabe0 21452 7ff7774eab5c 21449->21452 21459 7ff7774f1168 EnterCriticalSection 21452->21459 19993 7ff7774fbc8e 19994 7ff7774fbc9d 19993->19994 19995 7ff7774fbca7 19993->19995 19997 7ff7774f11c8 LeaveCriticalSection 19994->19997 21493 7ff7774fbbf9 21496 7ff7774e6308 LeaveCriticalSection 21493->21496 20226 7ff7774f8ab0 20229 7ff7774f3480 20226->20229 20230 7ff7774f348d 20229->20230 20234 7ff7774f34d2 20229->20234 20235 7ff7774ec0b4 20230->20235 20236 7ff7774ec0c5 FlsGetValue 20235->20236 20237 7ff7774ec0e0 FlsSetValue 20235->20237 20238 7ff7774ec0d2 20236->20238 20239 7ff7774ec0da 20236->20239 20237->20238 20240 7ff7774ec0ed 20237->20240 20241 7ff7774eb394 __GetCurrentState 45 API calls 20238->20241 20243 7ff7774ec0d8 20238->20243 20239->20237 20242 7ff7774efa28 _get_daylight 11 API calls 20240->20242 20244 7ff7774ec155 20241->20244 20245 7ff7774ec0fc 20242->20245 20255 7ff7774f3154 20243->20255 20246 7ff7774ec11a FlsSetValue 20245->20246 20247 7ff7774ec10a FlsSetValue 20245->20247 20248 7ff7774ec126 FlsSetValue 20246->20248 20249 7ff7774ec138 20246->20249 20250 7ff7774ec113 20247->20250 20248->20250 20251 7ff7774ebd84 _get_daylight 11 API calls 20249->20251 20252 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 20250->20252 20253 7ff7774ec140 20251->20253 20252->20238 20254 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 20253->20254 20254->20243 20278 7ff7774f33c4 20255->20278 20257 7ff7774f3189 20293 7ff7774f2e54 20257->20293 20260 7ff7774ee48c _fread_nolock 12 API calls 20261 7ff7774f31b7 20260->20261 20262 7ff7774f31bf 20261->20262 20265 7ff7774f31ce 20261->20265 20263 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 20262->20263 20264 7ff7774f31a6 20263->20264 20264->20234 20265->20265 20300 7ff7774f34fc 20265->20300 20268 7ff7774f32ca 20269 7ff7774e5d98 _get_daylight 11 API calls 20268->20269 20270 7ff7774f32cf 20269->20270 20272 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 20270->20272 20271 7ff7774f3325 20274 7ff7774f338c 20271->20274 20311 7ff7774f2c84 20271->20311 20272->20264 20273 7ff7774f32e4 20273->20271 20276 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 20273->20276 20275 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 20274->20275 20275->20264 20276->20271 20279 7ff7774f33e7 20278->20279 20281 7ff7774f33f1 20279->20281 20326 7ff7774f1168 EnterCriticalSection 20279->20326 20283 7ff7774f3463 20281->20283 20285 7ff7774eb394 __GetCurrentState 45 API calls 20281->20285 20283->20257 20287 7ff7774f347b 20285->20287 20289 7ff7774ec0b4 50 API calls 20287->20289 20292 7ff7774f34d2 20287->20292 20290 7ff7774f34bc 20289->20290 20291 7ff7774f3154 65 API calls 20290->20291 20291->20292 20292->20257 20294 7ff7774e5ddc 45 API calls 20293->20294 20295 7ff7774f2e68 20294->20295 20296 7ff7774f2e86 20295->20296 20297 7ff7774f2e74 GetOEMCP 20295->20297 20298 7ff7774f2e9b 20296->20298 20299 7ff7774f2e8b GetACP 20296->20299 20297->20298 20298->20260 20298->20264 20299->20298 20301 7ff7774f2e54 47 API calls 20300->20301 20302 7ff7774f3529 20301->20302 20303 7ff7774f367f 20302->20303 20304 7ff7774f3566 IsValidCodePage 20302->20304 20310 7ff7774f3580 memcpy_s 20302->20310 20305 7ff7774dd3e0 _log10_special 8 API calls 20303->20305 20304->20303 20306 7ff7774f3577 20304->20306 20307 7ff7774f32c1 20305->20307 20308 7ff7774f35a6 GetCPInfo 20306->20308 20306->20310 20307->20268 20307->20273 20308->20303 20308->20310 20327 7ff7774f2f6c 20310->20327 20393 7ff7774f1168 EnterCriticalSection 20311->20393 20328 7ff7774f2fa9 GetCPInfo 20327->20328 20329 7ff7774f309f 20327->20329 20328->20329 20335 7ff7774f2fbc 20328->20335 20330 7ff7774dd3e0 _log10_special 8 API calls 20329->20330 20331 7ff7774f313e 20330->20331 20331->20303 20332 7ff7774f3cd0 48 API calls 20333 7ff7774f3033 20332->20333 20338 7ff7774f8a14 20333->20338 20335->20332 20337 7ff7774f8a14 54 API calls 20337->20329 20339 7ff7774e5ddc 45 API calls 20338->20339 20340 7ff7774f8a39 20339->20340 20343 7ff7774f86e0 20340->20343 20344 7ff7774f8721 20343->20344 20345 7ff7774f0730 _fread_nolock MultiByteToWideChar 20344->20345 20349 7ff7774f876b 20345->20349 20346 7ff7774f89e9 20348 7ff7774dd3e0 _log10_special 8 API calls 20346->20348 20347 7ff7774f88a1 20347->20346 20352 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 20347->20352 20350 7ff7774f3066 20348->20350 20349->20346 20349->20347 20351 7ff7774ee48c _fread_nolock 12 API calls 20349->20351 20353 7ff7774f87a3 20349->20353 20350->20337 20351->20353 20352->20346 20353->20347 20354 7ff7774f0730 _fread_nolock MultiByteToWideChar 20353->20354 20355 7ff7774f8816 20354->20355 20355->20347 20374 7ff7774eff74 20355->20374 20358 7ff7774f88b2 20360 7ff7774ee48c _fread_nolock 12 API calls 20358->20360 20362 7ff7774f8984 20358->20362 20364 7ff7774f88d0 20358->20364 20359 7ff7774f8861 20359->20347 20361 7ff7774eff74 __crtLCMapStringW 6 API calls 20359->20361 20360->20364 20361->20347 20362->20347 20363 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 20362->20363 20363->20347 20364->20347 20365 7ff7774eff74 __crtLCMapStringW 6 API calls 20364->20365 20366 7ff7774f8950 20365->20366 20366->20362 20367 7ff7774f8986 20366->20367 20368 7ff7774f8970 20366->20368 20370 7ff7774f1678 WideCharToMultiByte 20367->20370 20369 7ff7774f1678 WideCharToMultiByte 20368->20369 20371 7ff7774f897e 20369->20371 20370->20371 20371->20362 20372 7ff7774f899e 20371->20372 20372->20347 20373 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 20372->20373 20373->20347 20380 7ff7774efba0 20374->20380 20377 7ff7774effba 20377->20347 20377->20358 20377->20359 20379 7ff7774f0023 LCMapStringW 20379->20377 20381 7ff7774efbf8 __vcrt_FlsAlloc 20380->20381 20382 7ff7774efbfd 20380->20382 20381->20382 20383 7ff7774efc2d LoadLibraryExW 20381->20383 20384 7ff7774efd22 GetProcAddress 20381->20384 20389 7ff7774efc8c LoadLibraryExW 20381->20389 20382->20377 20390 7ff7774f0060 20382->20390 20385 7ff7774efd02 20383->20385 20386 7ff7774efc52 GetLastError 20383->20386 20384->20382 20388 7ff7774efd33 20384->20388 20385->20384 20387 7ff7774efd19 FreeLibrary 20385->20387 20386->20381 20387->20384 20388->20382 20389->20381 20389->20385 20391 7ff7774efba0 __crtLCMapStringW 5 API calls 20390->20391 20392 7ff7774f008e __crtLCMapStringW 20391->20392 20392->20379 21515 7ff7774ed3b0 21526 7ff7774f1168 EnterCriticalSection 21515->21526 20394 7ff7774e62a0 20395 7ff7774e62ab 20394->20395 20403 7ff7774f0134 20395->20403 20416 7ff7774f1168 EnterCriticalSection 20403->20416 19641 7ff7774f081c 19642 7ff7774f0a0e 19641->19642 19644 7ff7774f085e _isindst 19641->19644 19643 7ff7774e5d98 _get_daylight 11 API calls 19642->19643 19661 7ff7774f09fe 19643->19661 19644->19642 19647 7ff7774f08de _isindst 19644->19647 19645 7ff7774dd3e0 _log10_special 8 API calls 19646 7ff7774f0a29 19645->19646 19662 7ff7774f7024 19647->19662 19652 7ff7774f0a3a 19653 7ff7774eb790 _isindst 17 API calls 19652->19653 19656 7ff7774f0a4e 19653->19656 19659 7ff7774f093b 19659->19661 19686 7ff7774f7068 19659->19686 19661->19645 19663 7ff7774f7033 19662->19663 19664 7ff7774f08fc 19662->19664 19693 7ff7774f1168 EnterCriticalSection 19663->19693 19668 7ff7774f6428 19664->19668 19669 7ff7774f6431 19668->19669 19671 7ff7774f0911 19668->19671 19670 7ff7774e5d98 _get_daylight 11 API calls 19669->19670 19672 7ff7774f6436 19670->19672 19671->19652 19674 7ff7774f6458 19671->19674 19673 7ff7774eb770 _invalid_parameter_noinfo 37 API calls 19672->19673 19673->19671 19675 7ff7774f6461 19674->19675 19676 7ff7774f0922 19674->19676 19677 7ff7774e5d98 _get_daylight 11 API calls 19675->19677 19676->19652 19680 7ff7774f6488 19676->19680 19678 7ff7774f6466 19677->19678 19679 7ff7774eb770 _invalid_parameter_noinfo 37 API calls 19678->19679 19679->19676 19681 7ff7774f6491 19680->19681 19682 7ff7774f0933 19680->19682 19683 7ff7774e5d98 _get_daylight 11 API calls 19681->19683 19682->19652 19682->19659 19684 7ff7774f6496 19683->19684 19685 7ff7774eb770 _invalid_parameter_noinfo 37 API calls 19684->19685 19685->19682 19694 7ff7774f1168 EnterCriticalSection 19686->19694 16675 7ff7774ddacc 16696 7ff7774ddc9c 16675->16696 16678 7ff7774ddc18 16898 7ff7774ddfbc IsProcessorFeaturePresent 16678->16898 16679 7ff7774ddae8 __scrt_acquire_startup_lock 16681 7ff7774ddc22 16679->16681 16688 7ff7774ddb06 __scrt_release_startup_lock 16679->16688 16682 7ff7774ddfbc 7 API calls 16681->16682 16684 7ff7774ddc2d __GetCurrentState 16682->16684 16683 7ff7774ddb2b 16685 7ff7774ddbb1 16702 7ff7774de104 16685->16702 16687 7ff7774ddbb6 16705 7ff7774d1000 16687->16705 16688->16683 16688->16685 16887 7ff7774ea9bc 16688->16887 16693 7ff7774ddbd9 16693->16684 16894 7ff7774dde20 16693->16894 16697 7ff7774ddca4 16696->16697 16698 7ff7774ddcb0 __scrt_dllmain_crt_thread_attach 16697->16698 16699 7ff7774ddcbd 16698->16699 16701 7ff7774ddae0 16698->16701 16699->16701 16905 7ff7774de718 16699->16905 16701->16678 16701->16679 16932 7ff7774fb360 16702->16932 16706 7ff7774d1009 16705->16706 16934 7ff7774e6314 16706->16934 16708 7ff7774d3caa 16941 7ff7774d2770 16708->16941 16713 7ff7774d2770 53 API calls 16714 7ff7774d3ce7 16713->16714 16716 7ff7774d2770 53 API calls 16714->16716 16715 7ff7774dd3e0 _log10_special 8 API calls 16717 7ff7774d4638 16715->16717 16718 7ff7774d3cf3 16716->16718 16892 7ff7774de148 GetModuleHandleW 16717->16892 16978 7ff7774d1950 16718->16978 16721 7ff7774d3e2b 16723 7ff7774d2770 53 API calls 16721->16723 16722 7ff7774d3d0b 17172 7ff7774d1cc0 16722->17172 16725 7ff7774d3e37 16723->16725 17181 7ff7774d4c50 16725->17181 16726 7ff7774d3d29 16728 7ff7774d2770 53 API calls 16726->16728 16730 7ff7774d3d50 16728->16730 16732 7ff7774d2770 53 API calls 16730->16732 16731 7ff7774d3e4e 16736 7ff7774d2770 53 API calls 16731->16736 16733 7ff7774d3d84 16732->16733 17038 7ff7774d9640 16733->17038 16738 7ff7774d3e9c 16736->16738 16737 7ff7774d3e7e 16739 7ff7774d3e83 16737->16739 16740 7ff7774d3eb5 16737->16740 17215 7ff7774d2960 16738->17215 17211 7ff7774e0edc 16739->17211 16743 7ff7774d1cc0 49 API calls 16740->16743 16745 7ff7774d3ed3 16743->16745 16744 7ff7774d3db2 17176 7ff7774d97b0 16744->17176 16750 7ff7774d2770 53 API calls 16745->16750 16746 7ff7774d3d93 16746->16744 16748 7ff7774d2770 53 API calls 16746->16748 16749 7ff7774d3dc1 __vcrt_freefls 16746->16749 16748->16744 16751 7ff7774d9640 14 API calls 16749->16751 16773 7ff7774d3f57 __vcrt_freefls 16749->16773 16754 7ff7774d3f05 16750->16754 16755 7ff7774d3de1 16751->16755 16753 7ff7774d3f88 16758 7ff7774d97b0 40 API calls 16753->16758 16759 7ff7774d1950 119 API calls 16754->16759 16756 7ff7774d3f65 16755->16756 16757 7ff7774d3ded 16755->16757 16762 7ff7774d2770 53 API calls 16756->16762 16760 7ff7774d2770 53 API calls 16757->16760 16761 7ff7774d3f94 16758->16761 16763 7ff7774d3f0d 16759->16763 16769 7ff7774d3dfc 16760->16769 16765 7ff7774d97b0 40 API calls 16761->16765 16762->16773 16763->16726 16764 7ff7774d3f1d 16763->16764 16766 7ff7774d2960 56 API calls 16764->16766 16767 7ff7774d3fa0 16765->16767 16831 7ff7774d3cc6 __vcrt_freefls 16766->16831 16768 7ff7774d97b0 40 API calls 16767->16768 16770 7ff7774d3fac 16768->16770 16771 7ff7774d2770 53 API calls 16769->16771 16772 7ff7774d9640 14 API calls 16770->16772 16771->16773 16774 7ff7774d3fc0 16772->16774 16773->16770 17226 7ff7774d9750 16773->17226 16775 7ff7774d3fe5 __vcrt_freefls 16774->16775 16776 7ff7774d40bc 16774->16776 16778 7ff7774d2770 53 API calls 16775->16778 16777 7ff7774d2960 56 API calls 16776->16777 16777->16831 16779 7ff7774d4010 16778->16779 16780 7ff7774d9750 40 API calls 16779->16780 16795 7ff7774d4038 16779->16795 16780->16795 16781 7ff7774d9640 14 API calls 16782 7ff7774d4183 __vcrt_freefls 16781->16782 16783 7ff7774d42f4 16782->16783 16784 7ff7774d41bd 16782->16784 17233 7ff7774d4b70 16783->17233 16786 7ff7774d4258 16784->16786 16787 7ff7774d41c9 16784->16787 16789 7ff7774d2770 53 API calls 16786->16789 16788 7ff7774d2770 53 API calls 16787->16788 16791 7ff7774d41d5 16788->16791 16792 7ff7774d4278 16789->16792 16790 7ff7774d4301 16793 7ff7774d4323 16790->16793 16794 7ff7774d4317 16790->16794 16796 7ff7774d2770 53 API calls 16791->16796 16797 7ff7774d9640 14 API calls 16792->16797 16799 7ff7774d1cc0 49 API calls 16793->16799 17236 7ff7774d4cc0 16794->17236 16795->16781 16800 7ff7774d41e1 16796->16800 16801 7ff7774d4284 16797->16801 16820 7ff7774d4253 __vcrt_freefls 16799->16820 17051 7ff7774d9e70 16800->17051 16804 7ff7774d42de 16801->16804 16808 7ff7774d4291 16801->16808 16802 7ff7774d2770 53 API calls 16805 7ff7774d4348 16802->16805 16807 7ff7774d2960 56 API calls 16804->16807 16809 7ff7774d43b5 16805->16809 16817 7ff7774d4366 SetDllDirectoryW 16805->16817 16807->16831 16812 7ff7774d1cc0 49 API calls 16808->16812 17107 7ff7774da220 16809->17107 16810 7ff7774d41f2 16813 7ff7774d2960 56 API calls 16810->16813 16811 7ff7774d4208 16814 7ff7774d2770 53 API calls 16811->16814 16816 7ff7774d42af 16812->16816 16813->16831 16818 7ff7774d421b 16814->16818 16816->16820 16821 7ff7774d42b6 16816->16821 16822 7ff7774d2880 50 API calls 16817->16822 17070 7ff7774d9450 16818->17070 16819 7ff7774d43c8 16824 7ff7774d43e3 16819->16824 16825 7ff7774d43cd 16819->16825 16820->16802 16826 7ff7774d2960 56 API calls 16821->16826 16828 7ff7774d4381 LoadLibraryExW 16822->16828 17112 7ff7774d2880 16824->17112 16830 7ff7774d2960 56 API calls 16825->16830 16826->16831 16833 7ff7774d43a9 16828->16833 16830->16831 16831->16715 16838 7ff7774d2880 50 API calls 16833->16838 16834 7ff7774d423d 16836 7ff7774d2770 53 API calls 16834->16836 16835 7ff7774d4227 16839 7ff7774d2960 56 API calls 16835->16839 16836->16820 16837 7ff7774d441d 16840 7ff7774d9640 14 API calls 16837->16840 16838->16809 16839->16831 16841 7ff7774d4429 __vcrt_freefls 16840->16841 16848 7ff7774d4451 16841->16848 16849 7ff7774d446e 16841->16849 16842 7ff7774d2770 53 API calls 16881 7ff7774d446c 16842->16881 16843 7ff7774d458c 16845 7ff7774d4595 PostMessageW GetMessageW 16843->16845 16847 7ff7774d45b8 16843->16847 16844 7ff7774d44c6 17121 7ff7774d3970 16844->17121 16845->16847 17348 7ff7774d35e0 16847->17348 16852 7ff7774d2770 53 API calls 16848->16852 16850 7ff7774d4493 16849->16850 16851 7ff7774d4476 16849->16851 16857 7ff7774d4411 16850->16857 16858 7ff7774d44d7 16850->16858 16854 7ff7774d2770 53 API calls 16851->16854 16853 7ff7774d445d 16852->16853 16856 7ff7774d9750 40 API calls 16853->16856 16859 7ff7774d4482 16854->16859 16856->16881 16857->16842 16861 7ff7774d2770 53 API calls 16858->16861 16862 7ff7774d9750 40 API calls 16859->16862 16860 7ff7774d45c8 17362 7ff7774d3910 16860->17362 16864 7ff7774d44e3 16861->16864 16862->16881 17239 7ff7774d75e0 16864->17239 16867 7ff7774d77e0 54 API calls 16869 7ff7774d45de 16867->16869 16872 7ff7774d2770 53 API calls 16869->16872 16871 7ff7774d44fd 16873 7ff7774d2770 53 API calls 16871->16873 16886 7ff7774d4501 16871->16886 16872->16831 16875 7ff7774d4516 16873->16875 16877 7ff7774d4536 16875->16877 16879 7ff7774d2770 53 API calls 16875->16879 16877->16886 17279 7ff7774d7ab0 16877->17279 16882 7ff7774d452b 16879->16882 16881->16843 16881->16844 17260 7ff7774d7620 16882->17260 16886->16881 17305 7ff7774d2cb0 16886->17305 16888 7ff7774ea9d3 16887->16888 16889 7ff7774ea9f4 16887->16889 16888->16685 16890 7ff7774eb268 45 API calls 16889->16890 16891 7ff7774ea9f9 16890->16891 16893 7ff7774de159 16892->16893 16893->16693 16895 7ff7774dde31 16894->16895 16896 7ff7774ddbf0 16895->16896 16897 7ff7774de718 7 API calls 16895->16897 16896->16683 16897->16896 16899 7ff7774ddfe2 _isindst memcpy_s 16898->16899 16900 7ff7774de001 RtlCaptureContext RtlLookupFunctionEntry 16899->16900 16901 7ff7774de066 memcpy_s 16900->16901 16902 7ff7774de02a RtlVirtualUnwind 16900->16902 16903 7ff7774de098 IsDebuggerPresent SetUnhandledExceptionFilter UnhandledExceptionFilter 16901->16903 16902->16901 16904 7ff7774de0e6 _isindst 16903->16904 16904->16681 16906 7ff7774de720 16905->16906 16907 7ff7774de72a 16905->16907 16911 7ff7774deab4 16906->16911 16907->16701 16912 7ff7774deac3 16911->16912 16913 7ff7774de725 16911->16913 16919 7ff7774decf0 16912->16919 16915 7ff7774deb20 16913->16915 16916 7ff7774deb4b 16915->16916 16917 7ff7774deb4f 16916->16917 16918 7ff7774deb2e DeleteCriticalSection 16916->16918 16917->16907 16918->16916 16923 7ff7774deb58 16919->16923 16924 7ff7774deb9c __vcrt_FlsAlloc 16923->16924 16930 7ff7774dec42 TlsFree 16923->16930 16925 7ff7774debca LoadLibraryExW 16924->16925 16926 7ff7774dec89 GetProcAddress 16924->16926 16924->16930 16931 7ff7774dec0d LoadLibraryExW 16924->16931 16927 7ff7774debeb GetLastError 16925->16927 16928 7ff7774dec69 16925->16928 16926->16930 16927->16924 16928->16926 16929 7ff7774dec80 FreeLibrary 16928->16929 16929->16926 16931->16924 16931->16928 16933 7ff7774de11b GetStartupInfoW 16932->16933 16933->16687 16937 7ff7774f0310 16934->16937 16935 7ff7774f0363 16936 7ff7774eb6a4 _invalid_parameter_noinfo 37 API calls 16935->16936 16940 7ff7774f038c 16936->16940 16937->16935 16938 7ff7774f03b6 16937->16938 17369 7ff7774f01e8 16938->17369 16940->16708 16942 7ff7774d2794 16941->16942 16943 7ff7774d1cc0 49 API calls 16942->16943 16944 7ff7774d27e5 16943->16944 17377 7ff7774e5814 16944->17377 16947 7ff7774da220 2 API calls 16948 7ff7774d283a 16947->16948 16949 7ff7774d284f OutputDebugStringA 16948->16949 16950 7ff7774d283f OutputDebugStringW 16948->16950 16951 7ff7774d285a 16949->16951 16950->16951 16952 7ff7774dd3e0 _log10_special 8 API calls 16951->16952 16953 7ff7774d286a 16952->16953 16954 7ff7774d3b40 16953->16954 17737 7ff7774dd6e0 16954->17737 16957 7ff7774d3ba0 17739 7ff7774da110 FindFirstFileExW 16957->17739 16958 7ff7774d3b7b GetLastError 17744 7ff7774d2ec0 16958->17744 16961 7ff7774d3b96 16966 7ff7774dd3e0 _log10_special 8 API calls 16961->16966 16963 7ff7774d3bb2 16965 7ff7774d2880 50 API calls 16963->16965 16964 7ff7774d3c22 17771 7ff7774da2d0 16964->17771 16968 7ff7774d3bc3 16965->16968 16969 7ff7774d3c61 16966->16969 17759 7ff7774da190 CreateFileW 16968->17759 16969->16713 16969->16831 16970 7ff7774d3c30 16970->16961 16973 7ff7774d2a60 51 API calls 16970->16973 16973->16961 16974 7ff7774d3bf1 __vcrt_FlsAlloc 16974->16964 16975 7ff7774d3bd9 17762 7ff7774d2a60 16975->17762 16979 7ff7774d2770 53 API calls 16978->16979 16980 7ff7774d1988 16979->16980 16981 7ff7774d4c50 108 API calls 16980->16981 16982 7ff7774d1997 16981->16982 16983 7ff7774d19b5 16982->16983 16984 7ff7774d199f 16982->16984 16986 7ff7774d88f0 89 API calls 16983->16986 16985 7ff7774d2770 53 API calls 16984->16985 16988 7ff7774d19ae 16985->16988 16987 7ff7774d19ef 16986->16987 16989 7ff7774d19f7 16987->16989 16990 7ff7774d1a08 16987->16990 16993 7ff7774dd3e0 _log10_special 8 API calls 16988->16993 16991 7ff7774d2770 53 API calls 16989->16991 16992 7ff7774d2770 53 API calls 16990->16992 17037 7ff7774d1a03 16991->17037 16994 7ff7774d1a17 16992->16994 16995 7ff7774d1c9e 16993->16995 17974 7ff7774e1564 16994->17974 16995->16721 16995->16722 16997 7ff7774d1a25 16999 7ff7774d1a48 16997->16999 17000 7ff7774d1a29 16997->17000 16998 7ff7774e0edc 74 API calls 16998->16988 17978 7ff7774e122c 16999->17978 17001 7ff7774e5d98 _get_daylight 11 API calls 17000->17001 17004 7ff7774d1a2e 17001->17004 17981 7ff7774d2b70 17004->17981 17005 7ff7774d1a66 17007 7ff7774e5d98 _get_daylight 11 API calls 17005->17007 17009 7ff7774d1a6b 17007->17009 17008 7ff7774d1a85 17011 7ff7774d1abb 17008->17011 17012 7ff7774d1a9c 17008->17012 17010 7ff7774d2b70 56 API calls 17009->17010 17010->17037 17014 7ff7774d1cc0 49 API calls 17011->17014 17013 7ff7774e5d98 _get_daylight 11 API calls 17012->17013 17016 7ff7774d1aa1 17013->17016 17015 7ff7774d1ad2 17014->17015 17017 7ff7774d1cc0 49 API calls 17015->17017 17018 7ff7774d2b70 56 API calls 17016->17018 17019 7ff7774d1b1d 17017->17019 17018->17037 17020 7ff7774e1564 73 API calls 17019->17020 17021 7ff7774d1b41 17020->17021 17022 7ff7774d1b75 17021->17022 17023 7ff7774d1b56 17021->17023 17025 7ff7774e122c _fread_nolock 53 API calls 17022->17025 17024 7ff7774e5d98 _get_daylight 11 API calls 17023->17024 17026 7ff7774d1b5b 17024->17026 17027 7ff7774d1b8a 17025->17027 17028 7ff7774d2b70 56 API calls 17026->17028 17029 7ff7774d1baf 17027->17029 17030 7ff7774d1b90 17027->17030 17028->17037 17996 7ff7774e0fa0 17029->17996 17031 7ff7774e5d98 _get_daylight 11 API calls 17030->17031 17033 7ff7774d1b95 17031->17033 17035 7ff7774d2b70 56 API calls 17033->17035 17035->17037 17036 7ff7774d2960 56 API calls 17036->17037 17037->16998 17039 7ff7774d964a 17038->17039 17040 7ff7774da220 2 API calls 17039->17040 17041 7ff7774d9669 GetEnvironmentVariableW 17040->17041 17042 7ff7774d9686 ExpandEnvironmentStringsW 17041->17042 17043 7ff7774d96d2 17041->17043 17042->17043 17044 7ff7774d96a8 17042->17044 17045 7ff7774dd3e0 _log10_special 8 API calls 17043->17045 17046 7ff7774da2d0 2 API calls 17044->17046 17047 7ff7774d96e4 17045->17047 17048 7ff7774d96ba 17046->17048 17047->16746 17049 7ff7774dd3e0 _log10_special 8 API calls 17048->17049 17050 7ff7774d96ca 17049->17050 17050->16746 17052 7ff7774d9e85 17051->17052 18058 7ff7774d9360 GetCurrentProcess OpenProcessToken 17052->18058 17055 7ff7774d9360 7 API calls 17056 7ff7774d9eb1 17055->17056 17057 7ff7774d9ee4 17056->17057 17058 7ff7774d9eca 17056->17058 17059 7ff7774d2710 48 API calls 17057->17059 17060 7ff7774d2710 48 API calls 17058->17060 17061 7ff7774d9ef7 LocalFree LocalFree 17059->17061 17062 7ff7774d9ee2 17060->17062 17063 7ff7774d9f23 17061->17063 17064 7ff7774d9f13 17061->17064 17062->17061 17066 7ff7774d2880 50 API calls 17063->17066 18068 7ff7774d2db0 17064->18068 17067 7ff7774d9f1f 17066->17067 17068 7ff7774dd3e0 _log10_special 8 API calls 17067->17068 17069 7ff7774d41e6 17068->17069 17069->16810 17069->16811 17071 7ff7774d9468 17070->17071 17072 7ff7774d94f6 GetTempPathW 17071->17072 17073 7ff7774d948c 17071->17073 17075 7ff7774d2880 50 API calls 17072->17075 17074 7ff7774d9640 14 API calls 17073->17074 17076 7ff7774d9498 17074->17076 17077 7ff7774d9517 GetCurrentProcessId 17075->17077 18084 7ff7774d8c50 17076->18084 18077 7ff7774d2600 17077->18077 17081 7ff7774d94d8 __vcrt_freefls 17088 7ff7774d95e4 __vcrt_freefls 17081->17088 17084 7ff7774d94be __vcrt_freefls 17091 7ff7774d94cc 17084->17091 17092 7ff7774d94ea 17084->17092 17087 7ff7774d9535 __vcrt_freefls 17097 7ff7774d9575 __vcrt_freefls 17087->17097 18081 7ff7774e99f8 17087->18081 17089 7ff7774dd3e0 _log10_special 8 API calls 17088->17089 17093 7ff7774d4223 17089->17093 17095 7ff7774d2a60 51 API calls 17091->17095 17096 7ff7774d2880 50 API calls 17092->17096 17093->16834 17093->16835 17095->17081 17096->17072 17097->17088 17099 7ff7774da220 2 API calls 17097->17099 17100 7ff7774d95c1 17099->17100 17101 7ff7774d95c6 17100->17101 17102 7ff7774d95f9 17100->17102 17103 7ff7774da220 2 API calls 17101->17103 17104 7ff7774e90c8 38 API calls 17102->17104 17105 7ff7774d95d6 17103->17105 17104->17088 17106 7ff7774e90c8 38 API calls 17105->17106 17106->17088 17108 7ff7774da242 MultiByteToWideChar 17107->17108 17111 7ff7774da266 17107->17111 17110 7ff7774da27c __vcrt_freefls 17108->17110 17108->17111 17109 7ff7774da283 MultiByteToWideChar 17109->17110 17110->16819 17111->17109 17111->17110 17113 7ff7774dd6e0 17112->17113 17114 7ff7774d28a4 GetCurrentProcessId 17113->17114 17115 7ff7774d2710 48 API calls 17114->17115 17116 7ff7774d28f5 17115->17116 17117 7ff7774e5a68 48 API calls 17116->17117 17118 7ff7774d2933 OutputDebugStringW 17117->17118 17119 7ff7774dd3e0 _log10_special 8 API calls 17118->17119 17120 7ff7774d294e SetDllDirectoryW 17119->17120 17120->16837 17120->16857 17122 7ff7774d2770 53 API calls 17121->17122 17123 7ff7774d3989 17122->17123 18382 7ff7774d3660 17123->18382 17126 7ff7774d3995 17128 7ff7774d2770 53 API calls 17126->17128 17127 7ff7774d39b1 18401 7ff7774d9e50 LocalFree 17127->18401 17130 7ff7774d39a1 17128->17130 17130->16831 17173 7ff7774d1ce5 17172->17173 17174 7ff7774e5814 49 API calls 17173->17174 17175 7ff7774d1d08 17174->17175 17175->16726 17177 7ff7774da220 2 API calls 17176->17177 17178 7ff7774d97c4 17177->17178 17179 7ff7774e90c8 38 API calls 17178->17179 17180 7ff7774d97d6 __vcrt_freefls 17179->17180 17180->16749 17182 7ff7774d4c5c 17181->17182 17183 7ff7774da220 2 API calls 17182->17183 17184 7ff7774d4c84 17183->17184 17185 7ff7774da220 2 API calls 17184->17185 17186 7ff7774d4c97 17185->17186 18718 7ff7774e6e24 17186->18718 17189 7ff7774dd3e0 _log10_special 8 API calls 17190 7ff7774d3e46 17189->17190 17190->16731 17191 7ff7774d88f0 17190->17191 17192 7ff7774d8914 17191->17192 17193 7ff7774d8932 17192->17193 17194 7ff7774d891c 17192->17194 17196 7ff7774e1564 73 API calls 17193->17196 17195 7ff7774d2770 53 API calls 17194->17195 17209 7ff7774d892d __vcrt_freefls 17195->17209 17197 7ff7774d8942 17196->17197 17198 7ff7774d8946 17197->17198 17199 7ff7774d8957 17197->17199 17200 7ff7774d2770 53 API calls 17198->17200 19109 7ff7774e8758 17199->19109 17200->17209 17202 7ff7774d8964 17203 7ff7774d896c 17202->17203 17210 7ff7774d897d 17202->17210 17204 7ff7774d2770 53 API calls 17203->17204 17204->17209 17205 7ff7774e1564 73 API calls 17205->17210 17206 7ff7774d8a26 17208 7ff7774d2770 53 API calls 17206->17208 17207 7ff7774e122c _fread_nolock 53 API calls 17207->17210 17208->17209 17209->16737 17210->17205 17210->17206 17210->17207 17210->17209 17212 7ff7774e0f0c 17211->17212 19124 7ff7774e0cb8 17212->19124 17214 7ff7774e0f25 17214->16731 17216 7ff7774dd6e0 17215->17216 17217 7ff7774d2984 GetCurrentProcessId 17216->17217 17218 7ff7774d1cc0 49 API calls 17217->17218 17219 7ff7774d29d7 17218->17219 17220 7ff7774e5814 49 API calls 17219->17220 17221 7ff7774d2a1f 17220->17221 17222 7ff7774d2660 14 API calls 17221->17222 17223 7ff7774d2a41 17222->17223 17224 7ff7774dd3e0 _log10_special 8 API calls 17223->17224 17225 7ff7774d2a51 17224->17225 17225->16831 17227 7ff7774da220 2 API calls 17226->17227 17228 7ff7774d976c 17227->17228 17229 7ff7774da220 2 API calls 17228->17229 17230 7ff7774d977c 17229->17230 17231 7ff7774e90c8 38 API calls 17230->17231 17232 7ff7774d978a __vcrt_freefls 17231->17232 17232->16753 17234 7ff7774d1cc0 49 API calls 17233->17234 17235 7ff7774d4b8d 17234->17235 17235->16790 17237 7ff7774d1cc0 49 API calls 17236->17237 17238 7ff7774d4cf0 17237->17238 17238->16820 17240 7ff7774d75f5 17239->17240 17241 7ff7774e5d98 _get_daylight 11 API calls 17240->17241 17244 7ff7774d44e8 17240->17244 17242 7ff7774d7602 17241->17242 17243 7ff7774d2b70 56 API calls 17242->17243 17243->17244 17245 7ff7774d7c80 17244->17245 19135 7ff7774d1470 17245->19135 17247 7ff7774d7ca8 17248 7ff7774d4cc0 49 API calls 17247->17248 17254 7ff7774d7df9 __vcrt_freefls 17247->17254 17249 7ff7774d7cca 17248->17249 17250 7ff7774d4cc0 49 API calls 17249->17250 17252 7ff7774d7ccf 17249->17252 17253 7ff7774d7cee 17250->17253 17251 7ff7774d2cb0 56 API calls 17251->17254 17252->17251 17253->17252 17255 7ff7774d4cc0 49 API calls 17253->17255 17254->16871 17256 7ff7774d7d0a 17255->17256 17256->17252 17257 7ff7774d7d13 17256->17257 17258 7ff7774d2960 56 API calls 17257->17258 17259 7ff7774d7d83 memcpy_s __vcrt_freefls 17257->17259 17258->17254 17259->16871 17261 7ff7774d763c 17260->17261 17280 7ff7774d2770 53 API calls 17279->17280 17281 7ff7774d7ad9 17280->17281 17306 7ff7774dd6e0 17305->17306 17307 7ff7774d2cd4 GetCurrentProcessId 17306->17307 17308 7ff7774d1cc0 49 API calls 17307->17308 17309 7ff7774d2d27 17308->17309 19245 7ff7774d6a60 17348->19245 17351 7ff7774d3648 17351->16860 17353 7ff7774d3601 17353->17351 19337 7ff7774d6700 17353->19337 19636 7ff7774d66b0 17362->19636 17364 7ff7774d391e 17365 7ff7774d3940 17364->17365 17366 7ff7774d2770 53 API calls 17364->17366 17365->16867 17367 7ff7774d3934 17366->17367 19640 7ff7774d9de0 FreeLibrary 17367->19640 17376 7ff7774e62fc EnterCriticalSection 17369->17376 17378 7ff7774e586e 17377->17378 17379 7ff7774e5893 17378->17379 17381 7ff7774e58cf 17378->17381 17380 7ff7774eb6a4 _invalid_parameter_noinfo 37 API calls 17379->17380 17383 7ff7774e58bd 17380->17383 17395 7ff7774e3aa0 17381->17395 17385 7ff7774dd3e0 _log10_special 8 API calls 17383->17385 17384 7ff7774e59ac 17386 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 17384->17386 17387 7ff7774d2822 17385->17387 17386->17383 17387->16947 17389 7ff7774e59d0 17389->17384 17391 7ff7774e59da 17389->17391 17390 7ff7774e5981 17392 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 17390->17392 17394 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 17391->17394 17392->17383 17393 7ff7774e5978 17393->17384 17393->17390 17394->17383 17396 7ff7774e3ade 17395->17396 17397 7ff7774e3ace 17395->17397 17398 7ff7774e3ae7 17396->17398 17407 7ff7774e3b15 17396->17407 17399 7ff7774eb6a4 _invalid_parameter_noinfo 37 API calls 17397->17399 17400 7ff7774eb6a4 _invalid_parameter_noinfo 37 API calls 17398->17400 17401 7ff7774e3b0d 17399->17401 17400->17401 17401->17384 17401->17389 17401->17390 17401->17393 17404 7ff7774e3dc4 17406 7ff7774eb6a4 _invalid_parameter_noinfo 37 API calls 17404->17406 17406->17397 17407->17397 17407->17401 17407->17404 17409 7ff7774e4430 17407->17409 17435 7ff7774e40f8 17407->17435 17465 7ff7774e3980 17407->17465 17468 7ff7774e5650 17407->17468 17410 7ff7774e44e5 17409->17410 17411 7ff7774e4472 17409->17411 17412 7ff7774e44ea 17410->17412 17417 7ff7774e453f 17410->17417 17413 7ff7774e450f 17411->17413 17414 7ff7774e4478 17411->17414 17415 7ff7774e451f 17412->17415 17416 7ff7774e44ec 17412->17416 17492 7ff7774e29e0 17413->17492 17420 7ff7774e447d 17414->17420 17424 7ff7774e454e 17414->17424 17499 7ff7774e25d0 17415->17499 17419 7ff7774e448d 17416->17419 17423 7ff7774e44fb 17416->17423 17417->17413 17417->17424 17433 7ff7774e44a8 17417->17433 17434 7ff7774e457d 17419->17434 17474 7ff7774e4d94 17419->17474 17420->17419 17425 7ff7774e44c0 17420->17425 17420->17433 17423->17413 17427 7ff7774e4500 17423->17427 17424->17434 17506 7ff7774e2df0 17424->17506 17425->17434 17484 7ff7774e5250 17425->17484 17427->17434 17488 7ff7774e53e8 17427->17488 17429 7ff7774dd3e0 _log10_special 8 API calls 17431 7ff7774e4813 17429->17431 17431->17407 17433->17434 17513 7ff7774ef6e8 17433->17513 17434->17429 17436 7ff7774e4103 17435->17436 17437 7ff7774e4119 17435->17437 17439 7ff7774e44e5 17436->17439 17440 7ff7774e4472 17436->17440 17455 7ff7774e4157 17436->17455 17438 7ff7774eb6a4 _invalid_parameter_noinfo 37 API calls 17437->17438 17437->17455 17438->17455 17443 7ff7774e453f 17439->17443 17444 7ff7774e44ea 17439->17444 17441 7ff7774e450f 17440->17441 17442 7ff7774e4478 17440->17442 17447 7ff7774e29e0 38 API calls 17441->17447 17449 7ff7774e447d 17442->17449 17452 7ff7774e454e 17442->17452 17443->17441 17443->17452 17463 7ff7774e44a8 17443->17463 17445 7ff7774e451f 17444->17445 17446 7ff7774e44ec 17444->17446 17450 7ff7774e25d0 38 API calls 17445->17450 17448 7ff7774e448d 17446->17448 17456 7ff7774e44fb 17446->17456 17447->17463 17451 7ff7774e4d94 47 API calls 17448->17451 17464 7ff7774e457d 17448->17464 17449->17448 17453 7ff7774e44c0 17449->17453 17449->17463 17450->17463 17451->17463 17454 7ff7774e2df0 38 API calls 17452->17454 17452->17464 17457 7ff7774e5250 47 API calls 17453->17457 17453->17464 17454->17463 17455->17407 17456->17441 17458 7ff7774e4500 17456->17458 17457->17463 17460 7ff7774e53e8 37 API calls 17458->17460 17458->17464 17459 7ff7774dd3e0 _log10_special 8 API calls 17461 7ff7774e4813 17459->17461 17460->17463 17461->17407 17462 7ff7774ef6e8 47 API calls 17462->17463 17463->17462 17463->17464 17464->17459 17696 7ff7774e1ba4 17465->17696 17469 7ff7774e5667 17468->17469 17713 7ff7774ee848 17469->17713 17475 7ff7774e4db6 17474->17475 17523 7ff7774e1a10 17475->17523 17480 7ff7774e5650 45 API calls 17482 7ff7774e4ef3 17480->17482 17481 7ff7774e5650 45 API calls 17483 7ff7774e4f7c 17481->17483 17482->17481 17482->17482 17482->17483 17483->17433 17485 7ff7774e52d0 17484->17485 17486 7ff7774e5268 17484->17486 17485->17433 17486->17485 17487 7ff7774ef6e8 47 API calls 17486->17487 17487->17485 17491 7ff7774e5409 17488->17491 17489 7ff7774eb6a4 _invalid_parameter_noinfo 37 API calls 17490 7ff7774e543a 17489->17490 17490->17433 17491->17489 17491->17490 17493 7ff7774e2a13 17492->17493 17494 7ff7774e2a42 17493->17494 17496 7ff7774e2aff 17493->17496 17495 7ff7774e1a10 12 API calls 17494->17495 17498 7ff7774e2a7f 17494->17498 17495->17498 17497 7ff7774eb6a4 _invalid_parameter_noinfo 37 API calls 17496->17497 17497->17498 17498->17433 17500 7ff7774e2603 17499->17500 17501 7ff7774e2632 17500->17501 17503 7ff7774e26ef 17500->17503 17502 7ff7774e1a10 12 API calls 17501->17502 17505 7ff7774e266f 17501->17505 17502->17505 17504 7ff7774eb6a4 _invalid_parameter_noinfo 37 API calls 17503->17504 17504->17505 17505->17433 17507 7ff7774e2e23 17506->17507 17508 7ff7774e2e52 17507->17508 17510 7ff7774e2f0f 17507->17510 17509 7ff7774e1a10 12 API calls 17508->17509 17512 7ff7774e2e8f 17508->17512 17509->17512 17511 7ff7774eb6a4 _invalid_parameter_noinfo 37 API calls 17510->17511 17511->17512 17512->17433 17514 7ff7774ef710 17513->17514 17515 7ff7774ef755 17514->17515 17516 7ff7774e5650 45 API calls 17514->17516 17519 7ff7774ef715 memcpy_s 17514->17519 17522 7ff7774ef73e memcpy_s 17514->17522 17515->17519 17515->17522 17693 7ff7774f1678 17515->17693 17516->17515 17517 7ff7774eb6a4 _invalid_parameter_noinfo 37 API calls 17517->17519 17519->17433 17522->17517 17522->17519 17524 7ff7774e1a47 17523->17524 17530 7ff7774e1a36 17523->17530 17525 7ff7774ee48c _fread_nolock 12 API calls 17524->17525 17524->17530 17526 7ff7774e1a74 17525->17526 17527 7ff7774e1a88 17526->17527 17528 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 17526->17528 17529 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 17527->17529 17528->17527 17529->17530 17531 7ff7774ef400 17530->17531 17532 7ff7774ef450 17531->17532 17533 7ff7774ef41d 17531->17533 17532->17533 17535 7ff7774ef482 17532->17535 17534 7ff7774eb6a4 _invalid_parameter_noinfo 37 API calls 17533->17534 17550 7ff7774e4ed1 17534->17550 17541 7ff7774ef595 17535->17541 17542 7ff7774ef4ca 17535->17542 17536 7ff7774ef687 17586 7ff7774ee8ec 17536->17586 17538 7ff7774ef64d 17579 7ff7774eec84 17538->17579 17540 7ff7774ef61c 17572 7ff7774eef64 17540->17572 17541->17536 17541->17538 17541->17540 17543 7ff7774ef5df 17541->17543 17545 7ff7774ef5d5 17541->17545 17542->17550 17553 7ff7774eb334 17542->17553 17562 7ff7774ef194 17543->17562 17545->17538 17547 7ff7774ef5da 17545->17547 17547->17540 17547->17543 17550->17480 17550->17482 17551 7ff7774eb790 _isindst 17 API calls 17552 7ff7774ef6e4 17551->17552 17554 7ff7774eb341 17553->17554 17555 7ff7774eb34b 17553->17555 17554->17555 17560 7ff7774eb366 17554->17560 17556 7ff7774e5d98 _get_daylight 11 API calls 17555->17556 17557 7ff7774eb352 17556->17557 17559 7ff7774eb770 _invalid_parameter_noinfo 37 API calls 17557->17559 17558 7ff7774eb35e 17558->17550 17558->17551 17559->17558 17560->17558 17561 7ff7774e5d98 _get_daylight 11 API calls 17560->17561 17561->17557 17595 7ff7774f4f3c 17562->17595 17566 7ff7774ef23c 17567 7ff7774ef240 17566->17567 17568 7ff7774ef291 17566->17568 17570 7ff7774ef25c 17566->17570 17567->17550 17648 7ff7774eed80 17568->17648 17644 7ff7774ef03c 17570->17644 17573 7ff7774f4f3c 38 API calls 17572->17573 17574 7ff7774eefae 17573->17574 17575 7ff7774f4984 37 API calls 17574->17575 17576 7ff7774eeffe 17575->17576 17577 7ff7774ef002 17576->17577 17578 7ff7774ef03c 45 API calls 17576->17578 17577->17550 17578->17577 17580 7ff7774f4f3c 38 API calls 17579->17580 17581 7ff7774eeccf 17580->17581 17582 7ff7774f4984 37 API calls 17581->17582 17583 7ff7774eed27 17582->17583 17584 7ff7774eed2b 17583->17584 17585 7ff7774eed80 45 API calls 17583->17585 17584->17550 17585->17584 17587 7ff7774ee964 17586->17587 17588 7ff7774ee931 17586->17588 17590 7ff7774ee97c 17587->17590 17592 7ff7774ee9fd 17587->17592 17589 7ff7774eb6a4 _invalid_parameter_noinfo 37 API calls 17588->17589 17594 7ff7774ee95d memcpy_s 17589->17594 17591 7ff7774eec84 46 API calls 17590->17591 17591->17594 17593 7ff7774e5650 45 API calls 17592->17593 17592->17594 17593->17594 17594->17550 17596 7ff7774f4f8f fegetenv 17595->17596 17659 7ff7774f8cbc 17596->17659 17598 7ff7774f50d2 17601 7ff7774f8cbc 37 API calls 17598->17601 17599 7ff7774f500f 17603 7ff7774eb334 __std_exception_copy 37 API calls 17599->17603 17600 7ff7774f4fe2 17600->17598 17604 7ff7774f50ac 17600->17604 17605 7ff7774f4ffd 17600->17605 17602 7ff7774f50fc 17601->17602 17606 7ff7774f8cbc 37 API calls 17602->17606 17607 7ff7774f508d 17603->17607 17608 7ff7774eb334 __std_exception_copy 37 API calls 17604->17608 17605->17598 17605->17599 17609 7ff7774f510d 17606->17609 17610 7ff7774f61b4 17607->17610 17614 7ff7774f5095 17607->17614 17608->17607 17665 7ff7774f8eb0 17609->17665 17611 7ff7774eb790 _isindst 17 API calls 17610->17611 17613 7ff7774f61c9 17611->17613 17615 7ff7774dd3e0 _log10_special 8 API calls 17614->17615 17616 7ff7774ef1e1 17615->17616 17640 7ff7774f4984 17616->17640 17617 7ff7774f551f memcpy_s 17618 7ff7774f585f 17683 7ff7774f4aa0 17618->17683 17619 7ff7774f5afb memcpy_s 17619->17618 17623 7ff7774f580b 17619->17623 17633 7ff7774e5d98 11 API calls _get_daylight 17619->17633 17637 7ff7774eb770 37 API calls _invalid_parameter_noinfo 17619->17637 17620 7ff7774f5613 memcpy_s 17620->17623 17634 7ff7774e5d98 11 API calls _get_daylight 17620->17634 17635 7ff7774eb770 37 API calls _invalid_parameter_noinfo 17620->17635 17622 7ff7774f51b7 memcpy_s 17622->17619 17622->17620 17623->17618 17623->17623 17674 7ff7774f61cc 17623->17674 17624 7ff7774f5176 memcpy_s 17624->17617 17624->17622 17627 7ff7774e5d98 _get_daylight 11 API calls 17624->17627 17625 7ff7774f5f77 17625->17625 17631 7ff7774f61cc memcpy_s 37 API calls 17625->17631 17639 7ff7774f5fd2 17625->17639 17628 7ff7774f55f0 17627->17628 17630 7ff7774eb770 _invalid_parameter_noinfo 37 API calls 17628->17630 17629 7ff7774f6158 17632 7ff7774f8cbc 37 API calls 17629->17632 17630->17622 17631->17639 17632->17614 17633->17619 17634->17620 17635->17620 17636 7ff7774f4aa0 37 API calls 17636->17639 17637->17619 17638 7ff7774f61cc memcpy_s 37 API calls 17638->17639 17639->17629 17639->17636 17639->17638 17641 7ff7774f49a3 17640->17641 17642 7ff7774eb6a4 _invalid_parameter_noinfo 37 API calls 17641->17642 17643 7ff7774f49ce memcpy_s 17641->17643 17642->17643 17643->17566 17645 7ff7774ef068 memcpy_s 17644->17645 17646 7ff7774e5650 45 API calls 17645->17646 17647 7ff7774ef122 memcpy_s 17645->17647 17646->17647 17647->17567 17649 7ff7774eedbb 17648->17649 17653 7ff7774eee08 memcpy_s 17648->17653 17650 7ff7774eb6a4 _invalid_parameter_noinfo 37 API calls 17649->17650 17651 7ff7774eede7 17650->17651 17651->17567 17652 7ff7774eee73 17654 7ff7774eb334 __std_exception_copy 37 API calls 17652->17654 17653->17652 17655 7ff7774e5650 45 API calls 17653->17655 17658 7ff7774eeeb5 memcpy_s 17654->17658 17655->17652 17656 7ff7774eb790 _isindst 17 API calls 17657 7ff7774eef60 17656->17657 17658->17656 17660 7ff7774f8cd9 17659->17660 17664 7ff7774f8cfa 17659->17664 17661 7ff7774e5d98 _get_daylight 11 API calls 17660->17661 17662 7ff7774f8cee 17661->17662 17663 7ff7774eb770 _invalid_parameter_noinfo 37 API calls 17662->17663 17663->17664 17664->17600 17666 7ff7774f91b0 17665->17666 17671 7ff7774f8ec7 17665->17671 17667 7ff7774f9160 17668 7ff7774f9156 17667->17668 17673 7ff7774fa470 _log10_special 20 API calls 17667->17673 17668->17624 17669 7ff7774f9142 17672 7ff7774fa470 _log10_special 20 API calls 17669->17672 17670 7ff7774f8f2f 17670->17624 17671->17667 17671->17669 17671->17670 17672->17668 17673->17668 17678 7ff7774f61e9 memcpy_s 17674->17678 17679 7ff7774f61ed memcpy_s 17674->17679 17675 7ff7774f61f2 17676 7ff7774e5d98 _get_daylight 11 API calls 17675->17676 17677 7ff7774f61f7 17676->17677 17680 7ff7774eb770 _invalid_parameter_noinfo 37 API calls 17677->17680 17678->17618 17679->17675 17679->17678 17681 7ff7774f622d 17679->17681 17680->17678 17681->17678 17682 7ff7774e5d98 _get_daylight 11 API calls 17681->17682 17682->17677 17684 7ff7774f4ac8 17683->17684 17692 7ff7774f4b0b 17683->17692 17685 7ff7774f4b12 17684->17685 17686 7ff7774f4aec 17684->17686 17684->17692 17688 7ff7774f4b54 17685->17688 17689 7ff7774f4b17 17685->17689 17687 7ff7774f61cc memcpy_s 37 API calls 17686->17687 17687->17692 17691 7ff7774f61cc memcpy_s 37 API calls 17688->17691 17690 7ff7774f61cc memcpy_s 37 API calls 17689->17690 17690->17692 17691->17692 17692->17625 17692->17692 17695 7ff7774f169c WideCharToMultiByte 17693->17695 17697 7ff7774e1be3 17696->17697 17698 7ff7774e1bd1 17696->17698 17701 7ff7774e1bf0 17697->17701 17704 7ff7774e1c2d 17697->17704 17699 7ff7774e5d98 _get_daylight 11 API calls 17698->17699 17700 7ff7774e1bd6 17699->17700 17702 7ff7774eb770 _invalid_parameter_noinfo 37 API calls 17700->17702 17703 7ff7774eb6a4 _invalid_parameter_noinfo 37 API calls 17701->17703 17709 7ff7774e1be1 17702->17709 17703->17709 17705 7ff7774e1cd6 17704->17705 17707 7ff7774e5d98 _get_daylight 11 API calls 17704->17707 17706 7ff7774e5d98 _get_daylight 11 API calls 17705->17706 17705->17709 17708 7ff7774e1d80 17706->17708 17710 7ff7774e1ccb 17707->17710 17712 7ff7774eb770 _invalid_parameter_noinfo 37 API calls 17708->17712 17709->17407 17711 7ff7774eb770 _invalid_parameter_noinfo 37 API calls 17710->17711 17711->17705 17712->17709 17714 7ff7774ee861 17713->17714 17715 7ff7774e568f 17713->17715 17714->17715 17721 7ff7774f4194 17714->17721 17717 7ff7774ee8b4 17715->17717 17718 7ff7774e569f 17717->17718 17719 7ff7774ee8cd 17717->17719 17718->17407 17719->17718 17734 7ff7774f34e0 17719->17734 17722 7ff7774ebfe0 __GetCurrentState 45 API calls 17721->17722 17723 7ff7774f41a3 17722->17723 17724 7ff7774f41ee 17723->17724 17733 7ff7774f1168 EnterCriticalSection 17723->17733 17724->17715 17735 7ff7774ebfe0 __GetCurrentState 45 API calls 17734->17735 17736 7ff7774f34e9 17735->17736 17738 7ff7774d3b4c GetModuleFileNameW 17737->17738 17738->16957 17738->16958 17740 7ff7774da14f FindClose 17739->17740 17741 7ff7774da162 17739->17741 17740->17741 17742 7ff7774dd3e0 _log10_special 8 API calls 17741->17742 17743 7ff7774d3baa 17742->17743 17743->16963 17743->16964 17745 7ff7774dd6e0 17744->17745 17746 7ff7774d2ee0 GetCurrentProcessId 17745->17746 17776 7ff7774d2710 17746->17776 17748 7ff7774d2f29 17780 7ff7774e5a68 17748->17780 17751 7ff7774d2710 48 API calls 17752 7ff7774d2fa4 FormatMessageW 17751->17752 17754 7ff7774d2fef OutputDebugStringW MessageBoxW 17752->17754 17755 7ff7774d2fdd 17752->17755 17757 7ff7774dd3e0 _log10_special 8 API calls 17754->17757 17756 7ff7774d2710 48 API calls 17755->17756 17756->17754 17758 7ff7774d302a 17757->17758 17758->16961 17760 7ff7774da1d0 GetFinalPathNameByHandleW CloseHandle 17759->17760 17761 7ff7774d3bd5 17759->17761 17760->17761 17761->16974 17761->16975 17763 7ff7774dd6e0 17762->17763 17764 7ff7774d2a84 GetCurrentProcessId 17763->17764 17765 7ff7774d2710 48 API calls 17764->17765 17766 7ff7774d2ad7 17765->17766 17767 7ff7774e5a68 48 API calls 17766->17767 17768 7ff7774d2b20 OutputDebugStringW MessageBoxW 17767->17768 17769 7ff7774dd3e0 _log10_special 8 API calls 17768->17769 17770 7ff7774d2b5b 17769->17770 17770->16961 17772 7ff7774da2fa WideCharToMultiByte 17771->17772 17773 7ff7774da325 17771->17773 17772->17773 17775 7ff7774da33b __vcrt_freefls 17772->17775 17774 7ff7774da342 WideCharToMultiByte 17773->17774 17773->17775 17774->17775 17775->16970 17777 7ff7774d2735 17776->17777 17778 7ff7774e5a68 48 API calls 17777->17778 17779 7ff7774d2758 17778->17779 17779->17748 17782 7ff7774e5ac2 17780->17782 17781 7ff7774e5ae7 17783 7ff7774eb6a4 _invalid_parameter_noinfo 37 API calls 17781->17783 17782->17781 17784 7ff7774e5b23 17782->17784 17786 7ff7774e5b11 17783->17786 17798 7ff7774e3e20 17784->17798 17789 7ff7774dd3e0 _log10_special 8 API calls 17786->17789 17787 7ff7774e5c04 17788 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 17787->17788 17788->17786 17790 7ff7774d2f74 17789->17790 17790->17751 17792 7ff7774e5c2a 17792->17787 17796 7ff7774e5c34 17792->17796 17793 7ff7774e5bd9 17794 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 17793->17794 17794->17786 17795 7ff7774e5bd0 17795->17787 17795->17793 17797 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 17796->17797 17797->17786 17799 7ff7774e3e5e 17798->17799 17804 7ff7774e3e4e 17798->17804 17800 7ff7774e3e67 17799->17800 17805 7ff7774e3e95 17799->17805 17802 7ff7774eb6a4 _invalid_parameter_noinfo 37 API calls 17800->17802 17801 7ff7774eb6a4 _invalid_parameter_noinfo 37 API calls 17803 7ff7774e3e8d 17801->17803 17802->17803 17803->17787 17803->17792 17803->17793 17803->17795 17804->17801 17805->17803 17805->17804 17809 7ff7774e4834 17805->17809 17842 7ff7774e4280 17805->17842 17879 7ff7774e3a10 17805->17879 17810 7ff7774e4876 17809->17810 17811 7ff7774e48e7 17809->17811 17812 7ff7774e4911 17810->17812 17813 7ff7774e487c 17810->17813 17814 7ff7774e4940 17811->17814 17815 7ff7774e48ec 17811->17815 17898 7ff7774e2be4 17812->17898 17816 7ff7774e48b0 17813->17816 17817 7ff7774e4881 17813->17817 17820 7ff7774e4957 17814->17820 17821 7ff7774e494a 17814->17821 17825 7ff7774e494f 17814->17825 17818 7ff7774e4921 17815->17818 17819 7ff7774e48ee 17815->17819 17823 7ff7774e4887 17816->17823 17816->17825 17817->17820 17817->17823 17905 7ff7774e27d4 17818->17905 17824 7ff7774e4890 17819->17824 17829 7ff7774e48fd 17819->17829 17912 7ff7774e553c 17820->17912 17821->17812 17821->17825 17823->17824 17830 7ff7774e48c2 17823->17830 17837 7ff7774e48ab 17823->17837 17840 7ff7774e4980 17824->17840 17882 7ff7774e4fe8 17824->17882 17825->17840 17916 7ff7774e2ff4 17825->17916 17829->17812 17832 7ff7774e4902 17829->17832 17830->17840 17892 7ff7774e5324 17830->17892 17835 7ff7774e53e8 37 API calls 17832->17835 17832->17840 17834 7ff7774dd3e0 _log10_special 8 API calls 17836 7ff7774e4c7a 17834->17836 17835->17837 17836->17805 17838 7ff7774e5650 45 API calls 17837->17838 17837->17840 17841 7ff7774e4b6c 17837->17841 17838->17841 17840->17834 17841->17840 17923 7ff7774ef898 17841->17923 17843 7ff7774e42a4 17842->17843 17844 7ff7774e428e 17842->17844 17845 7ff7774eb6a4 _invalid_parameter_noinfo 37 API calls 17843->17845 17848 7ff7774e42e4 17843->17848 17846 7ff7774e4876 17844->17846 17847 7ff7774e48e7 17844->17847 17844->17848 17845->17848 17849 7ff7774e4911 17846->17849 17850 7ff7774e487c 17846->17850 17851 7ff7774e4940 17847->17851 17852 7ff7774e48ec 17847->17852 17848->17805 17859 7ff7774e2be4 38 API calls 17849->17859 17853 7ff7774e48b0 17850->17853 17854 7ff7774e4881 17850->17854 17857 7ff7774e4957 17851->17857 17858 7ff7774e494a 17851->17858 17864 7ff7774e494f 17851->17864 17855 7ff7774e4921 17852->17855 17856 7ff7774e48ee 17852->17856 17860 7ff7774e4887 17853->17860 17853->17864 17854->17857 17854->17860 17862 7ff7774e27d4 38 API calls 17855->17862 17861 7ff7774e4890 17856->17861 17866 7ff7774e48fd 17856->17866 17865 7ff7774e553c 45 API calls 17857->17865 17858->17849 17858->17864 17875 7ff7774e48ab 17859->17875 17860->17861 17867 7ff7774e48c2 17860->17867 17860->17875 17863 7ff7774e4fe8 47 API calls 17861->17863 17878 7ff7774e4980 17861->17878 17862->17875 17863->17875 17868 7ff7774e2ff4 38 API calls 17864->17868 17864->17878 17865->17875 17866->17849 17869 7ff7774e4902 17866->17869 17870 7ff7774e5324 46 API calls 17867->17870 17867->17878 17868->17875 17872 7ff7774e53e8 37 API calls 17869->17872 17869->17878 17870->17875 17871 7ff7774dd3e0 _log10_special 8 API calls 17873 7ff7774e4c7a 17871->17873 17872->17875 17873->17805 17874 7ff7774e4b6c 17877 7ff7774ef898 46 API calls 17874->17877 17874->17878 17875->17874 17876 7ff7774e5650 45 API calls 17875->17876 17875->17878 17876->17874 17877->17874 17878->17871 17957 7ff7774e1e58 17879->17957 17883 7ff7774e500e 17882->17883 17884 7ff7774e1a10 12 API calls 17883->17884 17885 7ff7774e505e 17884->17885 17886 7ff7774ef400 46 API calls 17885->17886 17887 7ff7774e5131 17886->17887 17888 7ff7774e5650 45 API calls 17887->17888 17891 7ff7774e5153 17887->17891 17888->17891 17889 7ff7774e51e1 17889->17837 17889->17889 17890 7ff7774e5650 45 API calls 17890->17889 17891->17889 17891->17890 17891->17891 17893 7ff7774e5359 17892->17893 17894 7ff7774e539e 17893->17894 17895 7ff7774e5377 17893->17895 17896 7ff7774e5650 45 API calls 17893->17896 17894->17837 17897 7ff7774ef898 46 API calls 17895->17897 17896->17895 17897->17894 17899 7ff7774e2c17 17898->17899 17900 7ff7774e2c46 17899->17900 17902 7ff7774e2d03 17899->17902 17903 7ff7774e2c83 17900->17903 17935 7ff7774e1ab8 17900->17935 17904 7ff7774eb6a4 _invalid_parameter_noinfo 37 API calls 17902->17904 17903->17837 17904->17903 17906 7ff7774e2807 17905->17906 17907 7ff7774e2836 17906->17907 17909 7ff7774e28f3 17906->17909 17908 7ff7774e1ab8 12 API calls 17907->17908 17911 7ff7774e2873 17907->17911 17908->17911 17910 7ff7774eb6a4 _invalid_parameter_noinfo 37 API calls 17909->17910 17910->17911 17911->17837 17913 7ff7774e557f 17912->17913 17915 7ff7774e5583 __crtLCMapStringW 17913->17915 17943 7ff7774e55d8 17913->17943 17915->17837 17918 7ff7774e3027 17916->17918 17917 7ff7774e3056 17919 7ff7774e1ab8 12 API calls 17917->17919 17922 7ff7774e3093 17917->17922 17918->17917 17920 7ff7774e3113 17918->17920 17919->17922 17921 7ff7774eb6a4 _invalid_parameter_noinfo 37 API calls 17920->17921 17921->17922 17922->17837 17924 7ff7774ef8c9 17923->17924 17933 7ff7774ef8d7 17923->17933 17925 7ff7774ef8f7 17924->17925 17928 7ff7774e5650 45 API calls 17924->17928 17924->17933 17926 7ff7774ef92f 17925->17926 17927 7ff7774ef908 17925->17927 17930 7ff7774ef959 17926->17930 17931 7ff7774ef9ba 17926->17931 17926->17933 17947 7ff7774f0f30 17927->17947 17928->17925 17930->17933 17950 7ff7774f0730 17930->17950 17932 7ff7774f0730 _fread_nolock MultiByteToWideChar 17931->17932 17932->17933 17933->17841 17936 7ff7774e1aef 17935->17936 17942 7ff7774e1ade 17935->17942 17937 7ff7774ee48c _fread_nolock 12 API calls 17936->17937 17936->17942 17938 7ff7774e1b20 17937->17938 17939 7ff7774e1b34 17938->17939 17940 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 17938->17940 17941 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 17939->17941 17940->17939 17941->17942 17942->17903 17944 7ff7774e55f6 17943->17944 17945 7ff7774e55fe 17943->17945 17946 7ff7774e5650 45 API calls 17944->17946 17945->17915 17946->17945 17953 7ff7774f7c18 17947->17953 17952 7ff7774f0739 MultiByteToWideChar 17950->17952 17956 7ff7774f7c7c 17953->17956 17954 7ff7774dd3e0 _log10_special 8 API calls 17955 7ff7774f0f4d 17954->17955 17955->17933 17956->17954 17958 7ff7774e1e9f 17957->17958 17959 7ff7774e1e8d 17957->17959 17962 7ff7774e1ead 17958->17962 17966 7ff7774e1ee9 17958->17966 17960 7ff7774e5d98 _get_daylight 11 API calls 17959->17960 17961 7ff7774e1e92 17960->17961 17963 7ff7774eb770 _invalid_parameter_noinfo 37 API calls 17961->17963 17964 7ff7774eb6a4 _invalid_parameter_noinfo 37 API calls 17962->17964 17971 7ff7774e1e9d 17963->17971 17964->17971 17965 7ff7774e2265 17967 7ff7774e5d98 _get_daylight 11 API calls 17965->17967 17965->17971 17966->17965 17968 7ff7774e5d98 _get_daylight 11 API calls 17966->17968 17969 7ff7774e24f9 17967->17969 17970 7ff7774e225a 17968->17970 17972 7ff7774eb770 _invalid_parameter_noinfo 37 API calls 17969->17972 17973 7ff7774eb770 _invalid_parameter_noinfo 37 API calls 17970->17973 17971->17805 17972->17971 17973->17965 17975 7ff7774e1594 17974->17975 18002 7ff7774e12f4 17975->18002 17977 7ff7774e15ad 17977->16997 18014 7ff7774e124c 17978->18014 17982 7ff7774dd6e0 17981->17982 17983 7ff7774d2b90 GetCurrentProcessId 17982->17983 17984 7ff7774d1cc0 49 API calls 17983->17984 17985 7ff7774d2bd9 17984->17985 17986 7ff7774e5814 49 API calls 17985->17986 17987 7ff7774d2c23 17986->17987 18028 7ff7774e5ff0 17987->18028 17990 7ff7774d1cc0 49 API calls 17991 7ff7774d2c5f 17990->17991 18040 7ff7774d2660 17991->18040 17994 7ff7774dd3e0 _log10_special 8 API calls 17995 7ff7774d2c91 17994->17995 17995->17037 17997 7ff7774d1bc9 17996->17997 17998 7ff7774e0fa9 17996->17998 17997->17036 17997->17037 17999 7ff7774e5d98 _get_daylight 11 API calls 17998->17999 18000 7ff7774e0fae 17999->18000 18001 7ff7774eb770 _invalid_parameter_noinfo 37 API calls 18000->18001 18001->17997 18003 7ff7774e135e 18002->18003 18004 7ff7774e131e 18002->18004 18003->18004 18006 7ff7774e136a 18003->18006 18005 7ff7774eb6a4 _invalid_parameter_noinfo 37 API calls 18004->18005 18007 7ff7774e1345 18005->18007 18013 7ff7774e62fc EnterCriticalSection 18006->18013 18007->17977 18015 7ff7774e1276 18014->18015 18026 7ff7774d1a60 18014->18026 18016 7ff7774e1285 memcpy_s 18015->18016 18017 7ff7774e12c2 18015->18017 18015->18026 18019 7ff7774e5d98 _get_daylight 11 API calls 18016->18019 18027 7ff7774e62fc EnterCriticalSection 18017->18027 18021 7ff7774e129a 18019->18021 18023 7ff7774eb770 _invalid_parameter_noinfo 37 API calls 18021->18023 18023->18026 18026->17005 18026->17008 18029 7ff7774ec158 _get_daylight 11 API calls 18028->18029 18030 7ff7774e6007 18029->18030 18031 7ff7774d2c45 18030->18031 18032 7ff7774efa28 _get_daylight 11 API calls 18030->18032 18035 7ff7774e6047 18030->18035 18031->17990 18033 7ff7774e603c 18032->18033 18034 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 18033->18034 18034->18035 18035->18031 18049 7ff7774efab0 18035->18049 18038 7ff7774eb790 _isindst 17 API calls 18039 7ff7774e608c 18038->18039 18041 7ff7774d266f 18040->18041 18042 7ff7774da220 2 API calls 18041->18042 18043 7ff7774d26a0 18042->18043 18044 7ff7774d26a5 OutputDebugStringW MessageBoxW 18043->18044 18045 7ff7774d26ce OutputDebugStringA MessageBoxA 18043->18045 18046 7ff7774d26ee 18044->18046 18045->18046 18047 7ff7774dd3e0 _log10_special 8 API calls 18046->18047 18048 7ff7774d26fe 18047->18048 18048->17994 18050 7ff7774efacd 18049->18050 18052 7ff7774e606d 18050->18052 18054 7ff7774efad2 18050->18054 18056 7ff7774efb1c 18050->18056 18051 7ff7774e5d98 _get_daylight 11 API calls 18053 7ff7774efadc 18051->18053 18052->18031 18052->18038 18055 7ff7774eb770 _invalid_parameter_noinfo 37 API calls 18053->18055 18054->18051 18054->18052 18055->18052 18056->18052 18057 7ff7774e5d98 _get_daylight 11 API calls 18056->18057 18057->18053 18059 7ff7774d93a1 GetTokenInformation 18058->18059 18061 7ff7774d9423 __vcrt_freefls 18058->18061 18060 7ff7774d93c2 GetLastError 18059->18060 18062 7ff7774d93cd 18059->18062 18060->18061 18060->18062 18063 7ff7774d9436 CloseHandle 18061->18063 18064 7ff7774d943c 18061->18064 18062->18061 18065 7ff7774d93e9 GetTokenInformation 18062->18065 18063->18064 18064->17055 18065->18061 18066 7ff7774d940c 18065->18066 18066->18061 18067 7ff7774d9416 ConvertSidToStringSidW 18066->18067 18067->18061 18069 7ff7774dd6e0 18068->18069 18070 7ff7774d2dd4 GetCurrentProcessId 18069->18070 18071 7ff7774d2710 48 API calls 18070->18071 18072 7ff7774d2e27 18071->18072 18073 7ff7774e5a68 48 API calls 18072->18073 18074 7ff7774d2e70 OutputDebugStringW MessageBoxW 18073->18074 18075 7ff7774dd3e0 _log10_special 8 API calls 18074->18075 18076 7ff7774d2eab 18075->18076 18076->17067 18078 7ff7774d2625 18077->18078 18079 7ff7774e5a68 48 API calls 18078->18079 18080 7ff7774d2644 18079->18080 18080->17087 18135 7ff7774e9624 18081->18135 18085 7ff7774d8c5c 18084->18085 18086 7ff7774da220 2 API calls 18085->18086 18087 7ff7774d8c7b 18086->18087 18088 7ff7774d8c83 18087->18088 18089 7ff7774d8c96 ExpandEnvironmentStringsW 18087->18089 18090 7ff7774d2a60 51 API calls 18088->18090 18091 7ff7774d8cbc __vcrt_freefls 18089->18091 18096 7ff7774d8c8f __vcrt_freefls 18090->18096 18092 7ff7774d8cd3 18091->18092 18093 7ff7774d8cc0 18091->18093 18098 7ff7774d8ce6 18092->18098 18099 7ff7774d8d61 18092->18099 18094 7ff7774d2a60 51 API calls 18093->18094 18094->18096 18095 7ff7774dd3e0 _log10_special 8 API calls 18097 7ff7774d8e81 18095->18097 18096->18095 18097->17081 18125 7ff7774e90c8 18097->18125 18101 7ff7774d2880 50 API calls 18098->18101 18273 7ff7774e8c98 18099->18273 18103 7ff7774d8cf2 18101->18103 18102 7ff7774d8d6e 18104 7ff7774d8d76 18102->18104 18105 7ff7774d8d89 18102->18105 18106 7ff7774d8d27 GetDriveTypeW 18103->18106 18110 7ff7774d2880 50 API calls 18103->18110 18109 7ff7774d2a60 51 API calls 18104->18109 18111 7ff7774d2880 50 API calls 18105->18111 18107 7ff7774d8d52 18106->18107 18108 7ff7774d8d37 18106->18108 18266 7ff7774e87fc 18107->18266 18112 7ff7774d2a60 51 API calls 18108->18112 18109->18096 18114 7ff7774d8d0b 18110->18114 18119 7ff7774d8d98 18111->18119 18112->18096 18114->18106 18115 7ff7774d8e11 18116 7ff7774d2880 50 API calls 18115->18116 18118 7ff7774d8e20 CreateDirectoryW 18116->18118 18117 7ff7774d2710 48 API calls 18117->18119 18118->18096 18119->18115 18119->18117 18121 7ff7774d2880 50 API calls 18119->18121 18123 7ff7774d8deb CreateDirectoryW 18121->18123 18123->18119 18126 7ff7774e90d5 18125->18126 18127 7ff7774e90e8 18125->18127 18128 7ff7774e5d98 _get_daylight 11 API calls 18126->18128 18374 7ff7774e8d4c 18127->18374 18130 7ff7774e90da 18128->18130 18132 7ff7774eb770 _invalid_parameter_noinfo 37 API calls 18130->18132 18133 7ff7774e90e6 18132->18133 18133->17084 18176 7ff7774f23e8 18135->18176 18235 7ff7774f2160 18176->18235 18256 7ff7774f1168 EnterCriticalSection 18235->18256 18267 7ff7774e884d 18266->18267 18268 7ff7774e881a 18266->18268 18267->18096 18268->18267 18285 7ff7774f1304 18268->18285 18271 7ff7774eb790 _isindst 17 API calls 18272 7ff7774e887d 18271->18272 18274 7ff7774e8cb4 18273->18274 18275 7ff7774e8d22 18273->18275 18274->18275 18276 7ff7774e8cb9 18274->18276 18319 7ff7774f1650 18275->18319 18278 7ff7774e8cd1 18276->18278 18279 7ff7774e8cee 18276->18279 18294 7ff7774e8a68 GetFullPathNameW 18278->18294 18302 7ff7774e8adc GetFullPathNameW 18279->18302 18284 7ff7774e8ce6 __vcrt_freefls 18284->18102 18286 7ff7774f1311 18285->18286 18287 7ff7774f131b 18285->18287 18286->18287 18292 7ff7774f1337 18286->18292 18288 7ff7774e5d98 _get_daylight 11 API calls 18287->18288 18289 7ff7774f1323 18288->18289 18290 7ff7774eb770 _invalid_parameter_noinfo 37 API calls 18289->18290 18291 7ff7774e8849 18290->18291 18291->18267 18291->18271 18292->18291 18293 7ff7774e5d98 _get_daylight 11 API calls 18292->18293 18293->18289 18295 7ff7774e8aa4 18294->18295 18296 7ff7774e8a8e GetLastError 18294->18296 18300 7ff7774e5d98 _get_daylight 11 API calls 18295->18300 18301 7ff7774e8aa0 18295->18301 18297 7ff7774e5d0c _fread_nolock 11 API calls 18296->18297 18298 7ff7774e8a9b 18297->18298 18299 7ff7774e5d98 _get_daylight 11 API calls 18298->18299 18299->18301 18300->18301 18301->18284 18303 7ff7774e8b25 __vcrt_freefls 18302->18303 18304 7ff7774e8b0f GetLastError 18302->18304 18308 7ff7774e8b7f GetFullPathNameW 18303->18308 18309 7ff7774e8b21 18303->18309 18305 7ff7774e5d0c _fread_nolock 11 API calls 18304->18305 18306 7ff7774e8b1c 18305->18306 18307 7ff7774e5d98 _get_daylight 11 API calls 18306->18307 18307->18309 18308->18304 18308->18309 18310 7ff7774e8bb4 18309->18310 18314 7ff7774e8c28 memcpy_s 18310->18314 18315 7ff7774e8bdd memcpy_s 18310->18315 18311 7ff7774e8c11 18312 7ff7774e5d98 _get_daylight 11 API calls 18311->18312 18313 7ff7774e8c16 18312->18313 18316 7ff7774eb770 _invalid_parameter_noinfo 37 API calls 18313->18316 18314->18284 18315->18311 18315->18314 18317 7ff7774e8c4a 18315->18317 18316->18314 18317->18314 18318 7ff7774e5d98 _get_daylight 11 API calls 18317->18318 18318->18313 18322 7ff7774f1460 18319->18322 18323 7ff7774f14a2 18322->18323 18324 7ff7774f148b 18322->18324 18326 7ff7774f14a6 18323->18326 18327 7ff7774f14c7 18323->18327 18325 7ff7774e5d98 _get_daylight 11 API calls 18324->18325 18329 7ff7774f1490 18325->18329 18348 7ff7774f15cc 18326->18348 18360 7ff7774f0448 18327->18360 18334 7ff7774eb770 _invalid_parameter_noinfo 37 API calls 18329->18334 18332 7ff7774f14cc 18337 7ff7774f1571 18332->18337 18343 7ff7774f14f3 18332->18343 18333 7ff7774f14af 18335 7ff7774e5d78 _fread_nolock 11 API calls 18333->18335 18347 7ff7774f149b __vcrt_freefls 18334->18347 18336 7ff7774f14b4 18335->18336 18339 7ff7774e5d98 _get_daylight 11 API calls 18336->18339 18337->18324 18340 7ff7774f1579 18337->18340 18338 7ff7774dd3e0 _log10_special 8 API calls 18342 7ff7774f15c1 18338->18342 18339->18329 18341 7ff7774e8a68 13 API calls 18340->18341 18341->18347 18342->18284 18344 7ff7774e8adc 14 API calls 18343->18344 18345 7ff7774f1537 18344->18345 18345->18347 18347->18338 18349 7ff7774f1616 18348->18349 18350 7ff7774f15e6 18348->18350 18352 7ff7774f1621 GetDriveTypeW 18349->18352 18353 7ff7774f1601 18349->18353 18351 7ff7774e5d78 _fread_nolock 11 API calls 18350->18351 18354 7ff7774f15eb 18351->18354 18352->18353 18356 7ff7774dd3e0 _log10_special 8 API calls 18353->18356 18355 7ff7774e5d98 _get_daylight 11 API calls 18354->18355 18357 7ff7774f15f6 18355->18357 18358 7ff7774f14ab 18356->18358 18359 7ff7774eb770 _invalid_parameter_noinfo 37 API calls 18357->18359 18358->18332 18358->18333 18359->18353 18361 7ff7774fb360 memcpy_s 18360->18361 18362 7ff7774f047e GetCurrentDirectoryW 18361->18362 18363 7ff7774f0495 18362->18363 18364 7ff7774f04bc 18362->18364 18366 7ff7774dd3e0 _log10_special 8 API calls 18363->18366 18365 7ff7774efa28 _get_daylight 11 API calls 18364->18365 18367 7ff7774f04cb 18365->18367 18368 7ff7774f0529 18366->18368 18369 7ff7774f04d5 GetCurrentDirectoryW 18367->18369 18370 7ff7774f04e4 18367->18370 18368->18332 18369->18370 18371 7ff7774f04e9 18369->18371 18372 7ff7774e5d98 _get_daylight 11 API calls 18370->18372 18373 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 18371->18373 18372->18371 18373->18363 18381 7ff7774f1168 EnterCriticalSection 18374->18381 18393 7ff7774d366e memcpy_s 18382->18393 18383 7ff7774dd3e0 _log10_special 8 API calls 18384 7ff7774d3904 18383->18384 18384->17126 18384->17127 18385 7ff7774d3867 18385->18383 18387 7ff7774d1cc0 49 API calls 18387->18393 18388 7ff7774d3882 18390 7ff7774d2960 56 API calls 18388->18390 18390->18385 18393->18385 18393->18387 18393->18388 18394 7ff7774d3869 18393->18394 18396 7ff7774d2cb0 56 API calls 18393->18396 18399 7ff7774d3870 18393->18399 18402 7ff7774d4bf0 18393->18402 18408 7ff7774d8780 18393->18408 18419 7ff7774d1600 18393->18419 18467 7ff7774d7a20 18393->18467 18471 7ff7774d47c0 18393->18471 18528 7ff7774d4ae0 18393->18528 18395 7ff7774d2960 56 API calls 18394->18395 18395->18385 18396->18393 18400 7ff7774d2960 56 API calls 18399->18400 18400->18385 18403 7ff7774d4bfa 18402->18403 18404 7ff7774da220 2 API calls 18403->18404 18405 7ff7774d4c1f 18404->18405 18406 7ff7774dd3e0 _log10_special 8 API calls 18405->18406 18407 7ff7774d4c47 18406->18407 18407->18393 18409 7ff7774d878e 18408->18409 18410 7ff7774d1cc0 49 API calls 18409->18410 18413 7ff7774d88b2 18409->18413 18416 7ff7774d8815 18410->18416 18411 7ff7774dd3e0 _log10_special 8 API calls 18412 7ff7774d88e3 18411->18412 18412->18393 18413->18411 18414 7ff7774d1cc0 49 API calls 18414->18416 18415 7ff7774d4bf0 10 API calls 18415->18416 18416->18413 18416->18414 18416->18415 18417 7ff7774da220 2 API calls 18416->18417 18418 7ff7774d8883 CreateDirectoryW 18417->18418 18418->18413 18418->18416 18420 7ff7774d1613 18419->18420 18421 7ff7774d1637 18419->18421 18555 7ff7774d1050 18420->18555 18423 7ff7774d4c50 108 API calls 18421->18423 18425 7ff7774d164b 18423->18425 18424 7ff7774d1618 18426 7ff7774d162e 18424->18426 18429 7ff7774d2960 56 API calls 18424->18429 18427 7ff7774d1653 18425->18427 18428 7ff7774d1682 18425->18428 18426->18393 18430 7ff7774e5d98 _get_daylight 11 API calls 18427->18430 18431 7ff7774d4c50 108 API calls 18428->18431 18429->18426 18432 7ff7774d1658 18430->18432 18433 7ff7774d1696 18431->18433 18436 7ff7774d2b70 56 API calls 18432->18436 18434 7ff7774d169e 18433->18434 18435 7ff7774d16b8 18433->18435 18437 7ff7774d2960 56 API calls 18434->18437 18438 7ff7774e1564 73 API calls 18435->18438 18439 7ff7774d1671 18436->18439 18440 7ff7774d16ae 18437->18440 18441 7ff7774d16cd 18438->18441 18439->18393 18444 7ff7774e0edc 74 API calls 18440->18444 18442 7ff7774d16d1 18441->18442 18443 7ff7774d16f9 18441->18443 18445 7ff7774e5d98 _get_daylight 11 API calls 18442->18445 18446 7ff7774d16ff 18443->18446 18447 7ff7774d1717 18443->18447 18448 7ff7774d1829 18444->18448 18449 7ff7774d16d6 18445->18449 18531 7ff7774d1210 18446->18531 18452 7ff7774d1739 18447->18452 18463 7ff7774d1761 18447->18463 18448->18393 18451 7ff7774d2b70 56 API calls 18449->18451 18458 7ff7774d16ef __vcrt_freefls 18451->18458 18454 7ff7774e5d98 _get_daylight 11 API calls 18452->18454 18453 7ff7774e0edc 74 API calls 18453->18440 18455 7ff7774d173e 18454->18455 18456 7ff7774d2b70 56 API calls 18455->18456 18456->18458 18457 7ff7774e122c _fread_nolock 53 API calls 18457->18463 18458->18453 18459 7ff7774d17da 18460 7ff7774e5d98 _get_daylight 11 API calls 18459->18460 18462 7ff7774d17ca 18460->18462 18466 7ff7774d2b70 56 API calls 18462->18466 18463->18457 18463->18458 18463->18459 18464 7ff7774d17c5 18463->18464 18586 7ff7774e196c 18463->18586 18465 7ff7774e5d98 _get_daylight 11 API calls 18464->18465 18465->18462 18466->18458 18468 7ff7774d7a8b 18467->18468 18470 7ff7774d7a44 18467->18470 18468->18393 18470->18468 18624 7ff7774e5eb4 18470->18624 18472 7ff7774d47db 18471->18472 18473 7ff7774d2770 53 API calls 18472->18473 18474 7ff7774d4814 18473->18474 18475 7ff7774d4b70 49 API calls 18474->18475 18476 7ff7774d4824 18475->18476 18477 7ff7774d4b70 49 API calls 18476->18477 18478 7ff7774d4833 18477->18478 18479 7ff7774d4853 18478->18479 18480 7ff7774d4881 18478->18480 18655 7ff7774d4740 18479->18655 18482 7ff7774d4740 51 API calls 18480->18482 18483 7ff7774d487f 18482->18483 18484 7ff7774d48f4 18483->18484 18485 7ff7774d48ae 18483->18485 18487 7ff7774d2770 53 API calls 18484->18487 18486 7ff7774d2770 53 API calls 18485->18486 18488 7ff7774d48c1 18486->18488 18489 7ff7774d4900 18487->18489 18662 7ff7774d8650 18488->18662 18491 7ff7774d4740 51 API calls 18489->18491 18493 7ff7774d4923 18491->18493 18494 7ff7774d4973 18493->18494 18497 7ff7774d4740 51 API calls 18493->18497 18500 7ff7774d494b 18497->18500 18500->18494 18529 7ff7774d1cc0 49 API calls 18528->18529 18530 7ff7774d4b04 18529->18530 18530->18393 18532 7ff7774d1268 18531->18532 18533 7ff7774d126f 18532->18533 18534 7ff7774d1297 18532->18534 18535 7ff7774d2960 56 API calls 18533->18535 18537 7ff7774d12d4 18534->18537 18538 7ff7774d12b1 18534->18538 18536 7ff7774d1282 18535->18536 18536->18458 18542 7ff7774d12e6 18537->18542 18553 7ff7774d1309 memcpy_s 18537->18553 18539 7ff7774e5d98 _get_daylight 11 API calls 18538->18539 18540 7ff7774d12b6 18539->18540 18543 7ff7774e5d98 _get_daylight 11 API calls 18542->18543 18556 7ff7774d4c50 108 API calls 18555->18556 18557 7ff7774d108c 18556->18557 18558 7ff7774d1094 18557->18558 18559 7ff7774d10a9 18557->18559 18560 7ff7774d2960 56 API calls 18558->18560 18561 7ff7774e1564 73 API calls 18559->18561 18567 7ff7774d10a4 __vcrt_freefls 18560->18567 18562 7ff7774d10bf 18561->18562 18563 7ff7774d10c3 18562->18563 18564 7ff7774d10e6 18562->18564 18565 7ff7774e5d98 _get_daylight 11 API calls 18563->18565 18568 7ff7774d1122 18564->18568 18569 7ff7774d10f7 18564->18569 18566 7ff7774d10c8 18565->18566 18570 7ff7774d2b70 56 API calls 18566->18570 18567->18424 18572 7ff7774d1129 18568->18572 18580 7ff7774d113c 18568->18580 18571 7ff7774e5d98 _get_daylight 11 API calls 18569->18571 18577 7ff7774d10e1 __vcrt_freefls 18570->18577 18573 7ff7774d1100 18571->18573 18574 7ff7774d1210 94 API calls 18572->18574 18575 7ff7774d2b70 56 API calls 18573->18575 18574->18577 18575->18577 18576 7ff7774e0edc 74 API calls 18578 7ff7774d11b4 18576->18578 18577->18576 18578->18567 18595 7ff7774d4d80 18578->18595 18579 7ff7774e122c _fread_nolock 53 API calls 18579->18580 18580->18577 18580->18579 18581 7ff7774d11ed 18580->18581 18583 7ff7774e5d98 _get_daylight 11 API calls 18581->18583 18584 7ff7774d11f2 18583->18584 18585 7ff7774d2b70 56 API calls 18584->18585 18585->18577 18587 7ff7774e199c 18586->18587 18609 7ff7774e16bc 18587->18609 18596 7ff7774d4d90 18595->18596 18597 7ff7774da220 2 API calls 18596->18597 18598 7ff7774d4dbb 18597->18598 18610 7ff7774e16dc 18609->18610 18611 7ff7774e1709 18609->18611 18610->18611 18612 7ff7774e16e6 18610->18612 18625 7ff7774e5ec1 18624->18625 18628 7ff7774e5eee 18624->18628 18626 7ff7774e5d98 _get_daylight 11 API calls 18625->18626 18635 7ff7774e5e78 18625->18635 18630 7ff7774e5ecb 18626->18630 18627 7ff7774e5f11 18631 7ff7774e5d98 _get_daylight 11 API calls 18627->18631 18628->18627 18629 7ff7774e5f2d 18628->18629 18639 7ff7774e5ddc 18629->18639 18634 7ff7774eb770 _invalid_parameter_noinfo 37 API calls 18630->18634 18632 7ff7774e5f16 18631->18632 18636 7ff7774eb770 _invalid_parameter_noinfo 37 API calls 18632->18636 18637 7ff7774e5ed6 18634->18637 18635->18470 18638 7ff7774e5f21 18636->18638 18637->18470 18638->18470 18640 7ff7774e5e00 18639->18640 18646 7ff7774e5dfb 18639->18646 18641 7ff7774ebfe0 __GetCurrentState 45 API calls 18640->18641 18640->18646 18642 7ff7774e5e1b 18641->18642 18647 7ff7774ee814 18642->18647 18646->18638 18648 7ff7774ee829 18647->18648 18650 7ff7774e5e3e 18647->18650 18649 7ff7774f4194 45 API calls 18648->18649 18648->18650 18649->18650 18651 7ff7774ee880 18650->18651 18652 7ff7774ee895 18651->18652 18654 7ff7774ee8a8 18651->18654 18653 7ff7774f34e0 45 API calls 18652->18653 18652->18654 18653->18654 18654->18646 18656 7ff7774d4766 18655->18656 18657 7ff7774e5814 49 API calls 18656->18657 18658 7ff7774d478c 18657->18658 18659 7ff7774d479d 18658->18659 18660 7ff7774d4bf0 10 API calls 18658->18660 18659->18483 18661 7ff7774d47af 18660->18661 18661->18483 18663 7ff7774d8665 18662->18663 18664 7ff7774d4c50 108 API calls 18663->18664 18665 7ff7774d868b 18664->18665 18719 7ff7774e6d58 18718->18719 18720 7ff7774e6d7e 18719->18720 18723 7ff7774e6db1 18719->18723 18721 7ff7774e5d98 _get_daylight 11 API calls 18720->18721 18722 7ff7774e6d83 18721->18722 18724 7ff7774eb770 _invalid_parameter_noinfo 37 API calls 18722->18724 18725 7ff7774e6dc4 18723->18725 18726 7ff7774e6db7 18723->18726 18727 7ff7774d4ca6 18724->18727 18737 7ff7774ebab8 18725->18737 18728 7ff7774e5d98 _get_daylight 11 API calls 18726->18728 18727->17189 18728->18727 18750 7ff7774f1168 EnterCriticalSection 18737->18750 19110 7ff7774e8788 19109->19110 19113 7ff7774e8264 19110->19113 19112 7ff7774e87a1 19112->17202 19114 7ff7774e827f 19113->19114 19115 7ff7774e82ae 19113->19115 19116 7ff7774eb6a4 _invalid_parameter_noinfo 37 API calls 19114->19116 19123 7ff7774e62fc EnterCriticalSection 19115->19123 19118 7ff7774e829f 19116->19118 19118->19112 19125 7ff7774e0cd3 19124->19125 19127 7ff7774e0d01 19124->19127 19126 7ff7774eb6a4 _invalid_parameter_noinfo 37 API calls 19125->19126 19129 7ff7774e0cf3 19126->19129 19127->19129 19134 7ff7774e62fc EnterCriticalSection 19127->19134 19129->17214 19136 7ff7774d4c50 108 API calls 19135->19136 19137 7ff7774d1493 19136->19137 19138 7ff7774d149b 19137->19138 19139 7ff7774d14bc 19137->19139 19140 7ff7774d2960 56 API calls 19138->19140 19141 7ff7774e1564 73 API calls 19139->19141 19142 7ff7774d14ab 19140->19142 19143 7ff7774d14d1 19141->19143 19142->17247 19144 7ff7774d14d5 19143->19144 19145 7ff7774d14f8 19143->19145 19146 7ff7774e5d98 _get_daylight 11 API calls 19144->19146 19149 7ff7774d1532 19145->19149 19150 7ff7774d1508 19145->19150 19147 7ff7774d14da 19146->19147 19148 7ff7774d2b70 56 API calls 19147->19148 19157 7ff7774d14f3 __vcrt_freefls 19148->19157 19152 7ff7774d1538 19149->19152 19160 7ff7774d154b 19149->19160 19151 7ff7774e5d98 _get_daylight 11 API calls 19150->19151 19153 7ff7774d1510 19151->19153 19154 7ff7774d1210 94 API calls 19152->19154 19155 7ff7774d2b70 56 API calls 19153->19155 19154->19157 19155->19157 19156 7ff7774e0edc 74 API calls 19159 7ff7774d15c4 19156->19159 19157->19156 19158 7ff7774e122c _fread_nolock 53 API calls 19158->19160 19159->17247 19160->19157 19160->19158 19161 7ff7774d15d6 19160->19161 19162 7ff7774e5d98 _get_daylight 11 API calls 19161->19162 19163 7ff7774d15db 19162->19163 19164 7ff7774d2b70 56 API calls 19163->19164 19164->19157 19246 7ff7774d6a75 19245->19246 19247 7ff7774d1cc0 49 API calls 19246->19247 19248 7ff7774d6ab1 19247->19248 19249 7ff7774d6add 19248->19249 19250 7ff7774d6aba 19248->19250 19252 7ff7774d4cc0 49 API calls 19249->19252 19251 7ff7774d2960 56 API calls 19250->19251 19270 7ff7774d6ad3 19251->19270 19253 7ff7774d6af5 19252->19253 19254 7ff7774d6b13 19253->19254 19256 7ff7774d2960 56 API calls 19253->19256 19257 7ff7774d4bf0 10 API calls 19254->19257 19255 7ff7774dd3e0 _log10_special 8 API calls 19258 7ff7774d35ee 19255->19258 19256->19254 19259 7ff7774d6b1d 19257->19259 19258->17351 19280 7ff7774d6c20 19258->19280 19260 7ff7774d6b3c 19259->19260 19262 7ff7774d2770 53 API calls 19259->19262 19261 7ff7774d4cc0 49 API calls 19260->19261 19263 7ff7774d6b55 19261->19263 19264 7ff7774d6b32 19262->19264 19266 7ff7774d6b7a 19263->19266 19267 7ff7774d6b5a 19263->19267 19265 7ff7774d9e00 3 API calls 19264->19265 19265->19260 19269 7ff7774d2770 53 API calls 19266->19269 19268 7ff7774d2960 56 API calls 19267->19268 19268->19270 19271 7ff7774d6b8e 19269->19271 19270->19255 19272 7ff7774d9e00 3 API calls 19271->19272 19273 7ff7774d6b9b 19272->19273 19274 7ff7774d6be6 19273->19274 19275 7ff7774d6ba7 19273->19275 19396 7ff7774d5ec0 GetProcAddress 19274->19396 19277 7ff7774da220 2 API calls 19275->19277 19278 7ff7774d6bbf GetLastError 19277->19278 19488 7ff7774d5a90 19280->19488 19282 7ff7774d6c43 19283 7ff7774d6c4b 19282->19283 19284 7ff7774d6c5c 19282->19284 19286 7ff7774d2960 56 API calls 19283->19286 19285 7ff7774d2770 53 API calls 19284->19285 19287 7ff7774d6c68 19285->19287 19292 7ff7774d6c57 19286->19292 19495 7ff7774d5320 19287->19495 19292->17353 19338 7ff7774d2770 53 API calls 19337->19338 19339 7ff7774d6720 19338->19339 19397 7ff7774d5f0f GetProcAddress 19396->19397 19398 7ff7774d5ee2 GetLastError 19396->19398 19490 7ff7774d5abc 19488->19490 19489 7ff7774d5ac4 19489->19282 19490->19489 19493 7ff7774d5c64 19490->19493 19519 7ff7774e7934 19490->19519 19491 7ff7774d5e27 __vcrt_freefls 19491->19282 19492 7ff7774d4e60 47 API calls 19492->19493 19493->19491 19493->19492 19496 7ff7774d5350 19495->19496 19497 7ff7774dd3e0 _log10_special 8 API calls 19496->19497 19498 7ff7774d53ba 19497->19498 19520 7ff7774e7964 19519->19520 19523 7ff7774e6e30 19520->19523 19522 7ff7774e7994 19522->19490 19524 7ff7774e6e61 19523->19524 19527 7ff7774e6e73 19523->19527 19525 7ff7774e5d98 _get_daylight 11 API calls 19524->19525 19529 7ff7774e6e66 19525->19529 19526 7ff7774e6ebd 19528 7ff7774e6ed8 19526->19528 19531 7ff7774e5650 45 API calls 19526->19531 19527->19526 19530 7ff7774e6e80 19527->19530 19535 7ff7774e6efa 19528->19535 19544 7ff7774e78bc 19528->19544 19533 7ff7774eb770 _invalid_parameter_noinfo 37 API calls 19529->19533 19534 7ff7774eb6a4 _invalid_parameter_noinfo 37 API calls 19530->19534 19531->19528 19541 7ff7774e6e71 19533->19541 19534->19541 19536 7ff7774e6f9b 19535->19536 19537 7ff7774e5d98 _get_daylight 11 API calls 19535->19537 19538 7ff7774e5d98 _get_daylight 11 API calls 19536->19538 19536->19541 19539 7ff7774e6f90 19537->19539 19541->19522 19545 7ff7774e78df 19544->19545 19548 7ff7774e78f6 19544->19548 19550 7ff7774f0df8 19545->19550 19547 7ff7774e78e4 19547->19528 19548->19547 19555 7ff7774f0e28 19548->19555 19637 7ff7774d66bd 19636->19637 19639 7ff7774d66da 19636->19639 19638 7ff7774d2770 53 API calls 19637->19638 19637->19639 19638->19639 19639->17364 19640->17365 21298 7ff7774f2540 21309 7ff7774f8274 21298->21309 21310 7ff7774f8281 21309->21310 21311 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 21310->21311 21312 7ff7774f829d 21310->21312 21311->21310 21313 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 21312->21313 21314 7ff7774f2549 21312->21314 21313->21312 21315 7ff7774f1168 EnterCriticalSection 21314->21315 19695 7ff7774e64b8 19696 7ff7774e64ef 19695->19696 19697 7ff7774e64d2 19695->19697 19696->19697 19699 7ff7774e6502 CreateFileW 19696->19699 19698 7ff7774e5d78 _fread_nolock 11 API calls 19697->19698 19702 7ff7774e64d7 19698->19702 19700 7ff7774e6536 19699->19700 19701 7ff7774e656c 19699->19701 19720 7ff7774e660c GetFileType 19700->19720 19746 7ff7774e6a94 19701->19746 19705 7ff7774e5d98 _get_daylight 11 API calls 19702->19705 19708 7ff7774e64df 19705->19708 19713 7ff7774eb770 _invalid_parameter_noinfo 37 API calls 19708->19713 19709 7ff7774e6561 CloseHandle 19714 7ff7774e64ea 19709->19714 19710 7ff7774e654b CloseHandle 19710->19714 19711 7ff7774e6575 19715 7ff7774e5d0c _fread_nolock 11 API calls 19711->19715 19712 7ff7774e65a0 19767 7ff7774e6854 19712->19767 19713->19714 19719 7ff7774e657f 19715->19719 19719->19714 19721 7ff7774e6717 19720->19721 19722 7ff7774e665a 19720->19722 19724 7ff7774e671f 19721->19724 19725 7ff7774e6741 19721->19725 19723 7ff7774e6686 GetFileInformationByHandle 19722->19723 19727 7ff7774e6990 21 API calls 19722->19727 19728 7ff7774e66af 19723->19728 19729 7ff7774e6732 GetLastError 19723->19729 19724->19729 19730 7ff7774e6723 19724->19730 19726 7ff7774e6764 PeekNamedPipe 19725->19726 19735 7ff7774e6702 19725->19735 19726->19735 19732 7ff7774e6674 19727->19732 19733 7ff7774e6854 51 API calls 19728->19733 19731 7ff7774e5d0c _fread_nolock 11 API calls 19729->19731 19734 7ff7774e5d98 _get_daylight 11 API calls 19730->19734 19731->19735 19732->19723 19732->19735 19737 7ff7774e66ba 19733->19737 19734->19735 19736 7ff7774dd3e0 _log10_special 8 API calls 19735->19736 19738 7ff7774e6544 19736->19738 19784 7ff7774e67b4 19737->19784 19738->19709 19738->19710 19741 7ff7774e67b4 10 API calls 19742 7ff7774e66d9 19741->19742 19743 7ff7774e67b4 10 API calls 19742->19743 19744 7ff7774e66ea 19743->19744 19744->19735 19745 7ff7774e5d98 _get_daylight 11 API calls 19744->19745 19745->19735 19747 7ff7774e6aca 19746->19747 19748 7ff7774e6b62 __vcrt_freefls 19747->19748 19749 7ff7774e5d98 _get_daylight 11 API calls 19747->19749 19750 7ff7774dd3e0 _log10_special 8 API calls 19748->19750 19751 7ff7774e6adc 19749->19751 19752 7ff7774e6571 19750->19752 19753 7ff7774e5d98 _get_daylight 11 API calls 19751->19753 19752->19711 19752->19712 19754 7ff7774e6ae4 19753->19754 19755 7ff7774e8c98 45 API calls 19754->19755 19756 7ff7774e6af9 19755->19756 19757 7ff7774e6b01 19756->19757 19758 7ff7774e6b0b 19756->19758 19759 7ff7774e5d98 _get_daylight 11 API calls 19757->19759 19760 7ff7774e5d98 _get_daylight 11 API calls 19758->19760 19763 7ff7774e6b06 19759->19763 19761 7ff7774e6b10 19760->19761 19761->19748 19762 7ff7774e5d98 _get_daylight 11 API calls 19761->19762 19764 7ff7774e6b1a 19762->19764 19763->19748 19765 7ff7774e6b54 GetDriveTypeW 19763->19765 19766 7ff7774e8c98 45 API calls 19764->19766 19765->19748 19766->19763 19768 7ff7774e687c 19767->19768 19776 7ff7774e65ad 19768->19776 19791 7ff7774f05b4 19768->19791 19770 7ff7774e6910 19771 7ff7774f05b4 51 API calls 19770->19771 19770->19776 19772 7ff7774e6923 19771->19772 19773 7ff7774f05b4 51 API calls 19772->19773 19772->19776 19774 7ff7774e6936 19773->19774 19775 7ff7774f05b4 51 API calls 19774->19775 19774->19776 19775->19776 19777 7ff7774e6990 19776->19777 19778 7ff7774e69aa 19777->19778 19779 7ff7774e69e1 19778->19779 19780 7ff7774e69ba 19778->19780 19781 7ff7774f0448 21 API calls 19779->19781 19782 7ff7774e5d0c _fread_nolock 11 API calls 19780->19782 19783 7ff7774e69ca 19780->19783 19781->19783 19782->19783 19783->19719 19785 7ff7774e67d0 19784->19785 19786 7ff7774e67dd FileTimeToSystemTime 19784->19786 19785->19786 19788 7ff7774e67d8 19785->19788 19787 7ff7774e67f1 SystemTimeToTzSpecificLocalTime 19786->19787 19786->19788 19787->19788 19789 7ff7774dd3e0 _log10_special 8 API calls 19788->19789 19790 7ff7774e66c9 19789->19790 19790->19741 19792 7ff7774f05c1 19791->19792 19795 7ff7774f05e5 19791->19795 19793 7ff7774f05c6 19792->19793 19792->19795 19796 7ff7774e5d98 _get_daylight 11 API calls 19793->19796 19794 7ff7774f061f 19797 7ff7774e5d98 _get_daylight 11 API calls 19794->19797 19795->19794 19798 7ff7774f063e 19795->19798 19799 7ff7774f05cb 19796->19799 19800 7ff7774f0624 19797->19800 19801 7ff7774e5ddc 45 API calls 19798->19801 19802 7ff7774eb770 _invalid_parameter_noinfo 37 API calls 19799->19802 19803 7ff7774eb770 _invalid_parameter_noinfo 37 API calls 19800->19803 19807 7ff7774f064b 19801->19807 19804 7ff7774f05d6 19802->19804 19806 7ff7774f062f 19803->19806 19804->19770 19805 7ff7774f136c 51 API calls 19805->19807 19806->19770 19807->19805 19807->19806

                                                                                                                                                                                                Executed Functions

                                                                                                                                                                                                Function 00007FF7774D1000 Relevance: 119.6, APIs: 5, Strings: 63, Instructions: 555COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 0 7ff7774d1000-7ff7774d3cc4 call 7ff7774e0ca8 call 7ff7774e0cb0 call 7ff7774dd6e0 call 7ff7774e6280 call 7ff7774e6314 call 7ff7774d2770 call 7ff7774d3b40 16 7ff7774d3cc6-7ff7774d3ccb 0->16 17 7ff7774d3cd0-7ff7774d3d05 call 7ff7774d2770 * 2 call 7ff7774d1950 0->17 18 7ff7774d4628-7ff7774d4642 call 7ff7774dd3e0 16->18 27 7ff7774d3e2b-7ff7774d3e4c call 7ff7774d2770 call 7ff7774d4c50 17->27 28 7ff7774d3d0b-7ff7774d3d24 call 7ff7774d1cc0 17->28 37 7ff7774d3e55-7ff7774d3e81 call 7ff7774d88f0 27->37 38 7ff7774d3e4e-7ff7774d3e53 27->38 32 7ff7774d3d29-7ff7774d3d99 call 7ff7774d2770 * 2 call 7ff7774d9640 28->32 51 7ff7774d3dc1-7ff7774d3dcf call 7ff7774e5dc0 32->51 52 7ff7774d3d9b-7ff7774d3d9e 32->52 48 7ff7774d3e83-7ff7774d3e8b call 7ff7774e0edc 37->48 49 7ff7774d3eb5-7ff7774d3eda call 7ff7774d1cc0 37->49 41 7ff7774d3e90-7ff7774d3eb0 call 7ff7774d2770 call 7ff7774d2960 38->41 62 7ff7774d4620 41->62 48->41 64 7ff7774d3ee0-7ff7774d3ee9 49->64 68 7ff7774d3dd5-7ff7774d3de7 call 7ff7774d9640 51->68 69 7ff7774d3f79-7ff7774d3fa7 call 7ff7774d9750 call 7ff7774d97b0 * 3 51->69 56 7ff7774d3db5-7ff7774d3dbc call 7ff7774d97b0 52->56 57 7ff7774d3da0-7ff7774d3da4 52->57 56->51 57->56 61 7ff7774d3da6-7ff7774d3db2 call 7ff7774d2770 57->61 61->56 62->18 64->64 67 7ff7774d3eeb-7ff7774d3f17 call 7ff7774d2770 call 7ff7774d1950 64->67 67->32 85 7ff7774d3f1d-7ff7774d3f34 call 7ff7774d2960 67->85 77 7ff7774d3f65-7ff7774d3f6c call 7ff7774d2770 68->77 78 7ff7774d3ded-7ff7774d3e05 call 7ff7774d2770 68->78 99 7ff7774d3fac-7ff7774d3fc3 call 7ff7774d9640 69->99 88 7ff7774d3f71-7ff7774d3f74 call 7ff7774e5dc0 77->88 90 7ff7774d3e10-7ff7774d3e16 78->90 85->62 88->69 94 7ff7774d3e1c-7ff7774d3e21 90->94 95 7ff7774d3f39-7ff7774d3f3b 90->95 94->90 98 7ff7774d3e23-7ff7774d3e26 94->98 97 7ff7774d3f3e-7ff7774d3f61 call 7ff7774d2770 call 7ff7774e5dc0 95->97 97->99 112 7ff7774d3f63 97->112 98->97 105 7ff7774d40d5-7ff7774d40e3 99->105 106 7ff7774d3fc9-7ff7774d3fcc 99->106 107 7ff7774d3fec 105->107 108 7ff7774d40e9-7ff7774d40ec 105->108 106->105 110 7ff7774d3fd2-7ff7774d3fd5 106->110 111 7ff7774d3ff0-7ff7774d401d call 7ff7774e5dc0 call 7ff7774d2770 107->111 108->111 113 7ff7774d40a1-7ff7774d40a4 110->113 114 7ff7774d3fdb-7ff7774d3fdf 110->114 126 7ff7774d401f-7ff7774d4033 call 7ff7774d9750 111->126 127 7ff7774d4038-7ff7774d404d 111->127 112->69 117 7ff7774d40a6-7ff7774d40aa 113->117 118 7ff7774d40bc-7ff7774d40d0 call 7ff7774d2960 113->118 114->113 115 7ff7774d3fe5 114->115 115->107 117->118 120 7ff7774d40ac-7ff7774d40b7 117->120 125 7ff7774d4600-7ff7774d4618 118->125 120->111 125->62 126->127 129 7ff7774d4053-7ff7774d4057 127->129 130 7ff7774d4177-7ff7774d4189 call 7ff7774d9640 127->130 132 7ff7774d415c-7ff7774d4171 call 7ff7774d1940 129->132 133 7ff7774d405d-7ff7774d4075 call 7ff7774e60e0 129->133 138 7ff7774d418b-7ff7774d4191 130->138 139 7ff7774d41a8-7ff7774d41b7 call 7ff7774e5dc0 130->139 132->129 132->130 143 7ff7774d40f1-7ff7774d4109 call 7ff7774e60e0 133->143 144 7ff7774d4077-7ff7774d408f call 7ff7774e60e0 133->144 141 7ff7774d4193-7ff7774d419b 138->141 142 7ff7774d419d-7ff7774d41a2 138->142 151 7ff7774d42f4-7ff7774d4315 call 7ff7774d4b70 139->151 152 7ff7774d41bd-7ff7774d41c3 139->152 141->142 142->139 153 7ff7774d4116-7ff7774d412e call 7ff7774e60e0 143->153 154 7ff7774d410b-7ff7774d410f 143->154 144->132 156 7ff7774d4095-7ff7774d409c 144->156 165 7ff7774d4323-7ff7774d4334 call 7ff7774d1cc0 151->165 166 7ff7774d4317-7ff7774d4321 call 7ff7774d4cc0 151->166 157 7ff7774d4258-7ff7774d428a call 7ff7774d2770 call 7ff7774d9640 152->157 158 7ff7774d41c9-7ff7774d41f0 call 7ff7774d2770 * 2 call 7ff7774d9e70 152->158 171 7ff7774d4130-7ff7774d4134 153->171 172 7ff7774d413b-7ff7774d4153 call 7ff7774e60e0 153->172 154->153 156->132 182 7ff7774d428c-7ff7774d428f 157->182 183 7ff7774d42de-7ff7774d42ef call 7ff7774d2960 157->183 191 7ff7774d41f2-7ff7774d4203 call 7ff7774d2960 158->191 192 7ff7774d4208-7ff7774d4225 call 7ff7774d2770 call 7ff7774d9450 158->192 174 7ff7774d4339-7ff7774d4356 call 7ff7774d2770 165->174 166->174 171->172 172->132 184 7ff7774d4155 172->184 189 7ff7774d43b5-7ff7774d43cb call 7ff7774da220 174->189 190 7ff7774d4358-7ff7774d435f 174->190 182->183 188 7ff7774d4291-7ff7774d42b4 call 7ff7774d1cc0 182->188 197 7ff7774d45f8 183->197 184->132 205 7ff7774d42d4-7ff7774d42dc call 7ff7774e5dc0 188->205 206 7ff7774d42b6-7ff7774d42cf call 7ff7774d2960 call 7ff7774e5dc0 188->206 210 7ff7774d43e3-7ff7774d440f call 7ff7774d2880 SetDllDirectoryW 189->210 211 7ff7774d43cd-7ff7774d43de call 7ff7774d2960 189->211 190->189 195 7ff7774d4361-7ff7774d4364 190->195 191->197 224 7ff7774d423d-7ff7774d424e call 7ff7774d2770 192->224 225 7ff7774d4227-7ff7774d4238 call 7ff7774d2960 192->225 195->189 201 7ff7774d4366-7ff7774d43a7 SetDllDirectoryW call 7ff7774d2880 LoadLibraryExW 195->201 197->125 222 7ff7774d43b0 call 7ff7774d2880 201->222 223 7ff7774d43a9 201->223 205->174 206->197 228 7ff7774d4411-7ff7774d4418 210->228 229 7ff7774d441d-7ff7774d442c call 7ff7774d9640 210->229 211->197 222->189 223->222 233 7ff7774d4253 224->233 225->197 234 7ff7774d44a7 call 7ff7774d2770 228->234 238 7ff7774d4445-7ff7774d444f call 7ff7774e5dc0 229->238 239 7ff7774d442e-7ff7774d4434 229->239 233->174 240 7ff7774d44ac-7ff7774d44b3 234->240 252 7ff7774d4451-7ff7774d446c call 7ff7774d2770 call 7ff7774d9750 238->252 253 7ff7774d446e-7ff7774d4474 238->253 241 7ff7774d4436-7ff7774d443e 239->241 242 7ff7774d4440-7ff7774d4442 239->242 244 7ff7774d458c-7ff7774d4593 240->244 245 7ff7774d44b9-7ff7774d44c0 240->245 241->242 242->238 247 7ff7774d4595-7ff7774d45b2 PostMessageW GetMessageW 244->247 248 7ff7774d45b8-7ff7774d45f6 call 7ff7774d3960 call 7ff7774d35e0 call 7ff7774d3910 call 7ff7774d77e0 call 7ff7774d7590 call 7ff7774d2770 244->248 245->244 246 7ff7774d44c6-7ff7774d44c9 call 7ff7774d3970 245->246 254 7ff7774d44ce 246->254 247->248 248->197 252->240 255 7ff7774d4493-7ff7774d449a 253->255 256 7ff7774d4476-7ff7774d4491 call 7ff7774d2770 call 7ff7774d9750 253->256 254->197 262 7ff7774d44d3-7ff7774d44d5 255->262 263 7ff7774d449c-7ff7774d449e 255->263 256->240 265 7ff7774d44a0 262->265 266 7ff7774d44d7-7ff7774d44ff call 7ff7774d2770 call 7ff7774d75e0 call 7ff7774d7c80 262->266 263->265 263->266 265->234 285 7ff7774d4501-7ff7774d4508 266->285 286 7ff7774d450a-7ff7774d451d call 7ff7774d2770 266->286 288 7ff7774d4572-7ff7774d4587 call 7ff7774d2cb0 call 7ff7774d77e0 call 7ff7774d7590 285->288 293 7ff7774d4543-7ff7774d454d call 7ff7774d7ab0 286->293 294 7ff7774d451f-7ff7774d4538 call 7ff7774d2770 call 7ff7774d7620 286->294 288->240 303 7ff7774d454f-7ff7774d4556 293->303 304 7ff7774d4558-7ff7774d4565 call 7ff7774d7e30 293->304 294->293 308 7ff7774d453a-7ff7774d4541 294->308 303->288 304->240 310 7ff7774d456b 304->310 308->288 310->288
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: DebugErrorFileLastModuleNameOutputString
                                                                                                                                                                                                • String ID: Could not create temporary directory!$Could not load PyInstaller's embedded PKG archive from the executable (%s)$Could not side-load PyInstaller's PKG archive from external file (%s)$Failed to convert DLL search path!$Failed to initialize security descriptor for temporary directory!$Failed to load Tcl/Tk shared libraries for splash screen!$Failed to load splash screen resources!$Failed to start splash screen!$Failed to unpack splash screen dependencies from PKG archive!$Invalid value in _PYI_PARENT_PROCESS_LEVEL: %s$LOADER: _PYI_ARCHIVE_FILE already defined: %s$LOADER: _PYI_ARCHIVE_FILE not defined...$LOADER: application has %s semantics...$LOADER: application's top-level directory: %s$LOADER: archive file: %s$LOADER: attempting to pre-load system copy of %ls...$LOADER: calling SetDllDirectory: %ls$LOADER: could not load system copy of %ls.$LOADER: created temporary directory: %s$LOADER: creating temporary directory (runtime_tmpdir=%s)...$LOADER: end of process reached!$LOADER: executable file: %s$LOADER: explicit environment reset enabled via environment variable!$LOADER: extracting splash screen dependencies...$LOADER: failed to open executable-embedded archive!$LOADER: initializing security descriptor for temporary directory...$LOADER: loading splash screen resources...$LOADER: process is not eligible for splash screen$LOADER: process level = %d$LOADER: setting up splash screen...$LOADER: side-load is disabled (code %d)!$LOADER: spawned subprocess - suppressing splash screen...$LOADER: splash screen is explicitly suppressed via environment variable!$LOADER: splash screen is unavailable.$LOADER: successfully loaded system copy of %ls.$LOADER: this is child process of onefile application (%s).$LOADER: this is parent process of onefile application.$LOADER: trying to load executable-embedded archive...$LOADER: trying to load external PKG archive (%s)...$LOADER: using different archive file than parent environment!$LOADER: using same archive file as parent environment!$MEI$PYINSTALLER_RESET_ENVIRONMENT$PYINSTALLER_STRICT_UNPACK_MODE$PYINSTALLER_SUPPRESS_SPLASH_SCREEN$Path exceeds PYI_PATH_MAX limit.$PyInstaller Bootloader 6.x$Py_GIL_DISABLED$VCRUNTIME140.dll$_PYI_APPLICATION_HOME_DIR$_PYI_APPLICATION_HOME_DIR not set for onefile child process!$_PYI_ARCHIVE_FILE$_PYI_PARENT_PROCESS_LEVEL$_PYI_SPLASH_IPC$main application process$onedir$onefile$pkg$pyi-contents-directory$pyi-disable-windowed-traceback$pyi-python-flag$pyi-runtime-tmpdir$spawned subprocess
                                                                                                                                                                                                • API String ID: 3669267851-3110933790
                                                                                                                                                                                                • Opcode ID: 619ae607d4e644ac655d4018ac6443bc6f5e2145c8e58eabfb5eec493e37ac53
                                                                                                                                                                                                • Instruction ID: 6404f395096b8bdd2d14734ceabfdf6796709bee082d2a267dad4c3b92b45e67
                                                                                                                                                                                                • Opcode Fuzzy Hash: 619ae607d4e644ac655d4018ac6443bc6f5e2145c8e58eabfb5eec493e37ac53
                                                                                                                                                                                                • Instruction Fuzzy Hash: 86428F23A3C64290EA94FB27D8A41B9E3A1AF45784FC84171DE9D432D6DF2CE527C720
                                                                                                                                                                                                Function 00007FF7774D97F0 Relevance: 112.3, APIs: 36, Strings: 28, Instructions: 319synchronizationwindowregistryCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 311 7ff7774d97f0-7ff7774d9853 call 7ff7774dd6e0 call 7ff7774da220 SetConsoleCtrlHandler 316 7ff7774d9855-7ff7774d985c call 7ff7774d2880 311->316 317 7ff7774d9861-7ff7774d9952 call 7ff7774d2880 GetStartupInfoW call 7ff7774e6280 call 7ff7774eb30c call 7ff7774e95ac call 7ff7774e6280 call 7ff7774eb30c call 7ff7774e95ac call 7ff7774e6280 call 7ff7774eb30c call 7ff7774e95ac GetCommandLineW CreateProcessW 311->317 316->317 339 7ff7774d9954-7ff7774d9974 GetLastError call 7ff7774d2ec0 317->339 340 7ff7774d9979-7ff7774d99cd call 7ff7774d2880 * 2 RegisterClassW 317->340 345 7ff7774d9dad-7ff7774d9dd3 call 7ff7774dd3e0 339->345 350 7ff7774d99e3-7ff7774d9a37 CreateWindowExW 340->350 351 7ff7774d99cf-7ff7774d99de GetLastError call 7ff7774d2880 340->351 353 7ff7774d9a4f-7ff7774d9a61 ShowWindow call 7ff7774d2880 350->353 354 7ff7774d9a39-7ff7774d9a4d GetLastError call 7ff7774d2880 350->354 351->350 358 7ff7774d9a66-7ff7774d9a82 call 7ff7774d2880 WaitForSingleObject 353->358 354->358 361 7ff7774d9a88-7ff7774d9a8b 358->361 362 7ff7774d9b19 358->362 364 7ff7774d9aa1-7ff7774d9aa8 361->364 365 7ff7774d9a8d-7ff7774d9a9c GetLastError call 7ff7774d2880 361->365 363 7ff7774d9b20-7ff7774d9b38 call 7ff7774d2880 * 2 362->363 376 7ff7774d9b3e-7ff7774d9b63 call 7ff7774d2880 WaitForSingleObject 363->376 377 7ff7774d9be8-7ff7774d9bef 363->377 368 7ff7774d9bcb-7ff7774d9bd2 364->368 369 7ff7774d9aae-7ff7774d9acb PeekMessageW 364->369 365->364 368->363 371 7ff7774d9b03-7ff7774d9b13 WaitForSingleObject 369->371 372 7ff7774d9acd 369->372 371->361 371->362 374 7ff7774d9ad0-7ff7774d9b01 TranslateMessage DispatchMessageW PeekMessageW 372->374 374->371 374->374 386 7ff7774d9b65-7ff7774d9b85 call 7ff7774d2880 TerminateProcess 376->386 387 7ff7774d9bd7-7ff7774d9be3 call 7ff7774d2880 376->387 378 7ff7774d9bf5-7ff7774d9c1c call 7ff7774d2880 QueryPerformanceFrequency QueryPerformanceCounter 377->378 379 7ff7774d9d02-7ff7774d9d15 call 7ff7774d2880 377->379 391 7ff7774d9c20-7ff7774d9c58 MsgWaitForMultipleObjects PeekMessageW 378->391 389 7ff7774d9d58-7ff7774d9d6e call 7ff7774d2880 379->389 390 7ff7774d9d17 379->390 402 7ff7774d9b9b-7ff7774d9bc6 WaitForSingleObject call 7ff7774d2880 386->402 403 7ff7774d9b87-7ff7774d9b96 GetLastError call 7ff7774d2880 386->403 387->389 411 7ff7774d9d70-7ff7774d9d76 DestroyWindow 389->411 412 7ff7774d9d7d-7ff7774d9da9 GetExitCodeProcess CloseHandle * 2 389->412 394 7ff7774d9d20-7ff7774d9d39 GetMessageW 390->394 395 7ff7774d9c93-7ff7774d9c9a 391->395 396 7ff7774d9c5a 391->396 399 7ff7774d9d4f-7ff7774d9d56 394->399 400 7ff7774d9d3b-7ff7774d9d49 TranslateMessage DispatchMessageW 394->400 404 7ff7774d9c9c-7ff7774d9cd2 QueryPerformanceCounter call 7ff7774d2880 395->404 405 7ff7774d9ced 395->405 401 7ff7774d9c60-7ff7774d9c91 TranslateMessage DispatchMessageW PeekMessageW 396->401 399->389 399->394 400->399 401->395 401->401 402->389 403->402 414 7ff7774d9cd7-7ff7774d9cde 404->414 407 7ff7774d9cf4 call 7ff7774d2880 405->407 416 7ff7774d9cf9-7ff7774d9d00 407->416 411->412 412->345 414->391 417 7ff7774d9ce4-7ff7774d9ceb 414->417 416->379 416->389 417->407
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ErrorLast$MessageObjectProcessSingleWait$Window$CloseCreateHandlePeek$ByteCharClassCodeCommandConsoleCtrlCurrentDebugDestroyDispatchExitHandlerInfoLineMultiOutputRegisterShowStartupStringTerminateTranslateWide
                                                                                                                                                                                                • String ID: CreateProcessW$Failed to create child process!$LOADER: TerminateProcess call failed (%d)$LOADER: WaitForSingleObject() failed with error code %d!$LOADER: child process has finished - exiting the wait loop!$LOADER: child process has finished.$LOADER: child process not terminated!$LOADER: child process started!$LOADER: child process terminated!$LOADER: creating hidden window to capture system shutdown events...$LOADER: done waiting for WM_QUERYENDSESSION - message received!$LOADER: done waiting for WM_QUERYENDSESSION - timed-out!$LOADER: entering the waiting loop...$LOADER: failed to create hidden window (%d)!$LOADER: failed to install console ctrl handler!$LOADER: failed to register hidden window class (%d)!$LOADER: handling console shutdown - giving the child %d ms to exit...$LOADER: hidden window created!$LOADER: made it out of the waiting loop!$LOADER: received console shutdown event - exiting the wait loop!$LOADER: received session shutdown signal via WM_QUERYENDSESSION; waiting for WM_ENDSESSION...$LOADER: retrieving process exit code and performing cleanup...$LOADER: setting up child process...$LOADER: terminating the child process...$LOADER: waited %lld ms / %d ms...$LOADER: waiting %d ms in case we receive WM_QUERYENDSESSION...$PyInstaller Onefile Hidden Window$PyInstallerOnefileHiddenWindow
                                                                                                                                                                                                • API String ID: 247756579-819605309
                                                                                                                                                                                                • Opcode ID: 00504ee784da408b9877103127ef457fe255ffadabe186d71ff6d6364cc0785d
                                                                                                                                                                                                • Instruction ID: 8e2d26d3197687b28d7b86f012be9bbe24934b8bdeafe9c5d13b027d0f9780b5
                                                                                                                                                                                                • Opcode Fuzzy Hash: 00504ee784da408b9877103127ef457fe255ffadabe186d71ff6d6364cc0785d
                                                                                                                                                                                                • Instruction Fuzzy Hash: 52F16323A38A8296FB54BB35E8902B9A360FF44754FC40235DE5D836A5DF3CE566C720
                                                                                                                                                                                                Function 00007FF7774D8E90 Relevance: 17.6, APIs: 6, Strings: 4, Instructions: 100fileCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                APIs
                                                                                                                                                                                                • FindFirstFileW.KERNELBASE(?,00007FF7774D9729,00007FF7774D3A80), ref: 00007FF7774D8EFB
                                                                                                                                                                                                • RemoveDirectoryW.KERNEL32(?,00007FF7774D9729,00007FF7774D3A80), ref: 00007FF7774D8F86
                                                                                                                                                                                                • DeleteFileW.KERNELBASE(?,00007FF7774D9729,00007FF7774D3A80), ref: 00007FF7774D8FBB
                                                                                                                                                                                                • FindNextFileW.KERNELBASE(?,00007FF7774D9729,00007FF7774D3A80), ref: 00007FF7774D8FE1
                                                                                                                                                                                                • FindClose.KERNEL32(?,00007FF7774D9729,00007FF7774D3A80), ref: 00007FF7774D8FF2
                                                                                                                                                                                                • RemoveDirectoryW.KERNELBASE(?,00007FF7774D9729,00007FF7774D3A80), ref: 00007FF7774D8FFB
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: FileFind$DirectoryRemove$CloseDeleteFirstNext
                                                                                                                                                                                                • String ID: %s\*$LOADER: failed to remove directory symbolic link: %ls$LOADER: failed to remove directory: %ls$LOADER: failed to remove file: %ls
                                                                                                                                                                                                • API String ID: 1057558799-1659351542
                                                                                                                                                                                                • Opcode ID: 586d4ee10e1be3950498cd5acdbccf0ff22e5086347b2ced246f4c12bcf25c15
                                                                                                                                                                                                • Instruction ID: 6f6acb368705198b07fafe8be00cb737afc2a7e696583aa333c52a360fb5dfca
                                                                                                                                                                                                • Opcode Fuzzy Hash: 586d4ee10e1be3950498cd5acdbccf0ff22e5086347b2ced246f4c12bcf25c15
                                                                                                                                                                                                • Instruction Fuzzy Hash: B8418422A3CA4291EAB0BB22E4841FAE3A5FB94754FC00535EF8D825D4EF2CD51BC710
                                                                                                                                                                                                Function 00007FF7774F6A90 Relevance: 14.3, APIs: 6, Strings: 2, Instructions: 334timeCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 732 7ff7774f6a90-7ff7774f6acb call 7ff7774f6418 call 7ff7774f6420 call 7ff7774f6488 739 7ff7774f6cf5-7ff7774f6d41 call 7ff7774eb790 call 7ff7774f6418 call 7ff7774f6420 call 7ff7774f6488 732->739 740 7ff7774f6ad1-7ff7774f6adc call 7ff7774f6428 732->740 766 7ff7774f6e7f-7ff7774f6eed call 7ff7774eb790 call 7ff7774f2408 739->766 767 7ff7774f6d47-7ff7774f6d52 call 7ff7774f6428 739->767 740->739 745 7ff7774f6ae2-7ff7774f6aec 740->745 748 7ff7774f6b0e-7ff7774f6b12 745->748 749 7ff7774f6aee-7ff7774f6af1 745->749 750 7ff7774f6b15-7ff7774f6b1d 748->750 752 7ff7774f6af4-7ff7774f6aff 749->752 750->750 753 7ff7774f6b1f-7ff7774f6b32 call 7ff7774ee48c 750->753 755 7ff7774f6b01-7ff7774f6b08 752->755 756 7ff7774f6b0a-7ff7774f6b0c 752->756 762 7ff7774f6b34-7ff7774f6b36 call 7ff7774eb7d8 753->762 763 7ff7774f6b4a-7ff7774f6b56 call 7ff7774eb7d8 753->763 755->752 755->756 756->748 759 7ff7774f6b3b-7ff7774f6b49 756->759 762->759 773 7ff7774f6b5d-7ff7774f6b65 763->773 784 7ff7774f6eef-7ff7774f6ef6 766->784 785 7ff7774f6efb-7ff7774f6efe 766->785 767->766 775 7ff7774f6d58-7ff7774f6d63 call 7ff7774f6458 767->775 773->773 776 7ff7774f6b67-7ff7774f6b78 call 7ff7774f1304 773->776 775->766 786 7ff7774f6d69-7ff7774f6d8c call 7ff7774eb7d8 GetTimeZoneInformation 775->786 776->739 787 7ff7774f6b7e-7ff7774f6bd4 call 7ff7774fb360 * 4 call 7ff7774f69ac 776->787 788 7ff7774f6f8b-7ff7774f6f8e 784->788 789 7ff7774f6f35-7ff7774f6f48 call 7ff7774ee48c 785->789 790 7ff7774f6f00 785->790 802 7ff7774f6e54-7ff7774f6e7e call 7ff7774f6410 call 7ff7774f6400 call 7ff7774f6408 786->802 803 7ff7774f6d92-7ff7774f6db3 786->803 844 7ff7774f6bd6-7ff7774f6bda 787->844 794 7ff7774f6f03 call 7ff7774f6d0c 788->794 795 7ff7774f6f94-7ff7774f6f9c call 7ff7774f6a90 788->795 806 7ff7774f6f53-7ff7774f6f6e call 7ff7774f2408 789->806 807 7ff7774f6f4a 789->807 790->794 810 7ff7774f6f08-7ff7774f6f34 call 7ff7774eb7d8 call 7ff7774dd3e0 794->810 795->810 804 7ff7774f6db5-7ff7774f6dbb 803->804 805 7ff7774f6dbe-7ff7774f6dc5 803->805 804->805 812 7ff7774f6dd9 805->812 813 7ff7774f6dc7-7ff7774f6dcf 805->813 830 7ff7774f6f75-7ff7774f6f87 call 7ff7774eb7d8 806->830 831 7ff7774f6f70-7ff7774f6f73 806->831 814 7ff7774f6f4c-7ff7774f6f51 call 7ff7774eb7d8 807->814 822 7ff7774f6ddb-7ff7774f6e4f call 7ff7774fb360 * 4 call 7ff7774f39ec call 7ff7774f6fa4 * 2 812->822 813->812 819 7ff7774f6dd1-7ff7774f6dd7 813->819 814->790 819->822 822->802 830->788 831->814 846 7ff7774f6be0-7ff7774f6be4 844->846 847 7ff7774f6bdc 844->847 846->844 850 7ff7774f6be6-7ff7774f6c0b call 7ff7774e79e8 846->850 847->846 856 7ff7774f6c0e-7ff7774f6c12 850->856 857 7ff7774f6c14-7ff7774f6c1f 856->857 858 7ff7774f6c21-7ff7774f6c25 856->858 857->858 861 7ff7774f6c27-7ff7774f6c2b 857->861 858->856 863 7ff7774f6c2d-7ff7774f6c55 call 7ff7774e79e8 861->863 864 7ff7774f6cac-7ff7774f6cb0 861->864 872 7ff7774f6c73-7ff7774f6c77 863->872 873 7ff7774f6c57 863->873 865 7ff7774f6cb2-7ff7774f6cb4 864->865 866 7ff7774f6cb7-7ff7774f6cc4 864->866 865->866 868 7ff7774f6cc6-7ff7774f6cdc call 7ff7774f69ac 866->868 869 7ff7774f6cdf-7ff7774f6cee call 7ff7774f6410 call 7ff7774f6400 866->869 868->869 869->739 872->864 878 7ff7774f6c79-7ff7774f6c97 call 7ff7774e79e8 872->878 876 7ff7774f6c5a-7ff7774f6c61 873->876 876->872 879 7ff7774f6c63-7ff7774f6c71 876->879 884 7ff7774f6ca3-7ff7774f6caa 878->884 879->872 879->876 884->864 885 7ff7774f6c99-7ff7774f6c9d 884->885 885->864 886 7ff7774f6c9f 885->886 886->884
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • _get_daylight.LIBCMT ref: 00007FF7774F6AD5
                                                                                                                                                                                                  • Part of subcall function 00007FF7774F6428: _invalid_parameter_noinfo.LIBCMT ref: 00007FF7774F643C
                                                                                                                                                                                                  • Part of subcall function 00007FF7774EB7D8: RtlFreeHeap.NTDLL(?,?,?,00007FF7774F3BB2,?,?,?,00007FF7774F3BEF,?,?,00000000,00007FF7774F40B5,?,?,?,00007FF7774F3FE7), ref: 00007FF7774EB7EE
                                                                                                                                                                                                  • Part of subcall function 00007FF7774EB7D8: GetLastError.KERNEL32(?,?,?,00007FF7774F3BB2,?,?,?,00007FF7774F3BEF,?,?,00000000,00007FF7774F40B5,?,?,?,00007FF7774F3FE7), ref: 00007FF7774EB7F8
                                                                                                                                                                                                  • Part of subcall function 00007FF7774EB790: IsProcessorFeaturePresent.KERNEL32(?,?,?,?,00007FF7774EB76F,?,?,?,?,?,00007FF7774EB65A), ref: 00007FF7774EB799
                                                                                                                                                                                                  • Part of subcall function 00007FF7774EB790: GetCurrentProcess.KERNEL32(?,?,?,?,00007FF7774EB76F,?,?,?,?,?,00007FF7774EB65A), ref: 00007FF7774EB7BE
                                                                                                                                                                                                • _get_daylight.LIBCMT ref: 00007FF7774F6AC4
                                                                                                                                                                                                  • Part of subcall function 00007FF7774F6488: _invalid_parameter_noinfo.LIBCMT ref: 00007FF7774F649C
                                                                                                                                                                                                • _get_daylight.LIBCMT ref: 00007FF7774F6D3A
                                                                                                                                                                                                • _get_daylight.LIBCMT ref: 00007FF7774F6D4B
                                                                                                                                                                                                • _get_daylight.LIBCMT ref: 00007FF7774F6D5C
                                                                                                                                                                                                • GetTimeZoneInformation.KERNELBASE(?,?,?,?,?,?,?,?,?,00000000,?,00007FF7774F6F9C), ref: 00007FF7774F6D83
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _get_daylight$_invalid_parameter_noinfo$CurrentErrorFeatureFreeHeapInformationLastPresentProcessProcessorTimeZone
                                                                                                                                                                                                • String ID: Eastern Standard Time$Eastern Summer Time
                                                                                                                                                                                                • API String ID: 4070488512-239921721
                                                                                                                                                                                                • Opcode ID: ea4228eb2b8523d379eb856740e7c3fdb59cc4f74fd71962fc76e4e0d0406b68
                                                                                                                                                                                                • Instruction ID: 282e3e2d7420db3c61a977b88e64d0cfa991c300e74c768c0e133425b8d2031d
                                                                                                                                                                                                • Opcode Fuzzy Hash: ea4228eb2b8523d379eb856740e7c3fdb59cc4f74fd71962fc76e4e0d0406b68
                                                                                                                                                                                                • Instruction Fuzzy Hash: DED1D023A3825296EB20BF26D4415B9A7A1FF85B98FC84435EE4D47A85DF3CE442C361
                                                                                                                                                                                                Function 00007FF7774F77F4 Relevance: 13.8, APIs: 9, Instructions: 276fileCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 918 7ff7774f77f4-7ff7774f7867 call 7ff7774f7528 921 7ff7774f7881-7ff7774f788b call 7ff7774e93b0 918->921 922 7ff7774f7869-7ff7774f7872 call 7ff7774e5d78 918->922 927 7ff7774f78a6-7ff7774f790f CreateFileW 921->927 928 7ff7774f788d-7ff7774f78a4 call 7ff7774e5d78 call 7ff7774e5d98 921->928 929 7ff7774f7875-7ff7774f787c call 7ff7774e5d98 922->929 931 7ff7774f7911-7ff7774f7917 927->931 932 7ff7774f798c-7ff7774f7997 GetFileType 927->932 928->929 940 7ff7774f7bc2-7ff7774f7be2 929->940 938 7ff7774f7959-7ff7774f7987 GetLastError call 7ff7774e5d0c 931->938 939 7ff7774f7919-7ff7774f791d 931->939 935 7ff7774f7999-7ff7774f79d4 GetLastError call 7ff7774e5d0c CloseHandle 932->935 936 7ff7774f79ea-7ff7774f79f1 932->936 935->929 952 7ff7774f79da-7ff7774f79e5 call 7ff7774e5d98 935->952 943 7ff7774f79f3-7ff7774f79f7 936->943 944 7ff7774f79f9-7ff7774f79fc 936->944 938->929 939->938 945 7ff7774f791f-7ff7774f7957 CreateFileW 939->945 949 7ff7774f7a02-7ff7774f7a57 call 7ff7774e92c8 943->949 944->949 950 7ff7774f79fe 944->950 945->932 945->938 957 7ff7774f7a76-7ff7774f7aa7 call 7ff7774f72a8 949->957 958 7ff7774f7a59-7ff7774f7a65 call 7ff7774f7730 949->958 950->949 952->929 964 7ff7774f7aad-7ff7774f7aef 957->964 965 7ff7774f7aa9-7ff7774f7aab 957->965 958->957 963 7ff7774f7a67 958->963 966 7ff7774f7a69-7ff7774f7a71 call 7ff7774eb950 963->966 967 7ff7774f7b11-7ff7774f7b1c 964->967 968 7ff7774f7af1-7ff7774f7af5 964->968 965->966 966->940 971 7ff7774f7b22-7ff7774f7b26 967->971 972 7ff7774f7bc0 967->972 968->967 970 7ff7774f7af7-7ff7774f7b0c 968->970 970->967 971->972 974 7ff7774f7b2c-7ff7774f7b71 CloseHandle CreateFileW 971->974 972->940 975 7ff7774f7ba6-7ff7774f7bbb 974->975 976 7ff7774f7b73-7ff7774f7ba1 GetLastError call 7ff7774e5d0c call 7ff7774e94f0 974->976 975->972 976->975
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: File$CreateErrorLast_invalid_parameter_noinfo$CloseHandle$Type
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1617910340-0
                                                                                                                                                                                                • Opcode ID: 1d9ed3d4efa89bdc1dc95a4a467970b21b1bc653c22a6d7fb70e9ddd5adb907c
                                                                                                                                                                                                • Instruction ID: a3d94dcad0636a3e9ee6c29d2ba72d5ff418a65d99f0bdd63ecfb09de0831737
                                                                                                                                                                                                • Opcode Fuzzy Hash: 1d9ed3d4efa89bdc1dc95a4a467970b21b1bc653c22a6d7fb70e9ddd5adb907c
                                                                                                                                                                                                • Instruction Fuzzy Hash: 25C1B033B34A4285EB11EF66C4906AC7761FB49BA8B854225EE2E57794CF3CD056C310
                                                                                                                                                                                                Function 00007FF7774F6D0C Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 143timeCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 1182 7ff7774f6d0c-7ff7774f6d41 call 7ff7774f6418 call 7ff7774f6420 call 7ff7774f6488 1189 7ff7774f6e7f-7ff7774f6eed call 7ff7774eb790 call 7ff7774f2408 1182->1189 1190 7ff7774f6d47-7ff7774f6d52 call 7ff7774f6428 1182->1190 1201 7ff7774f6eef-7ff7774f6ef6 1189->1201 1202 7ff7774f6efb-7ff7774f6efe 1189->1202 1190->1189 1195 7ff7774f6d58-7ff7774f6d63 call 7ff7774f6458 1190->1195 1195->1189 1203 7ff7774f6d69-7ff7774f6d8c call 7ff7774eb7d8 GetTimeZoneInformation 1195->1203 1204 7ff7774f6f8b-7ff7774f6f8e 1201->1204 1205 7ff7774f6f35-7ff7774f6f48 call 7ff7774ee48c 1202->1205 1206 7ff7774f6f00 1202->1206 1215 7ff7774f6e54-7ff7774f6e7e call 7ff7774f6410 call 7ff7774f6400 call 7ff7774f6408 1203->1215 1216 7ff7774f6d92-7ff7774f6db3 1203->1216 1208 7ff7774f6f03 call 7ff7774f6d0c 1204->1208 1209 7ff7774f6f94-7ff7774f6f9c call 7ff7774f6a90 1204->1209 1219 7ff7774f6f53-7ff7774f6f6e call 7ff7774f2408 1205->1219 1220 7ff7774f6f4a 1205->1220 1206->1208 1222 7ff7774f6f08-7ff7774f6f34 call 7ff7774eb7d8 call 7ff7774dd3e0 1208->1222 1209->1222 1217 7ff7774f6db5-7ff7774f6dbb 1216->1217 1218 7ff7774f6dbe-7ff7774f6dc5 1216->1218 1217->1218 1224 7ff7774f6dd9 1218->1224 1225 7ff7774f6dc7-7ff7774f6dcf 1218->1225 1239 7ff7774f6f75-7ff7774f6f87 call 7ff7774eb7d8 1219->1239 1240 7ff7774f6f70-7ff7774f6f73 1219->1240 1226 7ff7774f6f4c-7ff7774f6f51 call 7ff7774eb7d8 1220->1226 1232 7ff7774f6ddb-7ff7774f6e4f call 7ff7774fb360 * 4 call 7ff7774f39ec call 7ff7774f6fa4 * 2 1224->1232 1225->1224 1230 7ff7774f6dd1-7ff7774f6dd7 1225->1230 1226->1206 1230->1232 1232->1215 1239->1204 1240->1226
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • _get_daylight.LIBCMT ref: 00007FF7774F6D3A
                                                                                                                                                                                                  • Part of subcall function 00007FF7774F6488: _invalid_parameter_noinfo.LIBCMT ref: 00007FF7774F649C
                                                                                                                                                                                                • _get_daylight.LIBCMT ref: 00007FF7774F6D4B
                                                                                                                                                                                                  • Part of subcall function 00007FF7774F6428: _invalid_parameter_noinfo.LIBCMT ref: 00007FF7774F643C
                                                                                                                                                                                                • _get_daylight.LIBCMT ref: 00007FF7774F6D5C
                                                                                                                                                                                                  • Part of subcall function 00007FF7774F6458: _invalid_parameter_noinfo.LIBCMT ref: 00007FF7774F646C
                                                                                                                                                                                                  • Part of subcall function 00007FF7774EB7D8: RtlFreeHeap.NTDLL(?,?,?,00007FF7774F3BB2,?,?,?,00007FF7774F3BEF,?,?,00000000,00007FF7774F40B5,?,?,?,00007FF7774F3FE7), ref: 00007FF7774EB7EE
                                                                                                                                                                                                  • Part of subcall function 00007FF7774EB7D8: GetLastError.KERNEL32(?,?,?,00007FF7774F3BB2,?,?,?,00007FF7774F3BEF,?,?,00000000,00007FF7774F40B5,?,?,?,00007FF7774F3FE7), ref: 00007FF7774EB7F8
                                                                                                                                                                                                • GetTimeZoneInformation.KERNELBASE(?,?,?,?,?,?,?,?,?,00000000,?,00007FF7774F6F9C), ref: 00007FF7774F6D83
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _get_daylight_invalid_parameter_noinfo$ErrorFreeHeapInformationLastTimeZone
                                                                                                                                                                                                • String ID: Eastern Standard Time$Eastern Summer Time
                                                                                                                                                                                                • API String ID: 3458911817-239921721
                                                                                                                                                                                                • Opcode ID: dabf741a0b193159167fa0596149a88e91fee73d59200496ba2be6138591c043
                                                                                                                                                                                                • Instruction ID: 854d5ed0d821892a191eea96b8776ee7faee76ed5af2f6051fc8f685da2cea2b
                                                                                                                                                                                                • Opcode Fuzzy Hash: dabf741a0b193159167fa0596149a88e91fee73d59200496ba2be6138591c043
                                                                                                                                                                                                • Instruction Fuzzy Hash: DB516F33A3864296E710FF26D8815A9E761FB49788FC84536EE4D43A96DF3CE442C760
                                                                                                                                                                                                Function 00007FF7774DA110 Relevance: 3.0, APIs: 2, Instructions: 29COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Find$CloseFileFirst
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2295610775-0
                                                                                                                                                                                                • Opcode ID: b115aaa5e8937644bfb662755a1459c59560f1bb963ed3fb365ba1dcea5c7f5a
                                                                                                                                                                                                • Instruction ID: a4fc46a0b28e9b0dc9ec15537efaa0443dd1a42b02c86c7093d26463f2b90ebb
                                                                                                                                                                                                • Opcode Fuzzy Hash: b115aaa5e8937644bfb662755a1459c59560f1bb963ed3fb365ba1dcea5c7f5a
                                                                                                                                                                                                • Instruction Fuzzy Hash: C2F04427B38742C6F7A09B65B48976AA350AB44764F841735DEAD02AE4CF3CD46ACA10
                                                                                                                                                                                                Function 00007FF7774D1950 Relevance: 29.9, APIs: 2, Strings: 15, Instructions: 199COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 418 7ff7774d1950-7ff7774d199d call 7ff7774d2770 call 7ff7774d4c50 423 7ff7774d19b5-7ff7774d19f5 call 7ff7774d88f0 418->423 424 7ff7774d199f-7ff7774d19b0 call 7ff7774d2770 418->424 429 7ff7774d19f7-7ff7774d1a03 call 7ff7774d2770 423->429 430 7ff7774d1a08-7ff7774d1a27 call 7ff7774d2770 call 7ff7774e1564 423->430 431 7ff7774d1c8e-7ff7774d1cb2 call 7ff7774dd3e0 424->431 438 7ff7774d1c7b-7ff7774d1c7e call 7ff7774e0edc 429->438 442 7ff7774d1a48-7ff7774d1a64 call 7ff7774e122c 430->442 443 7ff7774d1a29-7ff7774d1a43 call 7ff7774e5d98 call 7ff7774d2b70 430->443 444 7ff7774d1c83-7ff7774d1c8b 438->444 449 7ff7774d1a85-7ff7774d1a9a call 7ff7774e5db8 442->449 450 7ff7774d1a66-7ff7774d1a80 call 7ff7774e5d98 call 7ff7774d2b70 442->450 443->438 444->431 458 7ff7774d1abb-7ff7774d1b45 call 7ff7774d1cc0 * 2 call 7ff7774e1564 call 7ff7774e5dd4 449->458 459 7ff7774d1a9c-7ff7774d1ab6 call 7ff7774e5d98 call 7ff7774d2b70 449->459 450->438 472 7ff7774d1b4a-7ff7774d1b54 458->472 459->438 473 7ff7774d1b75-7ff7774d1b8e call 7ff7774e122c 472->473 474 7ff7774d1b56-7ff7774d1b70 call 7ff7774e5d98 call 7ff7774d2b70 472->474 480 7ff7774d1baf-7ff7774d1bcb call 7ff7774e0fa0 473->480 481 7ff7774d1b90-7ff7774d1baa call 7ff7774e5d98 call 7ff7774d2b70 473->481 474->438 488 7ff7774d1bcd-7ff7774d1bd9 call 7ff7774d2960 480->488 489 7ff7774d1bde-7ff7774d1bec 480->489 481->438 488->438 489->438 492 7ff7774d1bf2-7ff7774d1bf9 489->492 494 7ff7774d1c01-7ff7774d1c07 492->494 495 7ff7774d1c20-7ff7774d1c2f 494->495 496 7ff7774d1c09-7ff7774d1c16 494->496 495->495 497 7ff7774d1c31-7ff7774d1c3a 495->497 496->497 498 7ff7774d1c4f 497->498 499 7ff7774d1c3c-7ff7774d1c3f 497->499 501 7ff7774d1c51-7ff7774d1c64 498->501 499->498 500 7ff7774d1c41-7ff7774d1c44 499->500 500->498 502 7ff7774d1c46-7ff7774d1c49 500->502 503 7ff7774d1c66 501->503 504 7ff7774d1c6d-7ff7774d1c79 501->504 502->498 505 7ff7774d1c4b-7ff7774d1c4d 502->505 503->504 504->438 504->494 505->501
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: DebugOutputString
                                                                                                                                                                                                • String ID: Could not allocate buffer for TOC!$Could not allocate memory for archive structure!$Could not read full TOC!$Error on file.$Failed to read cookie!$Failed to seek to cookie position!$LOADER: attempting to open archive %s$LOADER: cannot find cookie!$LOADER: cannot open archive: %s$LOADER: cookie found at offset 0x%llX$MEI$calloc$fread$fseek$malloc
                                                                                                                                                                                                • API String ID: 1166629820-2612702325
                                                                                                                                                                                                • Opcode ID: 08ddceaae77da1927249ab7b9396c4324bf6380f9f05f20f43a3dd16246b0016
                                                                                                                                                                                                • Instruction ID: b8a918c1c4afba9ba9aba66d0b2c85201ede529ae0bc1ada91e0a636ea8dd6ad
                                                                                                                                                                                                • Opcode Fuzzy Hash: 08ddceaae77da1927249ab7b9396c4324bf6380f9f05f20f43a3dd16246b0016
                                                                                                                                                                                                • Instruction Fuzzy Hash: CA919332A3C68285EB60FB26D4846F9A3A1EF45B80FC44832DE8D47795DE7CE5578720
                                                                                                                                                                                                Function 00007FF7774D3970 Relevance: 28.1, APIs: 2, Strings: 14, Instructions: 106windowCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                APIs
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D2770: OutputDebugStringW.KERNEL32(?,?,?,?,?,00007FF7774D3CB6), ref: 00007FF7774D2847
                                                                                                                                                                                                • PostMessageW.USER32 ref: 00007FF7774D39E0
                                                                                                                                                                                                • GetMessageW.USER32 ref: 00007FF7774D39F3
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D2770: OutputDebugStringA.KERNEL32(?,?,?,?,?,00007FF7774D3CB6), ref: 00007FF7774D2854
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: DebugMessageOutputString$Post
                                                                                                                                                                                                • String ID: Failed to remove temporary directory: %s$LOADER: child process exited (return code: %d)$LOADER: end of process reached!$LOADER: extracting files to temporary directory...$LOADER: failed to extract files!$LOADER: failed to remove temporary directory - attempting to mitigate the situation...$LOADER: mitigation failed!$LOADER: mitigation succeeded.$LOADER: performing cleanup...$LOADER: removing temporary directory: %s$LOADER: setting _PYI_APPLICATION_HOME_DIR to %s$LOADER: starting the child process...$LOADER: temporary directory %s was successfully removed.$_PYI_APPLICATION_HOME_DIR
                                                                                                                                                                                                • API String ID: 3280635411-4248730274
                                                                                                                                                                                                • Opcode ID: 19647ddf0d87961c25dad8b0583155bfdf23dc58c6ad58c567d3a586b9cf8d55
                                                                                                                                                                                                • Instruction ID: 15111e857907b88231a869dba903d14f54343615c4c2f093b540b2077d899962
                                                                                                                                                                                                • Opcode Fuzzy Hash: 19647ddf0d87961c25dad8b0583155bfdf23dc58c6ad58c567d3a586b9cf8d55
                                                                                                                                                                                                • Instruction Fuzzy Hash: 3B412227A3854291FB50FF36E8A11BA9351AF94784FC80131EF8D871A6DE2CE567C760
                                                                                                                                                                                                Function 00007FF7774D1600 Relevance: 22.9, APIs: 1, Strings: 12, Instructions: 145COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 565 7ff7774d1600-7ff7774d1611 566 7ff7774d1613-7ff7774d161c call 7ff7774d1050 565->566 567 7ff7774d1637-7ff7774d1651 call 7ff7774d4c50 565->567 572 7ff7774d162e-7ff7774d1636 566->572 573 7ff7774d161e-7ff7774d1629 call 7ff7774d2960 566->573 574 7ff7774d1653-7ff7774d1681 call 7ff7774e5d98 call 7ff7774d2b70 567->574 575 7ff7774d1682-7ff7774d169c call 7ff7774d4c50 567->575 573->572 581 7ff7774d169e-7ff7774d16b3 call 7ff7774d2960 575->581 582 7ff7774d16b8-7ff7774d16cf call 7ff7774e1564 575->582 589 7ff7774d1821-7ff7774d1824 call 7ff7774e0edc 581->589 590 7ff7774d16d1-7ff7774d16f4 call 7ff7774e5d98 call 7ff7774d2b70 582->590 591 7ff7774d16f9-7ff7774d16fd 582->591 597 7ff7774d1829-7ff7774d183b 589->597 606 7ff7774d1819-7ff7774d181c call 7ff7774e0edc 590->606 594 7ff7774d16ff-7ff7774d170b call 7ff7774d1210 591->594 595 7ff7774d1717-7ff7774d1737 call 7ff7774e5dd4 591->595 602 7ff7774d1710-7ff7774d1712 594->602 603 7ff7774d1761-7ff7774d176c 595->603 604 7ff7774d1739-7ff7774d175c call 7ff7774e5d98 call 7ff7774d2b70 595->604 602->606 609 7ff7774d1802-7ff7774d180a call 7ff7774e5dc0 603->609 610 7ff7774d1772-7ff7774d1777 603->610 619 7ff7774d180f-7ff7774d1814 604->619 606->589 609->619 612 7ff7774d1780-7ff7774d17a2 call 7ff7774e122c 610->612 620 7ff7774d17a4-7ff7774d17bc call 7ff7774e196c 612->620 621 7ff7774d17da-7ff7774d17e6 call 7ff7774e5d98 612->621 619->606 627 7ff7774d17c5-7ff7774d17d8 call 7ff7774e5d98 620->627 628 7ff7774d17be-7ff7774d17c1 620->628 626 7ff7774d17ed-7ff7774d17f8 call 7ff7774d2b70 621->626 632 7ff7774d17fd 626->632 627->626 628->612 629 7ff7774d17c3 628->629 629->632 632->609
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CurrentProcess
                                                                                                                                                                                                • String ID: Failed to create symbolic link %s!$Failed to extract %s: failed to allocate temporary buffer!$Failed to extract %s: failed to open archive file!$Failed to extract %s: failed to open target file!$Failed to extract %s: failed to read data chunk!$Failed to extract %s: failed to seek to the entry's data!$Failed to extract %s: failed to write data chunk!$fopen$fread$fseek$fwrite$malloc
                                                                                                                                                                                                • API String ID: 2050909247-1550345328
                                                                                                                                                                                                • Opcode ID: 1e4710267f3021a0e9842d7f788d09a967c77adcbfc204c66822b5fde4a36f7b
                                                                                                                                                                                                • Instruction ID: 2259f940eedf286196ce7edf90c77b8300f499e03ca734060096e493c4ce8926
                                                                                                                                                                                                • Opcode Fuzzy Hash: 1e4710267f3021a0e9842d7f788d09a967c77adcbfc204c66822b5fde4a36f7b
                                                                                                                                                                                                • Instruction Fuzzy Hash: 9D519323B3864792EA50FB6394805B9E3A0BF45B94FC44932EE9C07795DE7CE5678320
                                                                                                                                                                                                Function 00007FF7774D9450 Relevance: 17.6, APIs: 3, Strings: 7, Instructions: 121COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetTempPathW.KERNEL32(?,?,00000000,00007FF7774D4223), ref: 00007FF7774D9500
                                                                                                                                                                                                • GetCurrentProcessId.KERNEL32(?,00000000,00007FF7774D4223), ref: 00007FF7774D9517
                                                                                                                                                                                                • CreateDirectoryW.KERNELBASE(?,00000000,00007FF7774D4223), ref: 00007FF7774D955C
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D9640: GetEnvironmentVariableW.KERNEL32(00007FF7774D3D93), ref: 00007FF7774D9677
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D9640: ExpandEnvironmentStringsW.KERNEL32 ref: 00007FF7774D9699
                                                                                                                                                                                                  • Part of subcall function 00007FF7774E90C8: _invalid_parameter_noinfo.LIBCMT ref: 00007FF7774E90E1
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D2A60: GetCurrentProcessId.KERNEL32(?,?,?,?,?,00007FF7774D3C41,?,00007FF7774D3CC2), ref: 00007FF7774D2AB0
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D2A60: OutputDebugStringW.KERNEL32(?,?,?,?,?,00007FF7774D3C41), ref: 00007FF7774D2B25
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D2A60: MessageBoxW.USER32 ref: 00007FF7774D2B45
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CurrentEnvironmentProcess$CreateDebugDirectoryExpandMessageOutputPathStringStringsTempVariable_invalid_parameter_noinfo
                                                                                                                                                                                                • String ID: LOADER: attempting to create temporary application directory under %ls$LOADER: failed to set the TMP environment variable.$LOADER: length of teporary directory path exceeds maximum path length!$LOADER: successfully resolved the specified runtime-tmpdir$TMP$TMP$_MEI%d
                                                                                                                                                                                                • API String ID: 1643647955-3213535515
                                                                                                                                                                                                • Opcode ID: 3c915235f381f0b904fa7574441869135818b51e0f9c88317d93e84e3dc74790
                                                                                                                                                                                                • Instruction ID: 76d763b10866c47b4a91e2071bf2e7d68da73418d37b6eb597b40e3af4cac063
                                                                                                                                                                                                • Opcode Fuzzy Hash: 3c915235f381f0b904fa7574441869135818b51e0f9c88317d93e84e3dc74790
                                                                                                                                                                                                • Instruction Fuzzy Hash: B5518E23B3964341EAA0BB63A8952F9D250EF45790FC44031EE4D83796EE7CE517C760
                                                                                                                                                                                                Function 00007FF7774D3B40 Relevance: 14.1, APIs: 2, Strings: 6, Instructions: 66COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetModuleFileNameW.KERNEL32(?,00007FF7774D3CC2), ref: 00007FF7774D3B71
                                                                                                                                                                                                • GetLastError.KERNEL32(?,00007FF7774D3CC2), ref: 00007FF7774D3B7B
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D2EC0: GetCurrentProcessId.KERNEL32(?,?,?,?,?,?,?,?,00007FF7774D3B96,?,00007FF7774D3CC2), ref: 00007FF7774D2F0E
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D2EC0: FormatMessageW.KERNEL32(?,?,?,?,?,?,?,?,00007FF7774D3B96,?,00007FF7774D3CC2), ref: 00007FF7774D2FD3
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D2EC0: OutputDebugStringW.KERNEL32(?,?,?,?,?,?,?,00007FF7774D3B96,?,00007FF7774D3CC2), ref: 00007FF7774D2FF4
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D2EC0: MessageBoxW.USER32 ref: 00007FF7774D3014
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Message$CurrentDebugErrorFileFormatLastModuleNameOutputProcessString
                                                                                                                                                                                                • String ID: Failed to convert executable path to UTF-8.$Failed to obtain executable path.$Failed to resolve full path to executable %ls.$GetModuleFileNameW$LOADER: executable file %ls is a symbolic link - resolving...$\\?\
                                                                                                                                                                                                • API String ID: 1136975792-3595768550
                                                                                                                                                                                                • Opcode ID: 2ac5f29f5a0a48e709550e6ed46fb3e301ade65685de8f6d11b0053c678f9d47
                                                                                                                                                                                                • Instruction ID: 57dc3ab81dc635df3ca14e197edfc3652a2aa65720b0f64737796269844fef7b
                                                                                                                                                                                                • Opcode Fuzzy Hash: 2ac5f29f5a0a48e709550e6ed46fb3e301ade65685de8f6d11b0053c678f9d47
                                                                                                                                                                                                • Instruction Fuzzy Hash: 72314423B3854291EEA4B712D8952B9A251FF58755FC00132EE9D825D5EF2CE617C720
                                                                                                                                                                                                Function 00007FF7774D1210 Relevance: 12.4, APIs: 1, Strings: 6, Instructions: 158COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 981 7ff7774d1210-7ff7774d126d call 7ff7774dcc10 984 7ff7774d126f-7ff7774d1296 call 7ff7774d2960 981->984 985 7ff7774d1297-7ff7774d12af call 7ff7774e5dd4 981->985 990 7ff7774d12d4-7ff7774d12e4 call 7ff7774e5dd4 985->990 991 7ff7774d12b1-7ff7774d12cf call 7ff7774e5d98 call 7ff7774d2b70 985->991 997 7ff7774d12e6-7ff7774d1304 call 7ff7774e5d98 call 7ff7774d2b70 990->997 998 7ff7774d1309-7ff7774d131b 990->998 1004 7ff7774d1439-7ff7774d143e call 7ff7774dc8f0 991->1004 997->1004 1000 7ff7774d1320-7ff7774d1345 call 7ff7774e122c 998->1000 1010 7ff7774d1431 1000->1010 1011 7ff7774d134b-7ff7774d1355 call 7ff7774e0fa0 1000->1011 1009 7ff7774d1443-7ff7774d146d call 7ff7774e5dc0 * 2 1004->1009 1010->1004 1011->1010 1017 7ff7774d135b-7ff7774d1367 1011->1017 1019 7ff7774d1370-7ff7774d1398 call 7ff7774db050 1017->1019 1022 7ff7774d1416-7ff7774d142c call 7ff7774d2960 1019->1022 1023 7ff7774d139a-7ff7774d139d 1019->1023 1022->1010 1024 7ff7774d139f-7ff7774d13a9 1023->1024 1025 7ff7774d1411 1023->1025 1027 7ff7774d13d4-7ff7774d13d7 1024->1027 1028 7ff7774d13ab-7ff7774d13b9 call 7ff7774e196c 1024->1028 1025->1022 1030 7ff7774d13d9-7ff7774d13e7 call 7ff7774facc0 1027->1030 1031 7ff7774d13ea-7ff7774d13ef 1027->1031 1032 7ff7774d13be-7ff7774d13c1 1028->1032 1030->1031 1031->1019 1034 7ff7774d13f5-7ff7774d13f8 1031->1034 1035 7ff7774d13c3-7ff7774d13cd call 7ff7774e0fa0 1032->1035 1036 7ff7774d13cf-7ff7774d13d2 1032->1036 1038 7ff7774d140c-7ff7774d140f 1034->1038 1039 7ff7774d13fa-7ff7774d13fd 1034->1039 1035->1031 1035->1036 1036->1022 1038->1010 1039->1022 1041 7ff7774d13ff-7ff7774d1407 1039->1041 1041->1000
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CurrentProcess
                                                                                                                                                                                                • String ID: 1.3.1$Failed to extract %s: decompression resulted in return code %d!$Failed to extract %s: failed to allocate temporary input buffer!$Failed to extract %s: failed to allocate temporary output buffer!$Failed to extract %s: inflateInit() failed with return code %d!$malloc
                                                                                                                                                                                                • API String ID: 2050909247-2813020118
                                                                                                                                                                                                • Opcode ID: b08a9d7b7e3d619ab224889a29ce9b9dbc8e6be3f48762aaffb5899529e0af18
                                                                                                                                                                                                • Instruction ID: 8d637580f43b9321fd9f98cb2c616928698b9ba3934a26f469e151d5811e5df3
                                                                                                                                                                                                • Opcode Fuzzy Hash: b08a9d7b7e3d619ab224889a29ce9b9dbc8e6be3f48762aaffb5899529e0af18
                                                                                                                                                                                                • Instruction Fuzzy Hash: 7051B423A3868285E6A0BB23A4803BAE2A1BF45794FC44535EE9D477C5EF7CE553C710
                                                                                                                                                                                                Function 00007FF7774EFBA0 Relevance: 12.4, APIs: 5, Strings: 2, Instructions: 117libraryloaderCOMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 1043 7ff7774efba0-7ff7774efbf2 1044 7ff7774efce3 1043->1044 1045 7ff7774efbf8-7ff7774efbfb 1043->1045 1048 7ff7774efce5-7ff7774efd01 1044->1048 1046 7ff7774efc05-7ff7774efc08 1045->1046 1047 7ff7774efbfd-7ff7774efc00 1045->1047 1049 7ff7774efc0e-7ff7774efc1d 1046->1049 1050 7ff7774efcc8-7ff7774efcdb 1046->1050 1047->1048 1051 7ff7774efc1f-7ff7774efc22 1049->1051 1052 7ff7774efc2d-7ff7774efc4c LoadLibraryExW 1049->1052 1050->1044 1053 7ff7774efd22-7ff7774efd31 GetProcAddress 1051->1053 1054 7ff7774efc28 1051->1054 1055 7ff7774efd02-7ff7774efd17 1052->1055 1056 7ff7774efc52-7ff7774efc5b GetLastError 1052->1056 1059 7ff7774efd33-7ff7774efd5a 1053->1059 1060 7ff7774efcc1 1053->1060 1057 7ff7774efcb4-7ff7774efcbb 1054->1057 1055->1053 1058 7ff7774efd19-7ff7774efd1c FreeLibrary 1055->1058 1061 7ff7774efca2-7ff7774efcac 1056->1061 1062 7ff7774efc5d-7ff7774efc74 call 7ff7774e6098 1056->1062 1057->1049 1057->1060 1058->1053 1059->1048 1060->1050 1061->1057 1062->1061 1065 7ff7774efc76-7ff7774efc8a call 7ff7774e6098 1062->1065 1065->1061 1068 7ff7774efc8c-7ff7774efca0 LoadLibraryExW 1065->1068 1068->1055 1068->1061
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • FreeLibrary.KERNEL32(?,?,?,00007FF7774EFF3A,?,?,-00000018,00007FF7774EBBE3,?,?,?,00007FF7774EBADA,?,?,?,00007FF7774E6DCE), ref: 00007FF7774EFD1C
                                                                                                                                                                                                • GetProcAddress.KERNEL32(?,?,?,00007FF7774EFF3A,?,?,-00000018,00007FF7774EBBE3,?,?,?,00007FF7774EBADA,?,?,?,00007FF7774E6DCE), ref: 00007FF7774EFD28
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: AddressFreeLibraryProc
                                                                                                                                                                                                • String ID: api-ms-$ext-ms-
                                                                                                                                                                                                • API String ID: 3013587201-537541572
                                                                                                                                                                                                • Opcode ID: 2cf8426f931154c99cb9ee01236de544aa4ff3b33c516dcf84111848d41d3d11
                                                                                                                                                                                                • Instruction ID: f069efc7c16c743608ea2ef6573bba0b6cae5b8a585c629aad198f4908f344c4
                                                                                                                                                                                                • Opcode Fuzzy Hash: 2cf8426f931154c99cb9ee01236de544aa4ff3b33c516dcf84111848d41d3d11
                                                                                                                                                                                                • Instruction Fuzzy Hash: 1C41C023B39A0281FB55EB27A8005B5A3D1BF45BA0FD94935DD1E87784EF7CE4478220
                                                                                                                                                                                                Function 00007FF7774EC8EC Relevance: 10.8, APIs: 7, Instructions: 290COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 1069 7ff7774ec8ec-7ff7774ec912 1070 7ff7774ec914-7ff7774ec928 call 7ff7774e5d78 call 7ff7774e5d98 1069->1070 1071 7ff7774ec92d-7ff7774ec931 1069->1071 1087 7ff7774ecd1e 1070->1087 1073 7ff7774ecd07-7ff7774ecd13 call 7ff7774e5d78 call 7ff7774e5d98 1071->1073 1074 7ff7774ec937-7ff7774ec93e 1071->1074 1093 7ff7774ecd19 call 7ff7774eb770 1073->1093 1074->1073 1076 7ff7774ec944-7ff7774ec972 1074->1076 1076->1073 1079 7ff7774ec978-7ff7774ec97f 1076->1079 1082 7ff7774ec981-7ff7774ec993 call 7ff7774e5d78 call 7ff7774e5d98 1079->1082 1083 7ff7774ec998-7ff7774ec99b 1079->1083 1082->1093 1085 7ff7774ecd03-7ff7774ecd05 1083->1085 1086 7ff7774ec9a1-7ff7774ec9a7 1083->1086 1090 7ff7774ecd21-7ff7774ecd38 1085->1090 1086->1085 1091 7ff7774ec9ad-7ff7774ec9b0 1086->1091 1087->1090 1091->1082 1095 7ff7774ec9b2-7ff7774ec9d7 1091->1095 1093->1087 1098 7ff7774ec9d9-7ff7774ec9db 1095->1098 1099 7ff7774eca0a-7ff7774eca11 1095->1099 1102 7ff7774eca02-7ff7774eca08 1098->1102 1103 7ff7774ec9dd-7ff7774ec9e4 1098->1103 1100 7ff7774ec9e6-7ff7774ec9fd call 7ff7774e5d78 call 7ff7774e5d98 call 7ff7774eb770 1099->1100 1101 7ff7774eca13-7ff7774eca3b call 7ff7774ee48c call 7ff7774eb7d8 * 2 1099->1101 1135 7ff7774ecb90 1100->1135 1130 7ff7774eca3d-7ff7774eca53 call 7ff7774e5d98 call 7ff7774e5d78 1101->1130 1131 7ff7774eca58-7ff7774eca83 call 7ff7774ed114 1101->1131 1106 7ff7774eca88-7ff7774eca9f 1102->1106 1103->1100 1103->1102 1107 7ff7774ecaa1-7ff7774ecaa9 1106->1107 1108 7ff7774ecb1a-7ff7774ecb24 call 7ff7774f47ac 1106->1108 1107->1108 1111 7ff7774ecaab-7ff7774ecaad 1107->1111 1121 7ff7774ecbae 1108->1121 1122 7ff7774ecb2a-7ff7774ecb3f 1108->1122 1111->1108 1115 7ff7774ecaaf-7ff7774ecac5 1111->1115 1115->1108 1119 7ff7774ecac7-7ff7774ecad3 1115->1119 1119->1108 1124 7ff7774ecad5-7ff7774ecad7 1119->1124 1126 7ff7774ecbb3-7ff7774ecbd3 ReadFile 1121->1126 1122->1121 1127 7ff7774ecb41-7ff7774ecb53 GetConsoleMode 1122->1127 1124->1108 1129 7ff7774ecad9-7ff7774ecaf1 1124->1129 1132 7ff7774ecccd-7ff7774eccd6 GetLastError 1126->1132 1133 7ff7774ecbd9-7ff7774ecbe1 1126->1133 1127->1121 1134 7ff7774ecb55-7ff7774ecb5d 1127->1134 1129->1108 1139 7ff7774ecaf3-7ff7774ecaff 1129->1139 1130->1135 1131->1106 1136 7ff7774eccf3-7ff7774eccf6 1132->1136 1137 7ff7774eccd8-7ff7774eccee call 7ff7774e5d98 call 7ff7774e5d78 1132->1137 1133->1132 1141 7ff7774ecbe7 1133->1141 1134->1126 1143 7ff7774ecb5f-7ff7774ecb81 ReadConsoleW 1134->1143 1138 7ff7774ecb93-7ff7774ecb9d call 7ff7774eb7d8 1135->1138 1149 7ff7774eccfc-7ff7774eccfe 1136->1149 1150 7ff7774ecb89-7ff7774ecb8b call 7ff7774e5d0c 1136->1150 1137->1135 1138->1090 1139->1108 1148 7ff7774ecb01-7ff7774ecb03 1139->1148 1152 7ff7774ecbee-7ff7774ecc03 1141->1152 1144 7ff7774ecb83 GetLastError 1143->1144 1145 7ff7774ecba2-7ff7774ecbac 1143->1145 1144->1150 1145->1152 1148->1108 1157 7ff7774ecb05-7ff7774ecb15 1148->1157 1149->1138 1150->1135 1152->1138 1159 7ff7774ecc05-7ff7774ecc10 1152->1159 1157->1108 1162 7ff7774ecc12-7ff7774ecc2b call 7ff7774ec504 1159->1162 1163 7ff7774ecc37-7ff7774ecc3f 1159->1163 1168 7ff7774ecc30-7ff7774ecc32 1162->1168 1164 7ff7774ecc41-7ff7774ecc53 1163->1164 1165 7ff7774eccbb-7ff7774eccc8 call 7ff7774ec344 1163->1165 1169 7ff7774ecc55 1164->1169 1170 7ff7774eccae-7ff7774eccb6 1164->1170 1165->1168 1168->1138 1173 7ff7774ecc5a-7ff7774ecc61 1169->1173 1170->1138 1174 7ff7774ecc63-7ff7774ecc67 1173->1174 1175 7ff7774ecc9d-7ff7774ecca8 1173->1175 1176 7ff7774ecc83 1174->1176 1177 7ff7774ecc69-7ff7774ecc70 1174->1177 1175->1170 1179 7ff7774ecc89-7ff7774ecc99 1176->1179 1177->1176 1178 7ff7774ecc72-7ff7774ecc76 1177->1178 1178->1176 1180 7ff7774ecc78-7ff7774ecc81 1178->1180 1179->1173 1181 7ff7774ecc9b 1179->1181 1180->1179 1181->1170
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3215553584-0
                                                                                                                                                                                                • Opcode ID: c6d04fa6b1df836cb2c5704bdd07afeace38946f404313200361d7a3cb124643
                                                                                                                                                                                                • Instruction ID: 54d8c6e9ffcfbeb7b94afc086335a20d3c841ea8af4d4dc0bf6d1dc27a74e04f
                                                                                                                                                                                                • Opcode Fuzzy Hash: c6d04fa6b1df836cb2c5704bdd07afeace38946f404313200361d7a3cb124643
                                                                                                                                                                                                • Instruction Fuzzy Hash: A5C1B323A3878695E670AB1694046BDBBA1EF81BA0FD54231DD9E03791CFBDE4578320
                                                                                                                                                                                                Function 00007FF7774D88F0 Relevance: 10.6, APIs: 1, Strings: 5, Instructions: 101COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: DebugOutputString
                                                                                                                                                                                                • String ID: LOADER: failed to allocate read buffer (%d bytes)!$LOADER: failed to read chunk (%zd bytes)!$LOADER: failed to seek to the end of the file!$LOADER: failed to seek to the offset 0x%llX!$LOADER: file is too short to contain magic pattern!
                                                                                                                                                                                                • API String ID: 1166629820-3243231480
                                                                                                                                                                                                • Opcode ID: 2df8074c65f69929558adca9e0948ee8020d2cfe60d9c87d75e56e8898759347
                                                                                                                                                                                                • Instruction ID: e2ee94189adc24f761565d472b626efb12f3480825334e65c177de7216d4195e
                                                                                                                                                                                                • Opcode Fuzzy Hash: 2df8074c65f69929558adca9e0948ee8020d2cfe60d9c87d75e56e8898759347
                                                                                                                                                                                                • Instruction Fuzzy Hash: DB316B22B3865241FA50BB1398943BAD259BF45BD4FC85431EE8D47B86DE7CF4138320
                                                                                                                                                                                                Function 00007FF7774D9E70 Relevance: 10.6, APIs: 2, Strings: 5, Instructions: 67COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D9360: GetCurrentProcess.KERNEL32 ref: 00007FF7774D9380
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D9360: OpenProcessToken.ADVAPI32 ref: 00007FF7774D9393
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D9360: GetTokenInformation.KERNELBASE ref: 00007FF7774D93B8
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D9360: GetLastError.KERNEL32 ref: 00007FF7774D93C2
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D9360: GetTokenInformation.KERNELBASE ref: 00007FF7774D9402
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D9360: ConvertSidToStringSidW.ADVAPI32 ref: 00007FF7774D941E
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D9360: CloseHandle.KERNELBASE ref: 00007FF7774D9436
                                                                                                                                                                                                • LocalFree.KERNEL32(?,00007FF7774D41E6), ref: 00007FF7774D9EFC
                                                                                                                                                                                                • LocalFree.KERNEL32(?,00007FF7774D41E6), ref: 00007FF7774D9F05
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D2880: GetCurrentProcessId.KERNEL32(?,?,?,?,?,00007FF7774D3BC3,?,00007FF7774D3CC2), ref: 00007FF7774D28CE
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D2880: OutputDebugStringW.KERNEL32(?,?,?,?,?,00007FF7774D3BC3,?,00007FF7774D3CC2), ref: 00007FF7774D2938
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ProcessToken$CurrentFreeInformationLocalString$CloseConvertDebugErrorHandleLastOpenOutput
                                                                                                                                                                                                • String ID: D:(A;;FA;;;%s)$D:(A;;FA;;;%s)(A;;FA;;;%s)$LOADER: initializing security descriptor from string: %ls$S-1-3-4$Security descriptor string length exceeds PYI_PATH_MAX!
                                                                                                                                                                                                • API String ID: 269996328-3724802649
                                                                                                                                                                                                • Opcode ID: 4fb784b91245b49045644d4145c257054c78997579b3960f8d4f696c875ed1bf
                                                                                                                                                                                                • Instruction ID: 9a657bf134993b76c4fc2f93fc993b00a9361fa493b205ab0998afaf7f5b4e9a
                                                                                                                                                                                                • Opcode Fuzzy Hash: 4fb784b91245b49045644d4145c257054c78997579b3960f8d4f696c875ed1bf
                                                                                                                                                                                                • Instruction Fuzzy Hash: 42314122A3864241EA90BB12E8512F9E261FF88780FC44436EE8D83796EF7CD516C760
                                                                                                                                                                                                Function 00007FF7774D9360 Relevance: 10.6, APIs: 7, Instructions: 63COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Token$InformationProcess$CloseConvertCurrentErrorHandleLastOpenString
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 995526605-0
                                                                                                                                                                                                • Opcode ID: f9d2e60adfac8eff07b0ba1b2980cb509e7f22c1ae5d18bf02c699d7bfa91117
                                                                                                                                                                                                • Instruction ID: 057f725b35ed1d4509a14498c202a09824322ef00017228285fd207f0e9e36c8
                                                                                                                                                                                                • Opcode Fuzzy Hash: f9d2e60adfac8eff07b0ba1b2980cb509e7f22c1ae5d18bf02c699d7bfa91117
                                                                                                                                                                                                • Instruction Fuzzy Hash: B8219523A2C74282EA50AB56B88413AE3B0FF817A0F940235DEAC87AD5DE6CD4568710
                                                                                                                                                                                                Function 00007FF7774D8780 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 81COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • CreateDirectoryW.KERNELBASE(00000000,?,00007FF7774D37CC,?,?,00007FF7774D3991), ref: 00007FF7774D8892
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CreateDirectory
                                                                                                                                                                                                • String ID: %.*s$%s%c$\
                                                                                                                                                                                                • API String ID: 4241100979-1685191245
                                                                                                                                                                                                • Opcode ID: 0362d3d932d55a93072d3eaec6bdb4c77d688c09dfb31a83021b04a9b47effdc
                                                                                                                                                                                                • Instruction ID: 22eddb7fada8948d5ecc7769cd4c89e81b3b3b820f83a60c5af26e57a784a81c
                                                                                                                                                                                                • Opcode Fuzzy Hash: 0362d3d932d55a93072d3eaec6bdb4c77d688c09dfb31a83021b04a9b47effdc
                                                                                                                                                                                                • Instruction Fuzzy Hash: D331B822A39AC145FA61AB22E4507BAA359EF84BE0F840631EF9D437C5DF2CD6568710
                                                                                                                                                                                                Function 00007FF7774D2770 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 66COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: DebugOutputString
                                                                                                                                                                                                • String ID: DEBUG$[PYI-%d:%s]
                                                                                                                                                                                                • API String ID: 1166629820-1289759194
                                                                                                                                                                                                • Opcode ID: 748e06c0e0a39e0e8a762c8916ade1a617286f8dc54f73602f705243733eb28d
                                                                                                                                                                                                • Instruction ID: aaa19572caac3799d60d672908092fb8ecbebb5117fb720b498b687841c76c0b
                                                                                                                                                                                                • Opcode Fuzzy Hash: 748e06c0e0a39e0e8a762c8916ade1a617286f8dc54f73602f705243733eb28d
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6C218223639B8291EA61AB52F4916EAE364FF847C4F800135EE8D43A59DF3CD2168710
                                                                                                                                                                                                Function 00007FF7774D2880 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 57COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetCurrentProcessId.KERNEL32(?,?,?,?,?,00007FF7774D3BC3,?,00007FF7774D3CC2), ref: 00007FF7774D28CE
                                                                                                                                                                                                • OutputDebugStringW.KERNEL32(?,?,?,?,?,00007FF7774D3BC3,?,00007FF7774D3CC2), ref: 00007FF7774D2938
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CurrentDebugOutputProcessString
                                                                                                                                                                                                • String ID: DEBUG$[PYI-%d:%ls]
                                                                                                                                                                                                • API String ID: 181776342-790511422
                                                                                                                                                                                                • Opcode ID: 9895eb34f2e60a8c229c0deb4cba74aa12737b71fc0bdacaf82b9344707514a9
                                                                                                                                                                                                • Instruction ID: 7da1e65d459f8d3fedbf383d8c71c3d75a9ae2304131296ba514923c4d814b09
                                                                                                                                                                                                • Opcode Fuzzy Hash: 9895eb34f2e60a8c229c0deb4cba74aa12737b71fc0bdacaf82b9344707514a9
                                                                                                                                                                                                • Instruction Fuzzy Hash: AC118423738B4191E660EB61F8845AAB365FB84784F804536EF8D53A55DF7CE117C710
                                                                                                                                                                                                Function 00007FF7774EDDF0 Relevance: 6.2, APIs: 4, Instructions: 218COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetConsoleMode.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00007FF7774EDDDB), ref: 00007FF7774EDF0C
                                                                                                                                                                                                • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00007FF7774EDDDB), ref: 00007FF7774EDF97
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ConsoleErrorLastMode
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 953036326-0
                                                                                                                                                                                                • Opcode ID: 166a3c9b3234785f47c0885528a8716e8cc121542d06da8e3a63f31bbb850efd
                                                                                                                                                                                                • Instruction ID: 13623d64bac76bf6f740bbb3f2425ebd9cc698a769da48ce53e3b7589efb6fd6
                                                                                                                                                                                                • Opcode Fuzzy Hash: 166a3c9b3234785f47c0885528a8716e8cc121542d06da8e3a63f31bbb850efd
                                                                                                                                                                                                • Instruction Fuzzy Hash: 4391D723F3866285FB54EF6684402BDABA0BB44BA8F984135DE4E57A94CF7CD453C720
                                                                                                                                                                                                Function 00007FF7774F081C Relevance: 6.2, APIs: 4, Instructions: 162COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _get_daylight$_isindst
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 4170891091-0
                                                                                                                                                                                                • Opcode ID: 82d75ea4ed38acbe1bdd5a9cb20d7e9acbad6c88499b96c74728dc6f26a76436
                                                                                                                                                                                                • Instruction ID: ab38c7630c171fd87886d9c7bc2006bf155a0da2b10ca76572e6d0e4bf5930fc
                                                                                                                                                                                                • Opcode Fuzzy Hash: 82d75ea4ed38acbe1bdd5a9cb20d7e9acbad6c88499b96c74728dc6f26a76436
                                                                                                                                                                                                • Instruction Fuzzy Hash: 80516873F352168AFB14EF2588496BCA7A1BB50358F980135DE1E52AE0DF38A443C720
                                                                                                                                                                                                Function 00007FF7774E660C Relevance: 6.1, APIs: 4, Instructions: 119pipeCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: File$ErrorHandleInformationLastNamedPeekPipeType
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2780335769-0
                                                                                                                                                                                                • Opcode ID: 5099e68911d9d2b963b6d56d8c0c0cb249dcf0d132ec9234e7eae0d86980d209
                                                                                                                                                                                                • Instruction ID: 1d732cd146ab927b9afff7298ba7c1fc069d80d12d059bfb73a7871c3859dda0
                                                                                                                                                                                                • Opcode Fuzzy Hash: 5099e68911d9d2b963b6d56d8c0c0cb249dcf0d132ec9234e7eae0d86980d209
                                                                                                                                                                                                • Instruction Fuzzy Hash: 8351AF23E346419AFB10EF72D4403BDA3B1AB48BACF948535DE1D47688DF78D4528721
                                                                                                                                                                                                Function 00007FF7774E64B8 Relevance: 6.1, APIs: 4, Instructions: 90fileCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CloseCreateFileHandle_invalid_parameter_noinfo
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1279662727-0
                                                                                                                                                                                                • Opcode ID: 7f92e2874d9a2d9efa93076af0fe33bf5aa9a4a907d9749b036b02d25ac8a779
                                                                                                                                                                                                • Instruction ID: 74001efc0f0852ac6ff36ae43342b4f5aab7fd950956be9c43536c0f564da905
                                                                                                                                                                                                • Opcode Fuzzy Hash: 7f92e2874d9a2d9efa93076af0fe33bf5aa9a4a907d9749b036b02d25ac8a779
                                                                                                                                                                                                • Instruction Fuzzy Hash: 23418323E3878293E750AF229510379A260FF95768F509334EA6C03AD5DFBCA5A18721
                                                                                                                                                                                                Function 00007FF7774DDACC Relevance: 4.6, APIs: 3, Instructions: 94COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: __scrt_acquire_startup_lock__scrt_dllmain_crt_thread_attach__scrt_get_show_window_mode__scrt_release_startup_lock
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3251591375-0
                                                                                                                                                                                                • Opcode ID: 16d03e73980375e06462375b2106f8ecdc7d8f81dd6b90faf4ae389839a669cc
                                                                                                                                                                                                • Instruction ID: c7f3223e24800b5bed8afbb9e6e52e7691c80f7a9d7a979ebe275638d068386e
                                                                                                                                                                                                • Opcode Fuzzy Hash: 16d03e73980375e06462375b2106f8ecdc7d8f81dd6b90faf4ae389839a669cc
                                                                                                                                                                                                • Instruction Fuzzy Hash: 4F315013A3C25341FEA4BB2694913B9A2919F41748FC54436EF8D472D7DE6CA427CA70
                                                                                                                                                                                                Function 00007FF7774EA8C0 Relevance: 4.5, APIs: 3, Instructions: 14COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Process$CurrentExitTerminate
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1703294689-0
                                                                                                                                                                                                • Opcode ID: b76257344a5b50ebda4ee83f8be65098c3a4b9f4f631976851ec82effe05ecc4
                                                                                                                                                                                                • Instruction ID: 071195c9e6ac2558db58790d4982ed9cd63e8359d4a90e31bcf242e3045e445e
                                                                                                                                                                                                • Opcode Fuzzy Hash: b76257344a5b50ebda4ee83f8be65098c3a4b9f4f631976851ec82effe05ecc4
                                                                                                                                                                                                • Instruction Fuzzy Hash: 9ED05E13B3870242FA283B331C4403892112F49750F841838CC0B02383CE6CA84F4221
                                                                                                                                                                                                Function 00007FF7774E0FCC Relevance: 3.2, APIs: 2, Instructions: 177COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3215553584-0
                                                                                                                                                                                                • Opcode ID: c4e64ce7d34520ab18a1a9df6a2c98bb111fb23a5c8be597fccc1ee1feab7f28
                                                                                                                                                                                                • Instruction ID: 83cbb234996a7b9b13ce826dbe4182811bbdd4ecd4126543c7ec6cb086050a42
                                                                                                                                                                                                • Opcode Fuzzy Hash: c4e64ce7d34520ab18a1a9df6a2c98bb111fb23a5c8be597fccc1ee1feab7f28
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6351E963B79281C6F624BE67980067AE2A1BF45BB4F944B70DD7D47BC5CEBCD4028620
                                                                                                                                                                                                Function 00007FF7774ECFC4 Relevance: 3.0, APIs: 2, Instructions: 46COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ErrorFileLastPointer
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2976181284-0
                                                                                                                                                                                                • Opcode ID: 96d2edb60fa6006c921da832751023f9e82c24f7d036db6c415003cfc4d6a9e5
                                                                                                                                                                                                • Instruction ID: aa5bbc6d66d03da6a03608a5305d4b47f2cfe62d56ab3db01bbd0f829ceb5d13
                                                                                                                                                                                                • Opcode Fuzzy Hash: 96d2edb60fa6006c921da832751023f9e82c24f7d036db6c415003cfc4d6a9e5
                                                                                                                                                                                                • Instruction Fuzzy Hash: D4118262A38B9181DA20AB26E404169A361EB45BF4F984735EE7D4B7E9CFBCD0568700
                                                                                                                                                                                                Function 00007FF7774E67B4 Relevance: 3.0, APIs: 2, Instructions: 40timeCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • FileTimeToSystemTime.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00007FF7774E66C9), ref: 00007FF7774E67E7
                                                                                                                                                                                                • SystemTimeToTzSpecificLocalTime.KERNELBASE(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00007FF7774E66C9), ref: 00007FF7774E67FD
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Time$System$FileLocalSpecific
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1707611234-0
                                                                                                                                                                                                • Opcode ID: f9abe76fdc066367e9013ed35a99b3db3cf23b21c85352d4f54951d182e3833f
                                                                                                                                                                                                • Instruction ID: 53dd9ba8b6ee669b5a891624d28484c7eaf502a8655f12b0394b1cc2e4a290ed
                                                                                                                                                                                                • Opcode Fuzzy Hash: f9abe76fdc066367e9013ed35a99b3db3cf23b21c85352d4f54951d182e3833f
                                                                                                                                                                                                • Instruction Fuzzy Hash: 9F11913363C65282EB54AB16A45103BF760FB857B5F900236FE9D819D8EF6CD015CB20
                                                                                                                                                                                                Function 00007FF7774EB7D8 Relevance: 3.0, APIs: 2, Instructions: 19memoryCOMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • RtlFreeHeap.NTDLL(?,?,?,00007FF7774F3BB2,?,?,?,00007FF7774F3BEF,?,?,00000000,00007FF7774F40B5,?,?,?,00007FF7774F3FE7), ref: 00007FF7774EB7EE
                                                                                                                                                                                                • GetLastError.KERNEL32(?,?,?,00007FF7774F3BB2,?,?,?,00007FF7774F3BEF,?,?,00000000,00007FF7774F40B5,?,?,?,00007FF7774F3FE7), ref: 00007FF7774EB7F8
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ErrorFreeHeapLast
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 485612231-0
                                                                                                                                                                                                • Opcode ID: 1b20a3debd526edf3a8c9a5df2e98288861d52d7c4b626b35b8767b378a30627
                                                                                                                                                                                                • Instruction ID: 666286cc1d9b154fd46b4b9980d530b38e8f738f9ba5f1e2fbeb568cafd194a9
                                                                                                                                                                                                • Opcode Fuzzy Hash: 1b20a3debd526edf3a8c9a5df2e98288861d52d7c4b626b35b8767b378a30627
                                                                                                                                                                                                • Instruction Fuzzy Hash: A6E08613F3970282FF147BF3988553492505F44B51FC48934CC1D47391DE6C68878230
                                                                                                                                                                                                Function 00007FF7774EB9E8 Relevance: 2.6, APIs: 2, Instructions: 59COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • CloseHandle.KERNELBASE(?,?,?,00007FF7774EB865,?,?,00000000,00007FF7774EB91A), ref: 00007FF7774EBA56
                                                                                                                                                                                                • GetLastError.KERNEL32(?,?,?,00007FF7774EB865,?,?,00000000,00007FF7774EB91A), ref: 00007FF7774EBA60
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CloseErrorHandleLast
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 918212764-0
                                                                                                                                                                                                • Opcode ID: 112934bd90ed67d7ea17ef96cdf701313af9393377a295654a3cf3f6e4ed98fb
                                                                                                                                                                                                • Instruction ID: d5e2d736abd964a53e3f84f9e74a1b584d7554e26241c4a4bb60201a21a8f94d
                                                                                                                                                                                                • Opcode Fuzzy Hash: 112934bd90ed67d7ea17ef96cdf701313af9393377a295654a3cf3f6e4ed98fb
                                                                                                                                                                                                • Instruction Fuzzy Hash: 0321CF13B3868241FE517722948067992829F857B0F884335DE6E472C2CEECE4478321
                                                                                                                                                                                                Function 00007FF7774ECD3C Relevance: 1.6, APIs: 1, Instructions: 112COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3215553584-0
                                                                                                                                                                                                • Opcode ID: 344e63662847237e0b97254d560fa1a354dc3eb6544fb98752088a82209b4f15
                                                                                                                                                                                                • Instruction ID: 784e1c444bff7cb1593dae2cbc48023face7746de150007cbc17fa391badf40a
                                                                                                                                                                                                • Opcode Fuzzy Hash: 344e63662847237e0b97254d560fa1a354dc3eb6544fb98752088a82209b4f15
                                                                                                                                                                                                • Instruction Fuzzy Hash: 8241C93393870187EA34AB2AE541679B7A0EF55F60F940631DE9E43690CFADE403C761
                                                                                                                                                                                                Function 00007FF7774EC7CC Relevance: 1.6, APIs: 1, Instructions: 79COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3215553584-0
                                                                                                                                                                                                • Opcode ID: a2e5381428b21ee47129e20153b1025ca0327abd0cc1cd39f75774f17e046770
                                                                                                                                                                                                • Instruction ID: df2aae6992d23cd2336b31ee904b7ffc667bd7a4dca17935f02f4d1e821bfbb0
                                                                                                                                                                                                • Opcode Fuzzy Hash: a2e5381428b21ee47129e20153b1025ca0327abd0cc1cd39f75774f17e046770
                                                                                                                                                                                                • Instruction Fuzzy Hash: 8B316B63E3861285E6217B56884137CA660BF44B76FD14635ED2D433D2CEFCA4438371
                                                                                                                                                                                                Function 00007FF7774EA7F1 Relevance: 1.6, APIs: 1, Instructions: 61COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: HandleModule$AddressFreeLibraryProc
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3947729631-0
                                                                                                                                                                                                • Opcode ID: 5c87d5e2cdc2aee00809c2c9bd46e42fe3ca8807361521a4afe60ccc332579e8
                                                                                                                                                                                                • Instruction ID: 4a52cbdef48b31ab10a09d122a8b0df8b8e4606e7c4e2043841b686e300e3ef8
                                                                                                                                                                                                • Opcode Fuzzy Hash: 5c87d5e2cdc2aee00809c2c9bd46e42fe3ca8807361521a4afe60ccc332579e8
                                                                                                                                                                                                • Instruction Fuzzy Hash: EF217F33F2474189FB64AF66C4442BC73A0FB44728F844A36DA5D06AD5DF78D546CB90
                                                                                                                                                                                                Function 00007FF7774E6E24 Relevance: 1.6, APIs: 1, Instructions: 55COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3215553584-0
                                                                                                                                                                                                • Opcode ID: d0ecc1d4814c8292f6d285d86e9f4332b8d7141ecd04c52723bb65a1ba9d936a
                                                                                                                                                                                                • Instruction ID: b25b869373727d382b8e027208f09ab1231a8f5db97e61af0cc65f2e265d28a7
                                                                                                                                                                                                • Opcode Fuzzy Hash: d0ecc1d4814c8292f6d285d86e9f4332b8d7141ecd04c52723bb65a1ba9d936a
                                                                                                                                                                                                • Instruction Fuzzy Hash: A7119623A3C64191EA61BF53D400A7DE364AF85BA4FC44431EE6C57B96CFBCE4228761
                                                                                                                                                                                                Function 00007FF7774F71E4 Relevance: 1.6, APIs: 1, Instructions: 54COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3215553584-0
                                                                                                                                                                                                • Opcode ID: 1efe6439c1f0d71c5b97f8069ea4f116aceac123a977d1e365d726560a3bc520
                                                                                                                                                                                                • Instruction ID: 6723a95297c4612080482213c08877412c897a84869a54a7ae0659560dfdcc5c
                                                                                                                                                                                                • Opcode Fuzzy Hash: 1efe6439c1f0d71c5b97f8069ea4f116aceac123a977d1e365d726560a3bc520
                                                                                                                                                                                                • Instruction Fuzzy Hash: 3A218633638A8286D761AF29D440379B6A0FB84B54F984234FE5D476D5DF3CD4028B10
                                                                                                                                                                                                Function 00007FF7774E124C Relevance: 1.5, APIs: 1, Instructions: 48COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3215553584-0
                                                                                                                                                                                                • Opcode ID: 8e9754deeba93abb4745aa2efb451e77357aefa8fb0fbddb16feb6c8c90fdd62
                                                                                                                                                                                                • Instruction ID: 023f8ff444d589457cf07726fd9f4ed26b43914b3a34977a99c4b0eddf45529b
                                                                                                                                                                                                • Opcode Fuzzy Hash: 8e9754deeba93abb4745aa2efb451e77357aefa8fb0fbddb16feb6c8c90fdd62
                                                                                                                                                                                                • Instruction Fuzzy Hash: F101C862B3874281E904BB679901179E7A1BF86FF0F884A71DE6C67BD6CEBCD4124310
                                                                                                                                                                                                Function 00007FF7774EFA28 Relevance: 1.3, APIs: 1, Instructions: 36memoryCOMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • HeapAlloc.KERNEL32(?,?,00000000,00007FF7774EC1BA,?,?,?,00007FF7774E5DA1,?,?,?,?,00007FF7774EB31A), ref: 00007FF7774EFA7D
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: AllocHeap
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 4292702814-0
                                                                                                                                                                                                • Opcode ID: 1fec90483929581ecf61e3aa8e6a4315ca1e17ba0cf65d59ce036437c1ee893b
                                                                                                                                                                                                • Instruction ID: 3d7ec49b00672ca50a0232711a3d2a9a3e0575dd4157474740d0262605447a5e
                                                                                                                                                                                                • Opcode Fuzzy Hash: 1fec90483929581ecf61e3aa8e6a4315ca1e17ba0cf65d59ce036437c1ee893b
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6DF04F06B3964355FF947BA794543B4D2C05F48B60FCC6430CD0D4A6C1DE9CA4874230
                                                                                                                                                                                                Function 00007FF7774EE48C Relevance: 1.3, APIs: 1, Instructions: 29memoryCOMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • HeapAlloc.KERNEL32(?,?,?,00007FF7774E1A74,?,?,?,00007FF7774E2F86,?,?,?,?,?,00007FF7774E4579), ref: 00007FF7774EE4CA
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: AllocHeap
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 4292702814-0
                                                                                                                                                                                                • Opcode ID: efacbb839d677795a0d989681b51e67fb8ba832133a292f9e9a9629c8f364437
                                                                                                                                                                                                • Instruction ID: 1286be16d1ce6650715842c9f801cdb9d7bf077627baa6ce2f3a121f87d6207e
                                                                                                                                                                                                • Opcode Fuzzy Hash: efacbb839d677795a0d989681b51e67fb8ba832133a292f9e9a9629c8f364437
                                                                                                                                                                                                • Instruction Fuzzy Hash: B8F0F813BB925B55FA6476B35945675D2804F84BB0F884A30EE2E866C2DEACE5838234

                                                                                                                                                                                                Non-executed Functions

                                                                                                                                                                                                Function 00007FF7774D8020 Relevance: 178.8, APIs: 66, Strings: 36, Instructions: 316libraryloaderCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: AddressErrorLastProc
                                                                                                                                                                                                • String ID: Failed to get address for %hs$GetProcAddress$LOADER: loaded functions from Tcl/Tk shared libraries.$Tcl_Alloc$Tcl_ConditionFinalize$Tcl_ConditionNotify$Tcl_ConditionWait$Tcl_CreateInterp$Tcl_CreateObjCommand$Tcl_CreateThread$Tcl_DeleteInterp$Tcl_DoOneEvent$Tcl_EvalEx$Tcl_EvalFile$Tcl_EvalObjv$Tcl_Finalize$Tcl_FinalizeThread$Tcl_FindExecutable$Tcl_Free$Tcl_GetCurrentThread$Tcl_GetObjResult$Tcl_GetString$Tcl_GetVar2$Tcl_Init$Tcl_JoinThread$Tcl_MutexFinalize$Tcl_MutexLock$Tcl_MutexUnlock$Tcl_NewByteArrayObj$Tcl_NewStringObj$Tcl_SetVar2$Tcl_SetVar2Ex$Tcl_ThreadAlert$Tcl_ThreadQueueEvent$Tk_GetNumMainWindows$Tk_Init
                                                                                                                                                                                                • API String ID: 199729137-248881121
                                                                                                                                                                                                • Opcode ID: cae27db4b6efbe8ee9a35b920b5c004892edd5f3be62e32da9bca2eaea707938
                                                                                                                                                                                                • Instruction ID: 667a1d7b97c539a8d49b924fba854364c28fc7a5b59ad7fe3e1f2b3647cda9fe
                                                                                                                                                                                                • Opcode Fuzzy Hash: cae27db4b6efbe8ee9a35b920b5c004892edd5f3be62e32da9bca2eaea707938
                                                                                                                                                                                                • Instruction Fuzzy Hash: C202D262E39F07D2FAA5BB56A844574A3E8AF05741FC85931CD5E02360EF3CB16B8230
                                                                                                                                                                                                Function 00007FF7774F4F3C Relevance: 24.0, APIs: 9, Strings: 4, Instructions: 1226COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _invalid_parameter_noinfo$memcpy_s$fegetenv
                                                                                                                                                                                                • String ID: 1#IND$1#INF$1#QNAN$1#SNAN
                                                                                                                                                                                                • API String ID: 808467561-2761157908
                                                                                                                                                                                                • Opcode ID: bb6cec2ce46f007fa84a863b38da7ae069ced8f07d493ab880abb3cd0c34ba1e
                                                                                                                                                                                                • Instruction ID: a0b253d523adb94a5874d62afee64f15d5e366cdf2522c1e8d0511565731047d
                                                                                                                                                                                                • Opcode Fuzzy Hash: bb6cec2ce46f007fa84a863b38da7ae069ced8f07d493ab880abb3cd0c34ba1e
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6AB2C273B382828BE7659F66D4407FDF7A1FB44348F985135DE0A57A84DB38AA02CB50
                                                                                                                                                                                                Function 00007FF7774DBB3D Relevance: 12.0, Strings: 9, Instructions: 744COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID: invalid bit length repeat$invalid code -- missing end-of-block$invalid code lengths set$invalid distance code$invalid distance too far back$invalid distances set$invalid literal/length code$invalid literal/lengths set$too many length or distance symbols
                                                                                                                                                                                                • API String ID: 0-2665694366
                                                                                                                                                                                                • Opcode ID: 3e6e330d12f60c46f475a6d4d5d90c217e90d68feff1715015d2917322964220
                                                                                                                                                                                                • Instruction ID: 53b7373f6e5f4d36a86f512e4a74fc34af299cdfecf4b24288e5454848f60858
                                                                                                                                                                                                • Opcode Fuzzy Hash: 3e6e330d12f60c46f475a6d4d5d90c217e90d68feff1715015d2917322964220
                                                                                                                                                                                                • Instruction Fuzzy Hash: 93520573A386A68BD7A49F15C498B7D7BA9FB85340F414139EB8A87780DB3CD811CB50
                                                                                                                                                                                                Function 00007FF7774DDFBC Relevance: 10.6, APIs: 7, Instructions: 71COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ExceptionFilterPresentUnhandled$CaptureContextDebuggerEntryFeatureFunctionLookupProcessorUnwindVirtual
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3140674995-0
                                                                                                                                                                                                • Opcode ID: c3adc2d70a46416e0016ebc7a976b5d71081f12b88a2fc355b22615e51f13282
                                                                                                                                                                                                • Instruction ID: 4c21a652f03d6d783ebf9674add508f0290d9bc39b196231d77948fbf985200e
                                                                                                                                                                                                • Opcode Fuzzy Hash: c3adc2d70a46416e0016ebc7a976b5d71081f12b88a2fc355b22615e51f13282
                                                                                                                                                                                                • Instruction Fuzzy Hash: E7315073A28B8186EB609F61E8807EDB364FB85704F84443ADB4D47B98DF38D559C720
                                                                                                                                                                                                Function 00007FF7774EB4A4 Relevance: 9.1, APIs: 6, Instructions: 83COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ExceptionFilterUnhandled$CaptureContextDebuggerEntryFunctionLookupPresentUnwindVirtual
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1239891234-0
                                                                                                                                                                                                • Opcode ID: 4ae03e7b9a19b86c5d22b90a6790336bc10b9c87be4c5dc0ee32ae9123a7051c
                                                                                                                                                                                                • Instruction ID: 76f1e0574038eace907714abb11f2dd32c250b4b5c91b2c367baa86c26cd2f78
                                                                                                                                                                                                • Opcode Fuzzy Hash: 4ae03e7b9a19b86c5d22b90a6790336bc10b9c87be4c5dc0ee32ae9123a7051c
                                                                                                                                                                                                • Instruction Fuzzy Hash: 5B318733628B8186DB60DF65E8806AEB3A4FB85758F950236EE8D43B54DF3CC556CB10
                                                                                                                                                                                                Function 00007FF7774F2704 Relevance: 7.8, APIs: 5, Instructions: 282COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: FileFindFirst_invalid_parameter_noinfo
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2227656907-0
                                                                                                                                                                                                • Opcode ID: 56078933747ed352146258ac770c45ef829588508b207fb94d730a4e633def5c
                                                                                                                                                                                                • Instruction ID: 47ef4044578e073c8d0ad85959b57d109e1cc62f5406add07a9a3d9e48dac06a
                                                                                                                                                                                                • Opcode Fuzzy Hash: 56078933747ed352146258ac770c45ef829588508b207fb94d730a4e633def5c
                                                                                                                                                                                                • Instruction Fuzzy Hash: 53B1C323B3969241EA61EB2794105BEE390EB45BE4F885232EE4D47BC5DE7CE442C720
                                                                                                                                                                                                Function 00007FF7774DDEA0 Relevance: 6.0, APIs: 4, Instructions: 39timethreadCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CurrentTime$CounterFilePerformanceProcessQuerySystemThread
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2933794660-0
                                                                                                                                                                                                • Opcode ID: 014d93effff5caf25bf47e118e036704a97445821d38eae0d866a55af4ca8f31
                                                                                                                                                                                                • Instruction ID: 4803d1cdc4778122e429a8d276f5dbb9c46d5ab3b4fb725bf7be1a93f5c8a699
                                                                                                                                                                                                • Opcode Fuzzy Hash: 014d93effff5caf25bf47e118e036704a97445821d38eae0d866a55af4ca8f31
                                                                                                                                                                                                • Instruction Fuzzy Hash: DF112A22B24F068AEB00DF61E8542B973A4FB19758F840E35DE6D86BA4DF78D165C350
                                                                                                                                                                                                Function 00007FF7774F4AA0 Relevance: 4.8, APIs: 3, Instructions: 340COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: memcpy_s
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1502251526-0
                                                                                                                                                                                                • Opcode ID: 22262a879fceb6e909bc03be75e0457f7e58912db3df2272f4d30eb0691f5fc1
                                                                                                                                                                                                • Instruction ID: e7d15f3ed7fdb2e90f3cce1eb75364cc7a64e3d93941f58aea5eee369a008f71
                                                                                                                                                                                                • Opcode Fuzzy Hash: 22262a879fceb6e909bc03be75e0457f7e58912db3df2272f4d30eb0691f5fc1
                                                                                                                                                                                                • Instruction Fuzzy Hash: 98C1D573B3868687E7249F5AA044A6AB791F784784F899135DF4E43B84DF3DE902CB40
                                                                                                                                                                                                Function 00007FF7774DB304 Relevance: 4.1, Strings: 3, Instructions: 398COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID: $header crc mismatch$unknown header flags set
                                                                                                                                                                                                • API String ID: 0-1127688429
                                                                                                                                                                                                • Opcode ID: 650c4c5133d35c3a4a76e12775ff643f635e1cb0ad74413b6fbdfe1592178e9a
                                                                                                                                                                                                • Instruction ID: e2d66a892a5af5c1c65654d8c7ede7be9f06ae7528ccf09b86fe3dc7e6a0b0c9
                                                                                                                                                                                                • Opcode Fuzzy Hash: 650c4c5133d35c3a4a76e12775ff643f635e1cb0ad74413b6fbdfe1592178e9a
                                                                                                                                                                                                • Instruction Fuzzy Hash: ABF18163A383C59BE7E5AB1680C8A3ABAA9EF46744F454538DF8907790CB38D852C750
                                                                                                                                                                                                Function 00007FF7774FA5B8 Relevance: 3.2, APIs: 2, Instructions: 227COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ExceptionRaise_clrfp
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 15204871-0
                                                                                                                                                                                                • Opcode ID: d019c25e918e8e92d24de8e23e2662a4069d8e58d1c93dbbe0cc97e0405193a3
                                                                                                                                                                                                • Instruction ID: 57481efb3ac5c1929bd9c568fde533bad6d8fa0d08aa7d73b86fd93914dd0955
                                                                                                                                                                                                • Opcode Fuzzy Hash: d019c25e918e8e92d24de8e23e2662a4069d8e58d1c93dbbe0cc97e0405193a3
                                                                                                                                                                                                • Instruction Fuzzy Hash: E3B17D77620B858BEB15DF2AC4463687BF0F745B88F188821DE5D837A4CB39D452C710
                                                                                                                                                                                                Function 00007FF7774E4834 Relevance: 2.8, Strings: 2, Instructions: 350COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID: $
                                                                                                                                                                                                • API String ID: 0-227171996
                                                                                                                                                                                                • Opcode ID: 65d0721523e1f73f07876592c8e6447a47814920e946cdee30596d7aa7addfb0
                                                                                                                                                                                                • Instruction ID: 43c5a5373d4c33dcd7bc214c67a7a52fb0899fc1aa12a553e25bd40463bdb6e5
                                                                                                                                                                                                • Opcode Fuzzy Hash: 65d0721523e1f73f07876592c8e6447a47814920e946cdee30596d7aa7addfb0
                                                                                                                                                                                                • Instruction Fuzzy Hash: 96E1D637A3864285EB68AE3E804053DB3A0FF45B68F954235EE4E07794DFA9E843C710
                                                                                                                                                                                                Function 00007FF7774DB16B Relevance: 2.7, Strings: 2, Instructions: 216COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID: incorrect header check$invalid window size
                                                                                                                                                                                                • API String ID: 0-900081337
                                                                                                                                                                                                • Opcode ID: 61af65ccc776c84da84267326c2754b3a1bcae24ed69bb063b52a93d8705262f
                                                                                                                                                                                                • Instruction ID: 43664cba9f395d6448c26bebdb9242a2245e04661b96d5d933ffbef7c8e390b6
                                                                                                                                                                                                • Opcode Fuzzy Hash: 61af65ccc776c84da84267326c2754b3a1bcae24ed69bb063b52a93d8705262f
                                                                                                                                                                                                • Instruction Fuzzy Hash: EA91B573A382C68BE7E49B16C4C8B3E7AA9FB45340F514139DF8A46780DB38E551CB50
                                                                                                                                                                                                Function 00007FF7774EED80 Relevance: 2.6, Strings: 2, Instructions: 144COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID: e+000$gfff
                                                                                                                                                                                                • API String ID: 0-3030954782
                                                                                                                                                                                                • Opcode ID: 945de9e2b5c03ccdf46f63211042ea6b364288e93c2147c7509922034c70fd0a
                                                                                                                                                                                                • Instruction ID: 70c2d731deb322c3672492404deea568ddc9f0e6259931a9c87704ac1e46efb9
                                                                                                                                                                                                • Opcode Fuzzy Hash: 945de9e2b5c03ccdf46f63211042ea6b364288e93c2147c7509922034c70fd0a
                                                                                                                                                                                                • Instruction Fuzzy Hash: DA515723B386D186F7249E3A9800769FB91E744BA4F889231CFAC47AD5CFBDD4468710
                                                                                                                                                                                                Function 00007FF7774F1758 Relevance: 2.0, APIs: 1, Instructions: 461COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CurrentFeaturePresentProcessProcessor
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1010374628-0
                                                                                                                                                                                                • Opcode ID: b9faf72c02f4ab809149f6f0dc22c62b6203f0e3796f906706b50ad290c1ba6d
                                                                                                                                                                                                • Instruction ID: ca7c3ec678ac5f115ceb317c6bc5bb0e749095986664097fd44094e803bd75fb
                                                                                                                                                                                                • Opcode Fuzzy Hash: b9faf72c02f4ab809149f6f0dc22c62b6203f0e3796f906706b50ad290c1ba6d
                                                                                                                                                                                                • Instruction Fuzzy Hash: 43029B23F3D68781FA65BB179800679E6A4AF42BA0FC94A35DD6D467D1DE7CA4038330
                                                                                                                                                                                                Function 00007FF7774EE8EC Relevance: 1.5, Strings: 1, Instructions: 254COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID: gfffffff
                                                                                                                                                                                                • API String ID: 0-1523873471
                                                                                                                                                                                                • Opcode ID: b208c905ad4c95024c0ac15b2f9fdf0f49dfc32ada8e77abea0211f680163fdf
                                                                                                                                                                                                • Instruction ID: 41af51420ebd0fb68d46da17eac665a1ebfec2dc460ed89d42607c06ab9f47dc
                                                                                                                                                                                                • Opcode Fuzzy Hash: b208c905ad4c95024c0ac15b2f9fdf0f49dfc32ada8e77abea0211f680163fdf
                                                                                                                                                                                                • Instruction Fuzzy Hash: 8AA16763A387D686FB21DF2AA0407BABB90AB50BA4F448131DE8D47781DA7DE502C315
                                                                                                                                                                                                Function 00007FF7774E9624 Relevance: 1.4, Strings: 1, Instructions: 177COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                • String ID: TMP
                                                                                                                                                                                                • API String ID: 3215553584-3125297090
                                                                                                                                                                                                • Opcode ID: 0bc514115564c120cb299b26683275813f9472b49c05a97149ed3559f50bd79f
                                                                                                                                                                                                • Instruction ID: a87bee099ceaf2123e290bd3583a925321acc185d397fed071605ec525c478f4
                                                                                                                                                                                                • Opcode Fuzzy Hash: 0bc514115564c120cb299b26683275813f9472b49c05a97149ed3559f50bd79f
                                                                                                                                                                                                • Instruction Fuzzy Hash: 8C51CB13F3864241FA68BB275D015BAD290AF85BE4FD84535DE1E43BD6EEBCE4078221
                                                                                                                                                                                                Function 00007FF7774F4310 Relevance: 1.3, APIs: 1, Instructions: 7memoryCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: HeapProcess
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 54951025-0
                                                                                                                                                                                                • Opcode ID: eb891346d8595627d305f32402cdda10bd89b807ac681878923887b418fd1009
                                                                                                                                                                                                • Instruction ID: 13419901b8e24deb95b406f64b827c6194f69b720558e1fa75d1c0c134bcd9dc
                                                                                                                                                                                                • Opcode Fuzzy Hash: eb891346d8595627d305f32402cdda10bd89b807ac681878923887b418fd1009
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6CB09222E3BB02C6EA483B566CC261463A4EF48711FD90978C80C41330DE3C24EB5720
                                                                                                                                                                                                Function 00007FF7774E4430 Relevance: .3, Instructions: 327COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: 859bf5f10888be0ccd2bf49820f7fd1a93f4bc8ef89502b0b4bbd438d1cb9708
                                                                                                                                                                                                • Instruction ID: a329ce6613a4817e88f8337a62cdd7197add2ebf1ebba482e17f02b00a759039
                                                                                                                                                                                                • Opcode Fuzzy Hash: 859bf5f10888be0ccd2bf49820f7fd1a93f4bc8ef89502b0b4bbd438d1cb9708
                                                                                                                                                                                                • Instruction Fuzzy Hash: 4BD1E867E3864285EB68AE3F804023DA3A0AF45B68F954235EE0D476D4DFBDD843C360
                                                                                                                                                                                                Function 00007FF7774DA690 Relevance: .3, Instructions: 287COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: b5c39ef717e235b20cee80fa4827773a7642da0f404bb47506256c4630f2e3f3
                                                                                                                                                                                                • Instruction ID: df48de2fdd4171ba7a1069197e6493cd325deabf0526f971bdc03b8b2ee00a1e
                                                                                                                                                                                                • Opcode Fuzzy Hash: b5c39ef717e235b20cee80fa4827773a7642da0f404bb47506256c4630f2e3f3
                                                                                                                                                                                                • Instruction Fuzzy Hash: A0C1E4732341E48BD28AEB29E4994BA73D1F799349BC8501AEF8747785CB3CE025D720
                                                                                                                                                                                                Function 00007FF7774E3AA0 Relevance: .2, Instructions: 241COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: 31e0c23e94babd60fcd75af8259d5b7fdf169270b00a9d047947f6f4a1554448
                                                                                                                                                                                                • Instruction ID: 6d32218286f5a5c0815d9d28c4ca49b5d2a780abdb954c988380169a20ab5252
                                                                                                                                                                                                • Opcode Fuzzy Hash: 31e0c23e94babd60fcd75af8259d5b7fdf169270b00a9d047947f6f4a1554448
                                                                                                                                                                                                • Instruction Fuzzy Hash: FBB15C73938B8585E7669F2AC05023CBBA0EB45F68FA44235CE4E47395CFB9D442C720
                                                                                                                                                                                                Function 00007FF7774EF400 Relevance: .2, Instructions: 198COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: 52436ecfcf31f5b829930d733cf55dadee13742346b35c7d96de44f62a1b2d00
                                                                                                                                                                                                • Instruction ID: d53ea71edb2929a68093ee688b6e6d628364777527d741ce5125ede8c5d2b2e5
                                                                                                                                                                                                • Opcode Fuzzy Hash: 52436ecfcf31f5b829930d733cf55dadee13742346b35c7d96de44f62a1b2d00
                                                                                                                                                                                                • Instruction Fuzzy Hash: 2A81F273A3878146EBB4EF2A904036AA6D1FB557A4FC04235DE8D43B99CE7CE5028B10
                                                                                                                                                                                                Function 00007FF7774F72A8 Relevance: .2, Instructions: 183COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3215553584-0
                                                                                                                                                                                                • Opcode ID: e73efa4aef73ba6f4a045a1db2123e25ee0d7f5f08947e326bdb19faf1bd0516
                                                                                                                                                                                                • Instruction ID: 6fbc09c33eb1a4106879a5b1b00af65cd1ec68600fcd7a5860d6cc7a5e2ec26a
                                                                                                                                                                                                • Opcode Fuzzy Hash: e73efa4aef73ba6f4a045a1db2123e25ee0d7f5f08947e326bdb19faf1bd0516
                                                                                                                                                                                                • Instruction Fuzzy Hash: 7C61C623E3829246F766BA2A845467DE981BF41760FDD4239FE2D476C1DE6DE8028720
                                                                                                                                                                                                Function 00007FF7774E2FF4 Relevance: .1, Instructions: 146COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: 8e69dfdcc94a0aa650623f7423aa354004c1f2fa01d5c1268249020d4c21f447
                                                                                                                                                                                                • Instruction ID: 6121f7d72f102f45ce96df3dfed6d94f1eda4d7dd3e00cac6f798ba10b4cc079
                                                                                                                                                                                                • Opcode Fuzzy Hash: 8e69dfdcc94a0aa650623f7423aa354004c1f2fa01d5c1268249020d4c21f447
                                                                                                                                                                                                • Instruction Fuzzy Hash: FA518137A38651C6E7269B2AC04423CB3A0EB45F78F644135CE4D477A8CBBAE853C750
                                                                                                                                                                                                Function 00007FF7774E27D4 Relevance: .1, Instructions: 146COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: 68a3f5aab59b2fac328bd6ba34d5b1cd1fa94c6914f84dc4a79da3b9d8ff9a98
                                                                                                                                                                                                • Instruction ID: ad0dbdcdf6965d1580663bbf37b5e19d9ec7a4c3d967cb5a2de3945ac3014240
                                                                                                                                                                                                • Opcode Fuzzy Hash: 68a3f5aab59b2fac328bd6ba34d5b1cd1fa94c6914f84dc4a79da3b9d8ff9a98
                                                                                                                                                                                                • Instruction Fuzzy Hash: 96517677B38A5186E7249B2AC040238B7A0FB55B78F645239CE8D57794CFBAE843C750
                                                                                                                                                                                                Function 00007FF7774E2BE4 Relevance: .1, Instructions: 146COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: 27099d1c67046ba5536a5c52bb1b19252402c8bb4a5167aa336477e7b6d5f807
                                                                                                                                                                                                • Instruction ID: bef3b229d55856433fcb8aae1ba9a25eda2e565e8c49afb671a1ab1036b8ab82
                                                                                                                                                                                                • Opcode Fuzzy Hash: 27099d1c67046ba5536a5c52bb1b19252402c8bb4a5167aa336477e7b6d5f807
                                                                                                                                                                                                • Instruction Fuzzy Hash: 9D51B577A38E5182E7249B2AC044638B3A0EB55F78F644139CE4D077A4CFBAE883C750
                                                                                                                                                                                                Function 00007FF7774E2DF0 Relevance: .1, Instructions: 145COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: e46230d8c0bb23a9b26f12389beaf27d8e9063d4bba2e4d98de2a57eaa924be5
                                                                                                                                                                                                • Instruction ID: 842181d9f4eb78c9c881129f72f6f698e2224cc5822907d5258d5a52eb98d1ee
                                                                                                                                                                                                • Opcode Fuzzy Hash: e46230d8c0bb23a9b26f12389beaf27d8e9063d4bba2e4d98de2a57eaa924be5
                                                                                                                                                                                                • Instruction Fuzzy Hash: 47518437A38A6186E7249B2AC04073CB7A0EB45F68FA84135DE4D17794CF7AE843D750
                                                                                                                                                                                                Function 00007FF7774E25D0 Relevance: .1, Instructions: 145COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: db363646d287334b7a31293e9082935613ba5dde14aee32d187fc7345eaa1eeb
                                                                                                                                                                                                • Instruction ID: fbbb6089cce4b8b4581fa9f94dd44a4b46d6defaf31d24c16112ad6e5bedc1a1
                                                                                                                                                                                                • Opcode Fuzzy Hash: db363646d287334b7a31293e9082935613ba5dde14aee32d187fc7345eaa1eeb
                                                                                                                                                                                                • Instruction Fuzzy Hash: E5518477A38E5186E7249B2AC050239B7A1EB44F68FA44235CE4D177A4CF7AEC53C750
                                                                                                                                                                                                Function 00007FF7774E29E0 Relevance: .1, Instructions: 145COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: f6a3dccb135ddd09f63c505db29ff29986bf9dd63497299e7c799fac6b959aa4
                                                                                                                                                                                                • Instruction ID: e18b71108a1d20bfdddd774931626607302e0389c08806950d3cbd330d87c865
                                                                                                                                                                                                • Opcode Fuzzy Hash: f6a3dccb135ddd09f63c505db29ff29986bf9dd63497299e7c799fac6b959aa4
                                                                                                                                                                                                • Instruction Fuzzy Hash: 9E517337A38A5186E7349F2AC040239B7A1EB49B78FA45135CE8D17794DBBAE843C750
                                                                                                                                                                                                Function 00007FF7774E6BC0 Relevance: .1, Instructions: 138COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: dde3b7cfbcf26fc8d7513faefc9a59c4b8821272907dfbb35b6db6355186da00
                                                                                                                                                                                                • Instruction ID: e8bcacab52e4e74e33988b3b8743e74a416bea88cef2a43a363de57279605f6e
                                                                                                                                                                                                • Opcode Fuzzy Hash: dde3b7cfbcf26fc8d7513faefc9a59c4b8821272907dfbb35b6db6355186da00
                                                                                                                                                                                                • Instruction Fuzzy Hash: F5415B83C3D74E54E951991B0914BB4A681DF227B8ED812B0DCAD1B3D3CE8D79D7C122
                                                                                                                                                                                                Function 00007FF7774EAD30 Relevance: .1, Instructions: 126COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ErrorFreeHeapLast
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 485612231-0
                                                                                                                                                                                                • Opcode ID: f0ae89a26dca149d182ce50b88a8921fc83ab3e8be20eff27c0f0bed46e3e6e7
                                                                                                                                                                                                • Instruction ID: 3ac7ca9fb0c83b6ffc4f5137dc634bfd9676ea336619dedfe6c9662bdfc2363e
                                                                                                                                                                                                • Opcode Fuzzy Hash: f0ae89a26dca149d182ce50b88a8921fc83ab3e8be20eff27c0f0bed46e3e6e7
                                                                                                                                                                                                • Instruction Fuzzy Hash: B841E263B34A5582EF04DF2AD91457AB3A2BB48FD0B899536DE0D87B58DE7CD4428300
                                                                                                                                                                                                Function 00007FF7774E8F74 Relevance: .1, Instructions: 98COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: 2b8cddb4ee5dd57f1c7573491c8f445712dd312cb7e9e547cfd0f9c072f4c0c7
                                                                                                                                                                                                • Instruction ID: 4ec8653af5f1385ef81f6587bca7128e69bf6dae9ce0bc0e2af70c3c309571d2
                                                                                                                                                                                                • Opcode Fuzzy Hash: 2b8cddb4ee5dd57f1c7573491c8f445712dd312cb7e9e547cfd0f9c072f4c0c7
                                                                                                                                                                                                • Instruction Fuzzy Hash: DD31B433738B4182E724AB27684013EE6E5AF85BA0F944239EE5D53BD5DF7CD4128714
                                                                                                                                                                                                Function 00007FF7774FA400 Relevance: .0, Instructions: 32COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: cfe4e3fc2a54007026b549c751ef46841f82dc584412ffa4d6f624c6b18b4180
                                                                                                                                                                                                • Instruction ID: e6a249e3762a04611b2a4dd63383303b982b132fe5c83bf43117536825fec56c
                                                                                                                                                                                                • Opcode Fuzzy Hash: cfe4e3fc2a54007026b549c751ef46841f82dc584412ffa4d6f624c6b18b4180
                                                                                                                                                                                                • Instruction Fuzzy Hash: E9F06872B382558ADB959F2DA802669BBD0F708384F80C839D98D83B14D67C94528F14
                                                                                                                                                                                                Function 00007FF7774DE19C Relevance: .0, Instructions: 2COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: 33a079416ec4e5d2eadde58b7a575c5f38234538eab88a2afaf1a4ddf2683be1
                                                                                                                                                                                                • Instruction ID: b24173f1c3bca9dad0a2d12efde4fbde4292005c3ccb8c8c780970989a4c7dcd
                                                                                                                                                                                                • Opcode Fuzzy Hash: 33a079416ec4e5d2eadde58b7a575c5f38234538eab88a2afaf1a4ddf2683be1
                                                                                                                                                                                                • Instruction Fuzzy Hash: 43A00122A38952D0E698AB52A891024A220FB51300B890872D94D410E0DE3CA4128224
                                                                                                                                                                                                Function 00007FF7774D5EC0 Relevance: 231.4, APIs: 86, Strings: 46, Instructions: 402libraryloaderCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetProcAddress.KERNEL32(?,00007FF7774D6BF4,?,00007FF7774D35EE), ref: 00007FF7774D5ED0
                                                                                                                                                                                                • GetLastError.KERNEL32(?,00007FF7774D6BF4,?,00007FF7774D35EE), ref: 00007FF7774D5EE2
                                                                                                                                                                                                • GetProcAddress.KERNEL32(?,00007FF7774D6BF4,?,00007FF7774D35EE), ref: 00007FF7774D5F19
                                                                                                                                                                                                • GetLastError.KERNEL32(?,00007FF7774D6BF4,?,00007FF7774D35EE), ref: 00007FF7774D5F2B
                                                                                                                                                                                                • GetProcAddress.KERNEL32(?,00007FF7774D6BF4,?,00007FF7774D35EE), ref: 00007FF7774D5F44
                                                                                                                                                                                                • GetLastError.KERNEL32(?,00007FF7774D6BF4,?,00007FF7774D35EE), ref: 00007FF7774D5F56
                                                                                                                                                                                                • GetProcAddress.KERNEL32(?,00007FF7774D6BF4,?,00007FF7774D35EE), ref: 00007FF7774D5F6F
                                                                                                                                                                                                • GetLastError.KERNEL32(?,00007FF7774D6BF4,?,00007FF7774D35EE), ref: 00007FF7774D5F81
                                                                                                                                                                                                • GetProcAddress.KERNEL32(?,00007FF7774D6BF4,?,00007FF7774D35EE), ref: 00007FF7774D5F9D
                                                                                                                                                                                                • GetLastError.KERNEL32(?,00007FF7774D6BF4,?,00007FF7774D35EE), ref: 00007FF7774D5FAF
                                                                                                                                                                                                • GetProcAddress.KERNEL32(?,00007FF7774D6BF4,?,00007FF7774D35EE), ref: 00007FF7774D5FCB
                                                                                                                                                                                                • GetLastError.KERNEL32(?,00007FF7774D6BF4,?,00007FF7774D35EE), ref: 00007FF7774D5FDD
                                                                                                                                                                                                • GetProcAddress.KERNEL32(?,00007FF7774D6BF4,?,00007FF7774D35EE), ref: 00007FF7774D5FF9
                                                                                                                                                                                                • GetLastError.KERNEL32(?,00007FF7774D6BF4,?,00007FF7774D35EE), ref: 00007FF7774D600B
                                                                                                                                                                                                • GetProcAddress.KERNEL32(?,00007FF7774D6BF4,?,00007FF7774D35EE), ref: 00007FF7774D6027
                                                                                                                                                                                                • GetLastError.KERNEL32(?,00007FF7774D6BF4,?,00007FF7774D35EE), ref: 00007FF7774D6039
                                                                                                                                                                                                • GetProcAddress.KERNEL32(?,00007FF7774D6BF4,?,00007FF7774D35EE), ref: 00007FF7774D6055
                                                                                                                                                                                                • GetLastError.KERNEL32(?,00007FF7774D6BF4,?,00007FF7774D35EE), ref: 00007FF7774D6067
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: AddressErrorLastProc
                                                                                                                                                                                                • String ID: Failed to get address for %hs$GetProcAddress$LOADER: loaded functions from Python shared library.$PyConfig_Clear$PyConfig_InitIsolatedConfig$PyConfig_Read$PyConfig_SetBytesString$PyConfig_SetString$PyConfig_SetWideStringList$PyErr_Clear$PyErr_Fetch$PyErr_NormalizeException$PyErr_Occurred$PyErr_Print$PyErr_Restore$PyEval_EvalCode$PyImport_AddModule$PyImport_ExecCodeModule$PyImport_ImportModule$PyMarshal_ReadObjectFromString$PyMem_RawFree$PyModule_GetDict$PyObject_CallFunction$PyObject_CallFunctionObjArgs$PyObject_GetAttrString$PyObject_SetAttrString$PyObject_Str$PyPreConfig_InitIsolatedConfig$PyRun_SimpleStringFlags$PyStatus_Exception$PySys_GetObject$PySys_SetObject$PyUnicode_AsUTF8$PyUnicode_Decode$PyUnicode_DecodeFSDefault$PyUnicode_FromFormat$PyUnicode_FromString$PyUnicode_Join$PyUnicode_Replace$Py_DecRef$Py_DecodeLocale$Py_ExitStatusException$Py_Finalize$Py_InitializeFromConfig$Py_IsInitialized$Py_PreInitialize
                                                                                                                                                                                                • API String ID: 199729137-601071275
                                                                                                                                                                                                • Opcode ID: 7214bdd2512a7e3ffe913e20a0d5a1891a050e73a11a9d7823723938df1f469f
                                                                                                                                                                                                • Instruction ID: 35d96b5948b6f6982d8a63e7de585d3b742c90ca54d42ced0e23d56372fc911e
                                                                                                                                                                                                • Opcode Fuzzy Hash: 7214bdd2512a7e3ffe913e20a0d5a1891a050e73a11a9d7823723938df1f469f
                                                                                                                                                                                                • Instruction Fuzzy Hash: D932D562E7DF17D1FA64FB56A844474E3A1AF08786BC85935CD5E02260EF3CB16B8234
                                                                                                                                                                                                Function 00007FF7774D8A70 Relevance: 40.4, APIs: 9, Strings: 14, Instructions: 106COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: LongWindow$BlockCreateErrorLastReasonShutdown
                                                                                                                                                                                                • String ID: LOADER: TerminateProcess call failed (%d)$LOADER: child process has finished.$LOADER: child process not terminated!$LOADER: child process terminated!$LOADER: end of WM_ENDSESSION handler reached!$LOADER: failed to register shutdown block reason (%d)!$LOADER: handling session shutdown - giving the child %d ms to exit...$LOADER: hidden window received WM_ENDSESSION with logoff-option %X and end-session option %X$LOADER: hidden window received WM_QUERYENDSESSION with logoff-option %X$LOADER: performing cleanup...$LOADER: session shutdown has been canceled!$LOADER: session shutdown has been confirmed!$LOADER: terminating the child process...$Needs to remove its temporary files.
                                                                                                                                                                                                • API String ID: 3975851968-1164846305
                                                                                                                                                                                                • Opcode ID: 0b6937d8e1c82e9d7ee17a4801cca9a708411e3c60ecc45f254489cc9985b22d
                                                                                                                                                                                                • Instruction ID: 641bc8b7d9f44f753c201fe2ab1205e9dea289790cc066e52eebd676c317656d
                                                                                                                                                                                                • Opcode Fuzzy Hash: 0b6937d8e1c82e9d7ee17a4801cca9a708411e3c60ecc45f254489cc9985b22d
                                                                                                                                                                                                • Instruction Fuzzy Hash: 46414823E3968281F654BB36E890075E355AF84B90FC44531EF5E837A5DE2CE557C360
                                                                                                                                                                                                Function 00007FF7774D6C20 Relevance: 35.1, APIs: 2, Strings: 18, Instructions: 145COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CurrentProcess
                                                                                                                                                                                                • String ID: Failed to allocate PyConfig structure! Unsupported python version?$Failed to parse run-time options!$Failed to pre-initialize embedded python interpreter!$Failed to set module search paths!$Failed to set program name!$Failed to set python home path!$Failed to set run-time options!$Failed to set sys.argv!$Failed to start embedded python interpreter!$LOADER: applying run-time options...$LOADER: creating PyConfig structure...$LOADER: initializing interpreter configuration...$LOADER: pre-initializing embedded python interpreter...$LOADER: setting module search paths...$LOADER: setting program name...$LOADER: setting python home path...$LOADER: setting sys.argv...$LOADER: starting embedded python interpreter...
                                                                                                                                                                                                • API String ID: 2050909247-1204188993
                                                                                                                                                                                                • Opcode ID: 18105e7a265812531d6e0ca1b97ebdb24c74db055f63608c5484e4245d1126b7
                                                                                                                                                                                                • Instruction ID: bc1d4927a734ee5b10d55f4602de77b36b69c618c209148aa1300bd41670efca
                                                                                                                                                                                                • Opcode Fuzzy Hash: 18105e7a265812531d6e0ca1b97ebdb24c74db055f63608c5484e4245d1126b7
                                                                                                                                                                                                • Instruction Fuzzy Hash: 19618213E3CA4351FA50BB27E8911B9E361AF55785FC40131EE8E422A2EF2DF5578361
                                                                                                                                                                                                Function 00007FF7774D8C50 Relevance: 33.4, APIs: 6, Strings: 13, Instructions: 132COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                  • Part of subcall function 00007FF7774DA220: MultiByteToWideChar.KERNEL32(?,?,?,00007FF7774D3CB6), ref: 00007FF7774DA259
                                                                                                                                                                                                • ExpandEnvironmentStringsW.KERNEL32(?,00007FF7774D94A7,?,?,00000000,00007FF7774D4223), ref: 00007FF7774D8CAC
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D2A60: GetCurrentProcessId.KERNEL32(?,?,?,?,?,00007FF7774D3C41,?,00007FF7774D3CC2), ref: 00007FF7774D2AB0
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D2A60: OutputDebugStringW.KERNEL32(?,?,?,?,?,00007FF7774D3C41), ref: 00007FF7774D2B25
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D2A60: MessageBoxW.USER32 ref: 00007FF7774D2B45
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ByteCharCurrentDebugEnvironmentExpandMessageMultiOutputProcessStringStringsWide
                                                                                                                                                                                                • String ID: %.*s$CreateDirectory$LOADER: absolute runtime-tmpdir is %ls$LOADER: appending backslash to the given drive root %ls$LOADER: creating runtime-tmpdir path component: %ls$LOADER: creating runtime-tmpdir path: %ls$LOADER: expanded runtime-tmpdir is a drive root: %ls$LOADER: failed to convert runtime-tmpdir to a wide string.$LOADER: failed to create runtime-tmpdir path %ls!$LOADER: failed to expand environment variables in the runtime-tmpdir.$LOADER: failed to obtain the absolute path of the runtime-tmpdir.$LOADER: runtime-tmpdir points to non-existent drive %ls (type: %d)!$\
                                                                                                                                                                                                • API String ID: 398162068-1319882304
                                                                                                                                                                                                • Opcode ID: 6c42c7b80c313d75e51da2de00d74bff8a3918db1143bdb5d64965677917a3d1
                                                                                                                                                                                                • Instruction ID: 7870940e1ce00c3db33e53123db6951629ce299cd872dfc06144c07f2e7413cf
                                                                                                                                                                                                • Opcode Fuzzy Hash: 6c42c7b80c313d75e51da2de00d74bff8a3918db1143bdb5d64965677917a3d1
                                                                                                                                                                                                • Instruction Fuzzy Hash: 0E514813A3964381FB90FB27E8952BAE255FF54780FC44432DF8E82695EF2CE5168720
                                                                                                                                                                                                Function 00007FF7774D90B0 Relevance: 24.7, APIs: 6, Strings: 8, Instructions: 159COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetCurrentProcess.KERNEL32(?,00000000,?,?,00007FF7774D9FC1), ref: 00007FF7774D90E2
                                                                                                                                                                                                • K32EnumProcessModules.KERNEL32(?,?,00007FF7774D9FC1), ref: 00007FF7774D9139
                                                                                                                                                                                                  • Part of subcall function 00007FF7774DA220: MultiByteToWideChar.KERNEL32(?,?,?,00007FF7774D3CB6), ref: 00007FF7774DA259
                                                                                                                                                                                                • K32GetModuleFileNameExW.KERNEL32(?,?,00007FF7774D9FC1), ref: 00007FF7774D91E2
                                                                                                                                                                                                • K32GetModuleFileNameExW.KERNEL32(?,?,00007FF7774D9FC1), ref: 00007FF7774D9281
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D2880: GetCurrentProcessId.KERNEL32(?,?,?,?,?,00007FF7774D3BC3,?,00007FF7774D3CC2), ref: 00007FF7774D28CE
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D2880: OutputDebugStringW.KERNEL32(?,?,?,?,?,00007FF7774D3BC3,?,00007FF7774D3CC2), ref: 00007FF7774D2938
                                                                                                                                                                                                  • Part of subcall function 00007FF7774E88CC: _invalid_parameter_noinfo.LIBCMT ref: 00007FF7774E88E9
                                                                                                                                                                                                • FreeLibrary.KERNEL32(?,?,00007FF7774D9FC1), ref: 00007FF7774D92B4
                                                                                                                                                                                                • FreeLibrary.KERNEL32(?,?,00007FF7774D9FC1), ref: 00007FF7774D92DE
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Process$CurrentFileFreeLibraryModuleName$ByteCharDebugEnumModulesMultiOutputStringWide_invalid_parameter_noinfo
                                                                                                                                                                                                • String ID: LOADER: DLL unloaded after %d attempt(s)!$LOADER: could not resolve DLL's name (was it unloaded?) - skipping!$LOADER: could not resolve DLL's name - skipping!$LOADER: forcing unload of %ls (attempt #%d)$LOADER: found %d DLL(s) loaded from application's temporary directory!$LOADER: found %d loaded DLLs...$LOADER: giving up after %d attempts!$LOADER: loaded DLL: %ls
                                                                                                                                                                                                • API String ID: 1205768147-1546440269
                                                                                                                                                                                                • Opcode ID: 5a97a5ed9957ffbde5be3840da8f1adffc2c8a46e2bfdb16992fbd8f4caeacee
                                                                                                                                                                                                • Instruction ID: 4a34346a97b077a32424d81bb2e170b1e52fb1d5003c8e001b8f67ccbf200633
                                                                                                                                                                                                • Opcode Fuzzy Hash: 5a97a5ed9957ffbde5be3840da8f1adffc2c8a46e2bfdb16992fbd8f4caeacee
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6C617423B3968242EA60BB12A9802BAE394FF44784FC44535EF8D87695EE3CD517C720
                                                                                                                                                                                                Function 00007FF7774D21C0 Relevance: 17.6, APIs: 9, Strings: 1, Instructions: 120COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: MoveWindow$ObjectSelect$DrawReleaseText
                                                                                                                                                                                                • String ID: P%
                                                                                                                                                                                                • API String ID: 2147705588-2959514604
                                                                                                                                                                                                • Opcode ID: 3500614061f5ceb163c3b7033a707fbd0e5c5059e6765f43b08d1a25968858d7
                                                                                                                                                                                                • Instruction ID: b52472a4dd967086f25e7f5d595ccee8ebb5f2936e6dc1d97123b0c896f37612
                                                                                                                                                                                                • Opcode Fuzzy Hash: 3500614061f5ceb163c3b7033a707fbd0e5c5059e6765f43b08d1a25968858d7
                                                                                                                                                                                                • Instruction Fuzzy Hash: 3D5107266247A186D634AF36A0181BAF7A1FB98B65F404121EFCF43684DF3CD046CB20
                                                                                                                                                                                                Function 00007FF7774E7120 Relevance: 14.5, APIs: 3, Strings: 5, Instructions: 494COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                • String ID: -$:$f$p$p
                                                                                                                                                                                                • API String ID: 3215553584-2013873522
                                                                                                                                                                                                • Opcode ID: 05289c79a0973464c9e6def38ad17f96859a0f6bf6326b9c8ee99a6d91406060
                                                                                                                                                                                                • Instruction ID: 1dc00039014d95103d86b13ef995ba2b4e3318de1a24d6a6bb1923f33ba6fe16
                                                                                                                                                                                                • Opcode Fuzzy Hash: 05289c79a0973464c9e6def38ad17f96859a0f6bf6326b9c8ee99a6d91406060
                                                                                                                                                                                                • Instruction Fuzzy Hash: D5129163E3C14386FB667A16E55467AF691FB40770FC44136EE8946AC4DBBCE482CB20
                                                                                                                                                                                                Function 00007FF7774E1E58 Relevance: 14.5, APIs: 3, Strings: 5, Instructions: 475COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                • String ID: f$f$p$p$f
                                                                                                                                                                                                • API String ID: 3215553584-1325933183
                                                                                                                                                                                                • Opcode ID: 36904858277830fb8bea51a287cdb11102976cd150a0ae475a72b14e7f9093e8
                                                                                                                                                                                                • Instruction ID: e146b679cc6fccba92f43ff9e8364366a6c6a6162e12e18439b9390c4b37c0c7
                                                                                                                                                                                                • Opcode Fuzzy Hash: 36904858277830fb8bea51a287cdb11102976cd150a0ae475a72b14e7f9093e8
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6712B673E3C94386FB24BB16D454679F2A1FB40764FC44139EA99465C4DFBCE5828B20
                                                                                                                                                                                                Function 00007FF7774D1050 Relevance: 14.1, APIs: 1, Strings: 7, Instructions: 119COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CurrentProcess
                                                                                                                                                                                                • String ID: Failed to extract %s: failed to allocate data buffer (%u bytes)!$Failed to extract %s: failed to open archive file!$Failed to extract %s: failed to read data chunk!$Failed to extract %s: failed to seek to the entry's data!$fread$fseek$malloc
                                                                                                                                                                                                • API String ID: 2050909247-3659356012
                                                                                                                                                                                                • Opcode ID: 7c0513f29920909b21f2839a02d5be88ec000e9e96ca53ebaf71eb4355b6f502
                                                                                                                                                                                                • Instruction ID: 270e0c44eaecfb4378800910b4ff70f92d84586663551845ad089dd89dc48f8b
                                                                                                                                                                                                • Opcode Fuzzy Hash: 7c0513f29920909b21f2839a02d5be88ec000e9e96ca53ebaf71eb4355b6f502
                                                                                                                                                                                                • Instruction Fuzzy Hash: 7841B223B3865281EA50FB23A8845B9E3A1BF49BD0FC54832EE9C07785DE3CE5178310
                                                                                                                                                                                                Function 00007FF7774D1470 Relevance: 14.1, APIs: 1, Strings: 7, Instructions: 107COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CurrentProcess
                                                                                                                                                                                                • String ID: Failed to extract %s: failed to allocate data buffer (%u bytes)!$Failed to extract %s: failed to open archive file!$Failed to extract %s: failed to read data chunk!$Failed to extract %s: failed to seek to the entry's data!$fread$fseek$malloc
                                                                                                                                                                                                • API String ID: 2050909247-3659356012
                                                                                                                                                                                                • Opcode ID: a1c90601819269e9e8e50c38e445d523033ebe92f8649d909255b95eeca1648e
                                                                                                                                                                                                • Instruction ID: 17409fe3dc9bf598ac3ff9d3285ede9d999a96e2d541335d6e488f42cb415dd8
                                                                                                                                                                                                • Opcode Fuzzy Hash: a1c90601819269e9e8e50c38e445d523033ebe92f8649d909255b95eeca1648e
                                                                                                                                                                                                • Instruction Fuzzy Hash: FB41AF23B3864285EA50EB27E8905B9E3A0FF44794FC54932EE9D07B95DE7CE5138720
                                                                                                                                                                                                Function 00007FF7774D2EC0 Relevance: 14.1, APIs: 4, Strings: 4, Instructions: 106windowCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetCurrentProcessId.KERNEL32(?,?,?,?,?,?,?,?,00007FF7774D3B96,?,00007FF7774D3CC2), ref: 00007FF7774D2F0E
                                                                                                                                                                                                • FormatMessageW.KERNEL32(?,?,?,?,?,?,?,?,00007FF7774D3B96,?,00007FF7774D3CC2), ref: 00007FF7774D2FD3
                                                                                                                                                                                                • OutputDebugStringW.KERNEL32(?,?,?,?,?,?,?,00007FF7774D3B96,?,00007FF7774D3CC2), ref: 00007FF7774D2FF4
                                                                                                                                                                                                • MessageBoxW.USER32 ref: 00007FF7774D3014
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Message$CurrentDebugFormatOutputProcessString
                                                                                                                                                                                                • String ID: %ls: $<FormatMessageW failed.>$Error$[PYI-%d:ERROR]
                                                                                                                                                                                                • API String ID: 3610484179-251083826
                                                                                                                                                                                                • Opcode ID: 828f12746ff879e1f0e842e6a95a12500ee58c826faa7b6d58959c677cb04922
                                                                                                                                                                                                • Instruction ID: e33df9532d17adc601730c1093e9a73100e276c6c6b36bcbcf7f1b7440f46ec2
                                                                                                                                                                                                • Opcode Fuzzy Hash: 828f12746ff879e1f0e842e6a95a12500ee58c826faa7b6d58959c677cb04922
                                                                                                                                                                                                • Instruction Fuzzy Hash: 9741D733728B4142E620B726A8542EAA695BF88798F810536EF8D93759DE3CD517C710
                                                                                                                                                                                                Function 00007FF7774D6A60 Relevance: 13.6, APIs: 1, Strings: 8, Instructions: 88COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CurrentProcess
                                                                                                                                                                                                • String ID: Failed to load Python DLL '%ls'.$LOADER: loading Python shared library: %s$LOADER: ucrtbase.dll found: %s$LoadLibrary$Path of Python shared library (%s) and its name (%s) exceed buffer size (%d)$Path of ucrtbase.dll (%s) and its name exceed buffer size (%d)$Reported length (%d) of Python shared library name (%s) exceeds buffer size (%d)$ucrtbase.dll
                                                                                                                                                                                                • API String ID: 2050909247-523516585
                                                                                                                                                                                                • Opcode ID: 15ace2ed84e3e4fd8af4f1e4870a3928f17c6fb1035122261cb5c8e924473912
                                                                                                                                                                                                • Instruction ID: b99e0253956d71e4b59f882761a9311efa20c0a3a7a6756ba0372b6971e94c3c
                                                                                                                                                                                                • Opcode Fuzzy Hash: 15ace2ed84e3e4fd8af4f1e4870a3928f17c6fb1035122261cb5c8e924473912
                                                                                                                                                                                                • Instruction Fuzzy Hash: 23415332A38A8691EA50FB16E4841F9A361FB45384FC00132DE9D43695DF3CE527C760
                                                                                                                                                                                                Function 00007FF7774D9FA0 Relevance: 13.6, APIs: 1, Strings: 8, Instructions: 56sleepCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D2880: GetCurrentProcessId.KERNEL32(?,?,?,?,?,00007FF7774D3BC3,?,00007FF7774D3CC2), ref: 00007FF7774D28CE
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D2880: OutputDebugStringW.KERNEL32(?,?,?,?,?,00007FF7774D3BC3,?,00007FF7774D3CC2), ref: 00007FF7774D2938
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D90B0: GetCurrentProcess.KERNEL32(?,00000000,?,?,00007FF7774D9FC1), ref: 00007FF7774D90E2
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D90B0: K32EnumProcessModules.KERNEL32(?,?,00007FF7774D9FC1), ref: 00007FF7774D9139
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D90B0: K32GetModuleFileNameExW.KERNEL32(?,?,00007FF7774D9FC1), ref: 00007FF7774D91E2
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D90B0: K32GetModuleFileNameExW.KERNEL32(?,?,00007FF7774D9FC1), ref: 00007FF7774D9281
                                                                                                                                                                                                • Sleep.KERNEL32 ref: 00007FF7774DA019
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Process$CurrentFileModuleName$DebugEnumModulesOutputSleepString
                                                                                                                                                                                                • String ID: LOADER: given up after %d attempts!$LOADER: no bundled DLLs were unloaded from this process.$LOADER: removal failed!$LOADER: removal succeeded.$LOADER: trying to force-unload bundled DLLs from this process...$LOADER: trying to remove temporary directory (attempt %d / %d)...$LOADER: unloaded %d bundled DLL(s) from this process - trying to remove temporary directory again...$LOADER: waiting %d milliseconds before trying to remove temporary directory again...
                                                                                                                                                                                                • API String ID: 3020383390-2558405752
                                                                                                                                                                                                • Opcode ID: 3fddaafbffc56c3e2e98313fb9e4838851cc06c5573c7f2958fe4df0700ed02e
                                                                                                                                                                                                • Instruction ID: e8d9681c0ac48dc25e5d942af8b2a336caa5b33463d9e892eba893b8217a972e
                                                                                                                                                                                                • Opcode Fuzzy Hash: 3fddaafbffc56c3e2e98313fb9e4838851cc06c5573c7f2958fe4df0700ed02e
                                                                                                                                                                                                • Instruction Fuzzy Hash: 1321FC13F3854382E694BB72E9D11B9D250AF84380FC40531EE5E865D6FE2CE967C3A1
                                                                                                                                                                                                Function 00007FF7774DF898 Relevance: 12.6, APIs: 4, Strings: 3, Instructions: 310COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: BlockFrameHandler3::Unwind$CatchExecutionHandlerIs_bad_exception_allowedSearchStatestd::bad_alloc::bad_alloc
                                                                                                                                                                                                • String ID: csm$csm$csm
                                                                                                                                                                                                • API String ID: 849930591-393685449
                                                                                                                                                                                                • Opcode ID: 55a0ec1e8237ffe27285874e05f24c8b912bd44a785cf4b88703c9377fcf81ea
                                                                                                                                                                                                • Instruction ID: 4c3e7b82471b55237a1bb6a12a9d4ac26db66fba3685d5f5396080c465e2501c
                                                                                                                                                                                                • Opcode Fuzzy Hash: 55a0ec1e8237ffe27285874e05f24c8b912bd44a785cf4b88703c9377fcf81ea
                                                                                                                                                                                                • Instruction Fuzzy Hash: F9D1823393874186EBA0AB2694803ADB7E0FB45798F901535DF9D57B59CF38E162C710
                                                                                                                                                                                                Function 00007FF7774DEB58 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 88libraryloaderCOMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • LoadLibraryExW.KERNEL32(?,?,?,00007FF7774DEE0A,?,?,?,00007FF7774DEAFC,?,?,?,00007FF7774DE6F9), ref: 00007FF7774DEBDD
                                                                                                                                                                                                • GetLastError.KERNEL32(?,?,?,00007FF7774DEE0A,?,?,?,00007FF7774DEAFC,?,?,?,00007FF7774DE6F9), ref: 00007FF7774DEBEB
                                                                                                                                                                                                • LoadLibraryExW.KERNEL32(?,?,?,00007FF7774DEE0A,?,?,?,00007FF7774DEAFC,?,?,?,00007FF7774DE6F9), ref: 00007FF7774DEC15
                                                                                                                                                                                                • FreeLibrary.KERNEL32(?,?,?,00007FF7774DEE0A,?,?,?,00007FF7774DEAFC,?,?,?,00007FF7774DE6F9), ref: 00007FF7774DEC83
                                                                                                                                                                                                • GetProcAddress.KERNEL32(?,?,?,00007FF7774DEE0A,?,?,?,00007FF7774DEAFC,?,?,?,00007FF7774DE6F9), ref: 00007FF7774DEC8F
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Library$Load$AddressErrorFreeLastProc
                                                                                                                                                                                                • String ID: api-ms-
                                                                                                                                                                                                • API String ID: 2559590344-2084034818
                                                                                                                                                                                                • Opcode ID: 40a510cebb62c697958816eb18758dfdc694259234190da95a043a57b17deadc
                                                                                                                                                                                                • Instruction ID: 5805506fad620ec8a419f21c54e67e4dbfe8e180eda8fc4702baffa9e30b2726
                                                                                                                                                                                                • Opcode Fuzzy Hash: 40a510cebb62c697958816eb18758dfdc694259234190da95a043a57b17deadc
                                                                                                                                                                                                • Instruction Fuzzy Hash: AE31C323B3AA1290EE6AEB13A480575A294FF44B64F894535DE5D07390EF3CE0568324
                                                                                                                                                                                                Function 00007FF7774D2DB0 Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 67windowCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetCurrentProcessId.KERNEL32(?,00000000,00000000,?,00000000,00007FF7774D9F1F,?,00007FF7774D41E6), ref: 00007FF7774D2E00
                                                                                                                                                                                                • OutputDebugStringW.KERNEL32(?,00000000,00000000,?,00000000,00007FF7774D9F1F,?,00007FF7774D41E6), ref: 00007FF7774D2E75
                                                                                                                                                                                                • MessageBoxW.USER32 ref: 00007FF7774D2E95
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CurrentDebugMessageOutputProcessString
                                                                                                                                                                                                • String ID: WARNING$Warning$[PYI-%d:%ls]
                                                                                                                                                                                                • API String ID: 4028877780-3797743490
                                                                                                                                                                                                • Opcode ID: 7cdf951604488058f5d3dcf27530f518d110344762915852708cf9127e253198
                                                                                                                                                                                                • Instruction ID: 7b2d993933fb6231bc0dee72fa296d97c51456f416fac28f585f06d73107ca93
                                                                                                                                                                                                • Opcode Fuzzy Hash: 7cdf951604488058f5d3dcf27530f518d110344762915852708cf9127e253198
                                                                                                                                                                                                • Instruction Fuzzy Hash: 7B21A223738B4192E760EB55F8847AAB3A4FB88784F800536EE8D53655DF3CD21AC750
                                                                                                                                                                                                Function 00007FF7774D2A60 Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 67windowCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CurrentDebugMessageOutputProcessString
                                                                                                                                                                                                • String ID: ERROR$Error$[PYI-%d:%ls]
                                                                                                                                                                                                • API String ID: 4028877780-255084403
                                                                                                                                                                                                • Opcode ID: 057562ccfe264771108c8c8da914ddfbe5ead419b3895ee0a190aa773fc013a9
                                                                                                                                                                                                • Instruction ID: 5c82a18468766189a2066aabed0df6f5ed46aa831fa4845332f3c201ff2fb5cf
                                                                                                                                                                                                • Opcode Fuzzy Hash: 057562ccfe264771108c8c8da914ddfbe5ead419b3895ee0a190aa773fc013a9
                                                                                                                                                                                                • Instruction Fuzzy Hash: A9219123738B4192E760EB55F8847AAB3A4FB88784F804536EE8D53655DE3CD21AC750
                                                                                                                                                                                                Function 00007FF7774D2CB0 Relevance: 10.6, APIs: 1, Strings: 5, Instructions: 64COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetCurrentProcessId.KERNEL32(00000000,?,?,?,00000000,00007FF7774D37BA,?,?,00007FF7774D3991), ref: 00007FF7774D2D00
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CurrentProcess
                                                                                                                                                                                                • String ID: 0$WARNING$Warning$Warning [ANSI Fallback]$[PYI-%d:%s]
                                                                                                                                                                                                • API String ID: 2050909247-2900015858
                                                                                                                                                                                                • Opcode ID: 3d6eaed68e2c3f8c8e4f3815f915b522a3cc25865f8b93ebb079ac5f1820f5f2
                                                                                                                                                                                                • Instruction ID: f7138cefa4b29641529e5225f1431838cffa3156c51e9098515ea99aa697a35c
                                                                                                                                                                                                • Opcode Fuzzy Hash: 3d6eaed68e2c3f8c8e4f3815f915b522a3cc25865f8b93ebb079ac5f1820f5f2
                                                                                                                                                                                                • Instruction Fuzzy Hash: AB21863363878142E660EB51F8807DAA3A4FB88784F800136FE8D43759DF7CD5568750
                                                                                                                                                                                                Function 00007FF7774EBFE0 Relevance: 10.6, APIs: 7, Instructions: 62COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Value$ErrorLast
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2506987500-0
                                                                                                                                                                                                • Opcode ID: 0350259c4935290fc62fbad7f5c5933cfedd21cdbfd6efef0180ff97d41dade3
                                                                                                                                                                                                • Instruction ID: 5f83e990e4936ee985c2d9657c3fa6f675b33bd6b09cd532eb759010b91e5a3e
                                                                                                                                                                                                • Opcode Fuzzy Hash: 0350259c4935290fc62fbad7f5c5933cfedd21cdbfd6efef0180ff97d41dade3
                                                                                                                                                                                                • Instruction Fuzzy Hash: 23214F23B3834281FA6877AB964157DE1919F457B0FD44B35DC3E47AD6DEADB4038220
                                                                                                                                                                                                Function 00007FF7774F8BFC Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 48fileCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ConsoleWrite$CloseCreateErrorFileHandleLast
                                                                                                                                                                                                • String ID: CONOUT$
                                                                                                                                                                                                • API String ID: 3230265001-3130406586
                                                                                                                                                                                                • Opcode ID: 5c6e57e550d3b47b38588f68e65aae1629f5c424c0371111055432e8af963ac1
                                                                                                                                                                                                • Instruction ID: 67818b6d8d64cedc8dba5ee80361f181a2045e6c474108ef6065577885e07eee
                                                                                                                                                                                                • Opcode Fuzzy Hash: 5c6e57e550d3b47b38588f68e65aae1629f5c424c0371111055432e8af963ac1
                                                                                                                                                                                                • Instruction Fuzzy Hash: 3911D022B38B4186E750AB57E854329A2A0FB88BE4F880234EE1D877A4DF3CD446C750
                                                                                                                                                                                                Function 00007FF7774EC158 Relevance: 9.1, APIs: 6, Instructions: 57COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetLastError.KERNEL32(?,?,?,00007FF7774E5DA1,?,?,?,?,00007FF7774EB31A,?,?,?,?,00007FF7774E801F), ref: 00007FF7774EC167
                                                                                                                                                                                                • FlsSetValue.KERNEL32(?,?,?,00007FF7774E5DA1,?,?,?,?,00007FF7774EB31A,?,?,?,?,00007FF7774E801F), ref: 00007FF7774EC19D
                                                                                                                                                                                                • FlsSetValue.KERNEL32(?,?,?,00007FF7774E5DA1,?,?,?,?,00007FF7774EB31A,?,?,?,?,00007FF7774E801F), ref: 00007FF7774EC1CA
                                                                                                                                                                                                • FlsSetValue.KERNEL32(?,?,?,00007FF7774E5DA1,?,?,?,?,00007FF7774EB31A,?,?,?,?,00007FF7774E801F), ref: 00007FF7774EC1DB
                                                                                                                                                                                                • FlsSetValue.KERNEL32(?,?,?,00007FF7774E5DA1,?,?,?,?,00007FF7774EB31A,?,?,?,?,00007FF7774E801F), ref: 00007FF7774EC1EC
                                                                                                                                                                                                • SetLastError.KERNEL32(?,?,?,00007FF7774E5DA1,?,?,?,?,00007FF7774EB31A,?,?,?,?,00007FF7774E801F), ref: 00007FF7774EC207
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Value$ErrorLast
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2506987500-0
                                                                                                                                                                                                • Opcode ID: 54a3be41825f2b6e5d4e465b306a2b2b89daf69649572617c07869cbaae029a5
                                                                                                                                                                                                • Instruction ID: 7d1042d95b7389e2392936bcd06dca9a62c25077d2e560b9d179575be0d5047b
                                                                                                                                                                                                • Opcode Fuzzy Hash: 54a3be41825f2b6e5d4e465b306a2b2b89daf69649572617c07869cbaae029a5
                                                                                                                                                                                                • Instruction Fuzzy Hash: 73115123B3834242FA68776B554153DE1929F847B0FD44735DC3E46AD6DEACB4038620
                                                                                                                                                                                                Function 00007FF7774D2B70 Relevance: 8.8, APIs: 1, Strings: 4, Instructions: 86COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetCurrentProcessId.KERNEL32(?,?,?,?,?,00000000,00000000,00000000,00007FF7774D1BAA), ref: 00007FF7774D2BBE
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CurrentProcess
                                                                                                                                                                                                • String ID: %s: %s$Error$Error [ANSI Fallback]$[PYI-%d:ERROR]
                                                                                                                                                                                                • API String ID: 2050909247-2962405886
                                                                                                                                                                                                • Opcode ID: 827b3de59d6a9cd9b5b6f226d6c6d3f38a8bc1fc205c4ecf48a1d0be9f0d6c27
                                                                                                                                                                                                • Instruction ID: 6adf6b9f745984b7cd8d26ee2ed08cf84b33e5232bde473dbfa73db202784b43
                                                                                                                                                                                                • Opcode Fuzzy Hash: 827b3de59d6a9cd9b5b6f226d6c6d3f38a8bc1fc205c4ecf48a1d0be9f0d6c27
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6031F823B3878152E720BB62A8406EBA295BF847D4F814132FE8D83749DF7CD5578210
                                                                                                                                                                                                Function 00007FF7774D23D0 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 81windowCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: DeleteDestroyDialogHandleIconIndirectModuleObjectParam
                                                                                                                                                                                                • String ID: Unhandled exception in script
                                                                                                                                                                                                • API String ID: 3081866767-2699770090
                                                                                                                                                                                                • Opcode ID: b21ab4fc2469cdafa3bedd3abf99b7b0ea163460fac471fc1db15480bf9fa156
                                                                                                                                                                                                • Instruction ID: 5a6524d1fb5d203ec8f6a04924ddf2381e55e52be45b918935e85a5b3521e927
                                                                                                                                                                                                • Opcode Fuzzy Hash: b21ab4fc2469cdafa3bedd3abf99b7b0ea163460fac471fc1db15480bf9fa156
                                                                                                                                                                                                • Instruction Fuzzy Hash: 42314F73A29A8285EB20EF62E8556FAA360FF88794F840135EE4D47A55DF3CD146C710
                                                                                                                                                                                                Function 00007FF7774D2960 Relevance: 8.8, APIs: 1, Strings: 4, Instructions: 64COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetCurrentProcessId.KERNEL32(?,?,00000000,00000000,00000000,00007FF7774D1BD9), ref: 00007FF7774D29B0
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CurrentProcess
                                                                                                                                                                                                • String ID: ERROR$Error$Error [ANSI Fallback]$[PYI-%d:%s]
                                                                                                                                                                                                • API String ID: 2050909247-1591803126
                                                                                                                                                                                                • Opcode ID: a417ab35f6fe46d0b776499af19d02e31cce072a5c430b830393cf458dc1f191
                                                                                                                                                                                                • Instruction ID: 1179f2a33552bb8f1041db8bdf155306c506e4f3d095dbc5fc7895dd91c4f82b
                                                                                                                                                                                                • Opcode Fuzzy Hash: a417ab35f6fe46d0b776499af19d02e31cce072a5c430b830393cf458dc1f191
                                                                                                                                                                                                • Instruction Fuzzy Hash: FA21713363878182E660EB62B8807EAA3A4FB88784F800136EECD43659DF7CD1568750
                                                                                                                                                                                                Function 00007FF7774EA918 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 27libraryloaderCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: AddressFreeHandleLibraryModuleProc
                                                                                                                                                                                                • String ID: CorExitProcess$mscoree.dll
                                                                                                                                                                                                • API String ID: 4061214504-1276376045
                                                                                                                                                                                                • Opcode ID: 0445041011577c357e717ecaae105294981f0374ecf8f27c16854f9c2d48fabb
                                                                                                                                                                                                • Instruction ID: fe05e21305b70211c43a05b6217572a3037c573eaca0726e51d0e31de4ef3158
                                                                                                                                                                                                • Opcode Fuzzy Hash: 0445041011577c357e717ecaae105294981f0374ecf8f27c16854f9c2d48fabb
                                                                                                                                                                                                • Instruction Fuzzy Hash: 8AF06227B39B0281FB20AB25E8443799320EF457A5FD40A35DD6D461E4DF2CD446C720
                                                                                                                                                                                                Function 00007FF7774FA1F8 Relevance: 7.6, APIs: 5, Instructions: 56COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _set_statfp
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1156100317-0
                                                                                                                                                                                                • Opcode ID: 2530144b45b37c08dad10d77fcc83a40a954e87303b189ab66742d0fc2e2be8e
                                                                                                                                                                                                • Instruction ID: 5db8efe9c925c28dd0fb887be08aee12b07e6f69d3e5a50c1cea3c105ac2ba16
                                                                                                                                                                                                • Opcode Fuzzy Hash: 2530144b45b37c08dad10d77fcc83a40a954e87303b189ab66742d0fc2e2be8e
                                                                                                                                                                                                • Instruction Fuzzy Hash: 61112B23F78A0201F694316AEC5637993406F5B364FCE6A35FD6E267D6CE3DA8438121
                                                                                                                                                                                                Function 00007FF7774EC220 Relevance: 7.6, APIs: 5, Instructions: 54COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • FlsGetValue.KERNEL32(?,?,?,00007FF7774EB433,?,?,00000000,00007FF7774EB6CE,?,?,?,?,?,00007FF7774EB65A), ref: 00007FF7774EC23F
                                                                                                                                                                                                • FlsSetValue.KERNEL32(?,?,?,00007FF7774EB433,?,?,00000000,00007FF7774EB6CE,?,?,?,?,?,00007FF7774EB65A), ref: 00007FF7774EC25E
                                                                                                                                                                                                • FlsSetValue.KERNEL32(?,?,?,00007FF7774EB433,?,?,00000000,00007FF7774EB6CE,?,?,?,?,?,00007FF7774EB65A), ref: 00007FF7774EC286
                                                                                                                                                                                                • FlsSetValue.KERNEL32(?,?,?,00007FF7774EB433,?,?,00000000,00007FF7774EB6CE,?,?,?,?,?,00007FF7774EB65A), ref: 00007FF7774EC297
                                                                                                                                                                                                • FlsSetValue.KERNEL32(?,?,?,00007FF7774EB433,?,?,00000000,00007FF7774EB6CE,?,?,?,?,?,00007FF7774EB65A), ref: 00007FF7774EC2A8
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Value
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3702945584-0
                                                                                                                                                                                                • Opcode ID: f41bf0f45c4732074ffa559bb21df9329038be0bb1437cd098e0ac50d9c853ac
                                                                                                                                                                                                • Instruction ID: 35d662ac86e74a0b0120e0035b83df5548f5c48d9fac0260e2f9305de0232e4c
                                                                                                                                                                                                • Opcode Fuzzy Hash: f41bf0f45c4732074ffa559bb21df9329038be0bb1437cd098e0ac50d9c853ac
                                                                                                                                                                                                • Instruction Fuzzy Hash: 5A114F23F3874241FAA873AB9541679E2915F853B0FE44735EC3D46AD6DEBCB4438221
                                                                                                                                                                                                Function 00007FF7774EC0B4 Relevance: 7.6, APIs: 5, Instructions: 50COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Value
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3702945584-0
                                                                                                                                                                                                • Opcode ID: 64d798665633a15c947dcbb1d34d3a4c93b1eecd8a68fe2d332a70cb77312de4
                                                                                                                                                                                                • Instruction ID: d4a53143b7fec9928c1eaf51d9c26621bce465ec5092b3372dc788ec51cfdb5d
                                                                                                                                                                                                • Opcode Fuzzy Hash: 64d798665633a15c947dcbb1d34d3a4c93b1eecd8a68fe2d332a70cb77312de4
                                                                                                                                                                                                • Instruction Fuzzy Hash: A011C222A7820381FAA9776B585257DE1814F45370FE84B38DD3E4AAD2DDACB4438671
                                                                                                                                                                                                Function 00007FF7774F0A58 Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 219COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                • String ID: UTF-16LEUNICODE$UTF-8$ccs
                                                                                                                                                                                                • API String ID: 3215553584-1196891531
                                                                                                                                                                                                • Opcode ID: cbd0801a0664652a437363c2176815b6ad829e29b9166d36b62ee28efe49830f
                                                                                                                                                                                                • Instruction ID: 0804d0333c21b9bc6a203612ca32063a69f232b783ca6386196f8d04cc39228f
                                                                                                                                                                                                • Opcode Fuzzy Hash: cbd0801a0664652a437363c2176815b6ad829e29b9166d36b62ee28efe49830f
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6981B433E3824285FB687F278158279A7A0EB91B48FDD9031DE09576A5DF2DF8439321
                                                                                                                                                                                                Function 00007FF7774DE4D8 Relevance: 7.2, APIs: 3, Strings: 1, Instructions: 154COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CurrentImageNonwritableUnwind__except_validate_context_record
                                                                                                                                                                                                • String ID: csm
                                                                                                                                                                                                • API String ID: 2395640692-1018135373
                                                                                                                                                                                                • Opcode ID: 6d06903a11e4eccf6ced7483e1ee2fbd0b2764b28c3e0d7fde6b90923ce0bdce
                                                                                                                                                                                                • Instruction ID: 66a67807410fdb17856f17b51da2e98620989c18a0448a0f09491104cd24833e
                                                                                                                                                                                                • Opcode Fuzzy Hash: 6d06903a11e4eccf6ced7483e1ee2fbd0b2764b28c3e0d7fde6b90923ce0bdce
                                                                                                                                                                                                • Instruction Fuzzy Hash: BE519333B396128ADB98AF56D084A38B791EB44B84F914131DF8943784EF78E862C714
                                                                                                                                                                                                Function 00007FF7774DFD68 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 146COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CallEncodePointerTranslator
                                                                                                                                                                                                • String ID: MOC$RCC
                                                                                                                                                                                                • API String ID: 3544855599-2084237596
                                                                                                                                                                                                • Opcode ID: 4be1b3a6162807ade533e9a562a8ba477cdc1b9b8f7b7f7e0e02e5968d613ed2
                                                                                                                                                                                                • Instruction ID: 2251909d6f1bebbd4d896c4073ce4430712106fd43fdced796d098d0c925aee7
                                                                                                                                                                                                • Opcode Fuzzy Hash: 4be1b3a6162807ade533e9a562a8ba477cdc1b9b8f7b7f7e0e02e5968d613ed2
                                                                                                                                                                                                • Instruction Fuzzy Hash: 88614D33928B8585DBB09B16E4803AAB7A0FB85794F444625EFDC03B99DF7CD1A1CB10
                                                                                                                                                                                                Function 00007FF7774E0118 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 146COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Frame$EmptyHandler3::StateUnwind__except_validate_context_record
                                                                                                                                                                                                • String ID: csm$csm
                                                                                                                                                                                                • API String ID: 3896166516-3733052814
                                                                                                                                                                                                • Opcode ID: 43da3ea47f9807e60bb22aa6e51170387ab3b87be5e84f223723752f32086958
                                                                                                                                                                                                • Instruction ID: 6281da02fe30cc5dbbdd2af5017b036af62cb75d7f8d082ee6ad570ce1390981
                                                                                                                                                                                                • Opcode Fuzzy Hash: 43da3ea47f9807e60bb22aa6e51170387ab3b87be5e84f223723752f32086958
                                                                                                                                                                                                • Instruction Fuzzy Hash: 1651D3339382428AEB74AB13914836CB7D0EB55BA4FA44136DEAC47BA5CF7CE452C711
                                                                                                                                                                                                Function 00007FF7774ED430 Relevance: 6.3, APIs: 4, Instructions: 299fileCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: FileWrite$ConsoleErrorLastOutput
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2718003287-0
                                                                                                                                                                                                • Opcode ID: 66024a8efee63ca507785ae5bdcff78a5678cf43b823743de2dc90b43ef89417
                                                                                                                                                                                                • Instruction ID: f40970e6b6a3b90245a549fc22c82a9af3ab2fc3b9b3d0f337d8f369519c7343
                                                                                                                                                                                                • Opcode Fuzzy Hash: 66024a8efee63ca507785ae5bdcff78a5678cf43b823743de2dc90b43ef89417
                                                                                                                                                                                                • Instruction Fuzzy Hash: D7D10473B28A4189EB10DF76D4402AC77B1FB457A8B884235CE5E97B99DE78E027C710
                                                                                                                                                                                                Function 00007FF7774D2100 Relevance: 6.1, APIs: 4, Instructions: 52COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: LongWindow$DialogInvalidateRect
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1956198572-0
                                                                                                                                                                                                • Opcode ID: 0d6a54b01a0c48151da7b8fe57f6b19d6aed648dbf882a6b24d0b939765cf479
                                                                                                                                                                                                • Instruction ID: f0effdca2faee34cf72e25947281fcfd8fb55a310882844f09c0d02a47c44b49
                                                                                                                                                                                                • Opcode Fuzzy Hash: 0d6a54b01a0c48151da7b8fe57f6b19d6aed648dbf882a6b24d0b939765cf479
                                                                                                                                                                                                • Instruction Fuzzy Hash: F211AC22A3815241FA94B767E98427D9252EB85780FC88430DF8907B99CD2CD4974610
                                                                                                                                                                                                Function 00007FF7774D2660 Relevance: 6.0, APIs: 4, Instructions: 44windowCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: DebugMessageOutputString$ByteCharMultiWide
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2053247551-0
                                                                                                                                                                                                • Opcode ID: 5017166035da83f72ec5c6f0ebe3249bdfa21e400b60e2840d32238a23ff38f5
                                                                                                                                                                                                • Instruction ID: a64ff5528dc0aabec4bf14f692c88b328958f1bd09cd7d465772f4a561ce1960
                                                                                                                                                                                                • Opcode Fuzzy Hash: 5017166035da83f72ec5c6f0ebe3249bdfa21e400b60e2840d32238a23ff38f5
                                                                                                                                                                                                • Instruction Fuzzy Hash: FB01C463B38B8685EA30BB52F8442A9A321FF48BC4F844131EE8D47795DF2CE55AC710
                                                                                                                                                                                                Function 00007FF7774F69AC Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 121COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _get_daylight$_invalid_parameter_noinfo
                                                                                                                                                                                                • String ID: ?
                                                                                                                                                                                                • API String ID: 1286766494-1684325040
                                                                                                                                                                                                • Opcode ID: c1bdc2579b956790bb50de508ea3c9c66a422cfaa899ad11feabb2fbc1353bbb
                                                                                                                                                                                                • Instruction ID: e3823b6f258885082333d2f4682d05316d85e020db38f3e8d2c5b66a6f5a45ce
                                                                                                                                                                                                • Opcode Fuzzy Hash: c1bdc2579b956790bb50de508ea3c9c66a422cfaa899ad11feabb2fbc1353bbb
                                                                                                                                                                                                • Instruction Fuzzy Hash: FE411B13A3868255F720BB27D40177AD650EB817A8F984235EF5D06AD9DF3CD443C711
                                                                                                                                                                                                Function 00007FF7774E9EA4 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 111COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • _invalid_parameter_noinfo.LIBCMT ref: 00007FF7774E9ED6
                                                                                                                                                                                                  • Part of subcall function 00007FF7774EB7D8: RtlFreeHeap.NTDLL(?,?,?,00007FF7774F3BB2,?,?,?,00007FF7774F3BEF,?,?,00000000,00007FF7774F40B5,?,?,?,00007FF7774F3FE7), ref: 00007FF7774EB7EE
                                                                                                                                                                                                  • Part of subcall function 00007FF7774EB7D8: GetLastError.KERNEL32(?,?,?,00007FF7774F3BB2,?,?,?,00007FF7774F3BEF,?,?,00000000,00007FF7774F40B5,?,?,?,00007FF7774F3FE7), ref: 00007FF7774EB7F8
                                                                                                                                                                                                • GetModuleFileNameW.KERNEL32(?,?,?,?,?,00007FF7774DDA35), ref: 00007FF7774E9EF4
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ErrorFileFreeHeapLastModuleName_invalid_parameter_noinfo
                                                                                                                                                                                                • String ID: C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                                • API String ID: 3580290477-677433768
                                                                                                                                                                                                • Opcode ID: d70d381c8e345d7a8140167bce06820baf7692cd245d0ed09c2ccdb5c07d0d09
                                                                                                                                                                                                • Instruction ID: 046a6e0b4d905ed4708c9b894bc78ff753902b62025c5aace68e1e773525bb5f
                                                                                                                                                                                                • Opcode Fuzzy Hash: d70d381c8e345d7a8140167bce06820baf7692cd245d0ed09c2ccdb5c07d0d09
                                                                                                                                                                                                • Instruction Fuzzy Hash: D2416D37A38B1285EB15FF2698400BDA7A4EF457E4B954136EE4E43B85DE7CE482C321
                                                                                                                                                                                                Function 00007FF7774EDAC8 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 100fileCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ErrorFileLastWrite
                                                                                                                                                                                                • String ID: U
                                                                                                                                                                                                • API String ID: 442123175-4171548499
                                                                                                                                                                                                • Opcode ID: f9c316fb67ba2be537d208413cf1220e477e2a5b4c7a1811549ade85e5129248
                                                                                                                                                                                                • Instruction ID: 3a8ea10d3cc23d6cdc4bceb1c377381442f977942b229badcff0c5068e059c7b
                                                                                                                                                                                                • Opcode Fuzzy Hash: f9c316fb67ba2be537d208413cf1220e477e2a5b4c7a1811549ade85e5129248
                                                                                                                                                                                                • Instruction Fuzzy Hash: 4341B323A38A4196DB20AF26E4443B9A761FB847D4F844131EE8D87794EF7CD452CB50
                                                                                                                                                                                                Function 00007FF7774F0448 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 66COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CurrentDirectory
                                                                                                                                                                                                • String ID: :
                                                                                                                                                                                                • API String ID: 1611563598-336475711
                                                                                                                                                                                                • Opcode ID: c9761c8d2488dc70686a31964be8ca4e7b45f0d449c8a260b92ec71f156616e0
                                                                                                                                                                                                • Instruction ID: 6bbe3f379d3bd967adbd815038f30fb4e98b8f7794f2f8567e07c0ffd645ccb3
                                                                                                                                                                                                • Opcode Fuzzy Hash: c9761c8d2488dc70686a31964be8ca4e7b45f0d449c8a260b92ec71f156616e0
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6221A563B3864681EB20EB16D44826DA3B1FBC4B44FC94135DE8D43695DFBCE946C760
                                                                                                                                                                                                Function 00007FF7774E0BD8 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 44COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ExceptionFileHeaderRaise
                                                                                                                                                                                                • String ID: csm
                                                                                                                                                                                                • API String ID: 2573137834-1018135373
                                                                                                                                                                                                • Opcode ID: f7ca8b4ebdc19bd2a8daca7b92626e44264ed40d37d4c7e07f6c53dbae7fecdd
                                                                                                                                                                                                • Instruction ID: 529757834f431a268cb3c6a80328f9dcfca076671802485500bc589b91feef85
                                                                                                                                                                                                • Opcode Fuzzy Hash: f7ca8b4ebdc19bd2a8daca7b92626e44264ed40d37d4c7e07f6c53dbae7fecdd
                                                                                                                                                                                                • Instruction Fuzzy Hash: 19115E33628B8082EB249B16F404269B7E0FB88B94F984234DF8D07768DF3CC592C710
                                                                                                                                                                                                Function 00007FF7774F15CC Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 36COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000000.00000002.2422497834.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000000.00000002.2422465231.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422536510.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422577683.00007FF777516000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000000.00000002.2422647764.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_0_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: DriveType_invalid_parameter_noinfo
                                                                                                                                                                                                • String ID: :
                                                                                                                                                                                                • API String ID: 2595371189-336475711
                                                                                                                                                                                                • Opcode ID: ea2191d5d0cf109ba06c2fb9ac991aec13a9c9b56c21ad2cfb2546a21836219d
                                                                                                                                                                                                • Instruction ID: 37648d80cac53d52a561ce7092fa59ae001c314ddba6a139d00434c2a953f536
                                                                                                                                                                                                • Opcode Fuzzy Hash: ea2191d5d0cf109ba06c2fb9ac991aec13a9c9b56c21ad2cfb2546a21836219d
                                                                                                                                                                                                • Instruction Fuzzy Hash: E2018B23A3C60386FB60BF62946127EA3A0EF44745FC80936DE5D82691DF6CE5168A24

                                                                                                                                                                                                Execution Graph

                                                                                                                                                                                                Execution Coverage:1.7%
                                                                                                                                                                                                Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                Signature Coverage:0%
                                                                                                                                                                                                Total number of Nodes:1058
                                                                                                                                                                                                Total number of Limit Nodes:15
                                                                                                                                                                                                execution_graph 92598 7ff7774ea7f1 92610 7ff7774eb268 92598->92610 92600 7ff7774ea7f6 92601 7ff7774ea81d GetModuleHandleW 92600->92601 92602 7ff7774ea867 92600->92602 92601->92602 92608 7ff7774ea82a 92601->92608 92603 7ff7774ea6f4 11 API calls 92602->92603 92604 7ff7774ea8a3 92603->92604 92605 7ff7774ea8aa 92604->92605 92606 7ff7774ea8c0 11 API calls 92604->92606 92607 7ff7774ea8bc 92606->92607 92608->92602 92609 7ff7774ea918 GetModuleHandleExW GetProcAddress FreeLibrary 92608->92609 92609->92602 92615 7ff7774ebfe0 45 API calls 3 library calls 92610->92615 92612 7ff7774eb271 92616 7ff7774eb394 45 API calls 2 library calls 92612->92616 92615->92612 93878 7ff7774d2100 93879 7ff7774d2115 93878->93879 93880 7ff7774d217b GetWindowLongPtrW 93878->93880 93881 7ff7774d2122 93879->93881 93883 7ff7774d214a SetWindowLongPtrW 93879->93883 93888 7ff7774d21c0 GetDC 93880->93888 93884 7ff7774d2134 EndDialog 93881->93884 93886 7ff7774d213a 93881->93886 93887 7ff7774d2164 93883->93887 93884->93886 93889 7ff7774d228d 93888->93889 93890 7ff7774d21fd 93888->93890 93893 7ff7774d2292 MoveWindow MoveWindow MoveWindow MoveWindow 93889->93893 93891 7ff7774d222f SelectObject 93890->93891 93892 7ff7774d223b DrawTextW 93890->93892 93891->93892 93894 7ff7774d2265 SelectObject 93892->93894 93895 7ff7774d2271 ReleaseDC 93892->93895 93896 7ff7774dd3e0 _log10_special 8 API calls 93893->93896 93894->93895 93895->93893 93897 7ff7774d2198 InvalidateRect 93896->93897 93897->93886 92617 7ff8a8782b58 92618 7ff8a897a950 92617->92618 92619 7ff8a897a95a TlsFree 92618->92619 92620 7ff7774ddacc 92641 7ff7774ddc9c 92620->92641 92623 7ff7774ddc18 92837 7ff7774ddfbc 7 API calls 2 library calls 92623->92837 92624 7ff7774ddae8 __scrt_acquire_startup_lock 92626 7ff7774ddc22 92624->92626 92633 7ff7774ddb06 __scrt_release_startup_lock 92624->92633 92838 7ff7774ddfbc 7 API calls 2 library calls 92626->92838 92628 7ff7774ddb2b 92629 7ff7774ddc2d __GetCurrentState 92630 7ff7774ddbb1 92647 7ff7774de104 92630->92647 92632 7ff7774ddbb6 92650 7ff7774d1000 92632->92650 92633->92628 92633->92630 92834 7ff7774ea9bc 45 API calls 92633->92834 92638 7ff7774ddbd9 92638->92629 92836 7ff7774dde20 7 API calls 92638->92836 92640 7ff7774ddbf0 92640->92628 92642 7ff7774ddca4 92641->92642 92643 7ff7774ddcb0 __scrt_dllmain_crt_thread_attach 92642->92643 92644 7ff7774ddae0 92643->92644 92645 7ff7774ddcbd 92643->92645 92644->92623 92644->92624 92645->92644 92839 7ff7774de718 7 API calls 2 library calls 92645->92839 92840 7ff7774fb360 92647->92840 92651 7ff7774d1009 92650->92651 92842 7ff7774e6314 92651->92842 92653 7ff7774d3caa 92849 7ff7774d2770 92653->92849 92658 7ff7774d2770 53 API calls 92659 7ff7774d3ce7 92658->92659 92661 7ff7774d2770 53 API calls 92659->92661 92663 7ff7774d3cf3 92661->92663 92886 7ff7774d1950 92663->92886 92666 7ff7774d3e2b 92669 7ff7774d2770 53 API calls 92666->92669 92667 7ff7774d3d0b 93026 7ff7774d1cc0 92667->93026 92671 7ff7774d3e37 92669->92671 92670 7ff7774d3d29 92672 7ff7774d2770 53 API calls 92670->92672 93031 7ff7774d4c50 92671->93031 92675 7ff7774d3d50 92672->92675 92677 7ff7774d2770 53 API calls 92675->92677 92676 7ff7774d3e4e 92682 7ff7774d2770 53 API calls 92676->92682 92679 7ff7774d3d84 92677->92679 92946 7ff7774d9640 92679->92946 92680 7ff7774d3e7e 92683 7ff7774d3e83 92680->92683 92684 7ff7774d3eb5 92680->92684 92685 7ff7774d3e9c 92682->92685 93061 7ff7774e0edc 92683->93061 92688 7ff7774d1cc0 49 API calls 92684->92688 93065 7ff7774d2960 56 API calls _log10_special 92685->93065 92690 7ff7774d3ed3 92688->92690 92689 7ff7774d3db2 93030 7ff7774d97b0 40 API calls __std_exception_destroy 92689->93030 92695 7ff7774d2770 53 API calls 92690->92695 92691 7ff7774d3d93 92691->92689 92693 7ff7774d3dc1 __std_exception_destroy 92691->92693 92694 7ff7774d2770 53 API calls 92691->92694 92697 7ff7774d9640 14 API calls 92693->92697 92718 7ff7774d3f57 __std_exception_destroy 92693->92718 92694->92689 92698 7ff7774d3f05 92695->92698 92699 7ff7774d3de1 92697->92699 92701 7ff7774d1950 119 API calls 92698->92701 92703 7ff7774d3f65 92699->92703 92704 7ff7774d3ded 92699->92704 92700 7ff7774d3f88 93068 7ff7774d97b0 40 API calls __std_exception_destroy 92700->93068 92706 7ff7774d3f0d 92701->92706 92705 7ff7774d2770 53 API calls 92703->92705 92707 7ff7774d2770 53 API calls 92704->92707 92705->92718 92706->92670 92709 7ff7774d3f1d 92706->92709 92714 7ff7774d3dfc 92707->92714 92708 7ff7774d3f94 93069 7ff7774d97b0 40 API calls __std_exception_destroy 92708->93069 93066 7ff7774d2960 56 API calls _log10_special 92709->93066 92712 7ff7774d3fa0 93070 7ff7774d97b0 40 API calls __std_exception_destroy 92712->93070 92716 7ff7774d2770 53 API calls 92714->92716 92715 7ff7774d3fac 92717 7ff7774d9640 14 API calls 92715->92717 92716->92718 92719 7ff7774d3fc0 92717->92719 92718->92715 93067 7ff7774d9750 40 API calls __std_exception_destroy 92718->93067 92720 7ff7774d40bc 92719->92720 92721 7ff7774d3fe5 __std_exception_destroy 92719->92721 93072 7ff7774d2960 56 API calls _log10_special 92720->93072 92723 7ff7774d2770 53 API calls 92721->92723 92724 7ff7774d4010 92723->92724 92738 7ff7774d4038 92724->92738 93071 7ff7774d9750 40 API calls __std_exception_destroy 92724->93071 92726 7ff7774d9640 14 API calls 92727 7ff7774d4183 __std_exception_destroy 92726->92727 92728 7ff7774d42f4 92727->92728 92729 7ff7774d41bd 92727->92729 93079 7ff7774d4b70 49 API calls 92728->93079 92730 7ff7774d4258 92729->92730 92731 7ff7774d41c9 92729->92731 92735 7ff7774d2770 53 API calls 92730->92735 92734 7ff7774d2770 53 API calls 92731->92734 92733 7ff7774d4301 92736 7ff7774d4323 92733->92736 92737 7ff7774d4317 92733->92737 92739 7ff7774d41d5 92734->92739 92740 7ff7774d4278 92735->92740 92742 7ff7774d1cc0 49 API calls 92736->92742 93080 7ff7774d4cc0 92737->93080 92738->92726 92743 7ff7774d2770 53 API calls 92739->92743 92744 7ff7774d9640 14 API calls 92740->92744 92763 7ff7774d42d4 __std_exception_destroy 92742->92763 92745 7ff7774d41e1 92743->92745 92746 7ff7774d4284 92744->92746 93073 7ff7774d9e70 62 API calls _log10_special 92745->93073 92749 7ff7774d42de 92746->92749 92750 7ff7774d4291 92746->92750 92747 7ff7774d2770 53 API calls 92751 7ff7774d4348 92747->92751 93078 7ff7774d2960 56 API calls _log10_special 92749->93078 92754 7ff7774d1cc0 49 API calls 92750->92754 92755 7ff7774d43b5 92751->92755 92766 7ff7774d4366 SetDllDirectoryW 92751->92766 92752 7ff7774d41e6 92756 7ff7774d41f2 92752->92756 92757 7ff7774d4208 92752->92757 92759 7ff7774d42af 92754->92759 92959 7ff7774da220 92755->92959 93074 7ff7774d2960 56 API calls _log10_special 92756->93074 92758 7ff7774d2770 53 API calls 92757->92758 92762 7ff7774d421b 92758->92762 92759->92763 92764 7ff7774d42b6 92759->92764 93075 7ff7774d9450 91 API calls 2 library calls 92762->93075 92763->92747 93077 7ff7774d2960 56 API calls _log10_special 92764->93077 92765 7ff7774d43c8 92769 7ff7774d43e3 92765->92769 92770 7ff7774d43cd 92765->92770 92771 7ff7774d2880 50 API calls 92766->92771 92964 7ff7774d2880 92769->92964 93083 7ff7774d2960 56 API calls _log10_special 92770->93083 92776 7ff7774d4381 LoadLibraryExW 92771->92776 92772 7ff7774d4223 92777 7ff7774d423d 92772->92777 92778 7ff7774d4227 92772->92778 92773 7ff7774d3cc6 __std_exception_destroy 93093 7ff7774dd3e0 92773->93093 92780 7ff7774d43a9 92776->92780 92783 7ff7774d2770 53 API calls 92777->92783 93076 7ff7774d2960 56 API calls _log10_special 92778->93076 92781 7ff7774d2880 50 API calls 92780->92781 92781->92755 92786 7ff7774d4253 92783->92786 92784 7ff7774d441d 92787 7ff7774d9640 14 API calls 92784->92787 92785 7ff7774d4233 92785->92773 92786->92763 92790 7ff7774d4429 __std_exception_destroy 92787->92790 92788 7ff7774d2770 53 API calls 92829 7ff7774d446c 92788->92829 92789 7ff7774d458c 92792 7ff7774d4595 PostMessageW GetMessageW 92789->92792 92793 7ff7774d45b8 92789->92793 92794 7ff7774d4451 92790->92794 92795 7ff7774d446e 92790->92795 92791 7ff7774d44c6 93086 7ff7774d3970 184 API calls 92791->93086 92792->92793 92973 7ff7774d35e0 92793->92973 92797 7ff7774d2770 53 API calls 92794->92797 92798 7ff7774d4476 92795->92798 92799 7ff7774d4493 92795->92799 92800 7ff7774d445d 92797->92800 92801 7ff7774d2770 53 API calls 92798->92801 92803 7ff7774d4411 92799->92803 92804 7ff7774d44d7 92799->92804 93084 7ff7774d9750 40 API calls __std_exception_destroy 92800->93084 92807 7ff7774d4482 92801->92807 92803->92788 92809 7ff7774d2770 53 API calls 92804->92809 92805 7ff7774d45c8 92987 7ff7774d3910 92805->92987 93085 7ff7774d9750 40 API calls __std_exception_destroy 92807->93085 92812 7ff7774d44e3 92809->92812 93087 7ff7774d75e0 56 API calls _get_daylight 92812->93087 92815 7ff7774d45de 92819 7ff7774d2770 53 API calls 92815->92819 92816 7ff7774d44e8 93088 7ff7774d7c80 119 API calls 2 library calls 92816->93088 92818 7ff7774d44fd 92820 7ff7774d2770 53 API calls 92818->92820 92833 7ff7774d4501 92818->92833 92819->92773 92821 7ff7774d4516 92820->92821 92823 7ff7774d4536 92821->92823 92825 7ff7774d2770 53 API calls 92821->92825 92823->92833 93090 7ff7774d7ab0 130 API calls 92823->93090 92824 7ff7774d4577 92826 7ff7774d77e0 54 API calls 92824->92826 92828 7ff7774d452b 92825->92828 92826->92829 93089 7ff7774d7620 122 API calls _log10_special 92828->93089 92829->92789 92829->92791 92830 7ff7774d454b 92830->92833 93091 7ff7774d7e30 59 API calls 92830->93091 92833->92829 93092 7ff7774d2cb0 56 API calls _log10_special 92833->93092 92834->92630 92835 7ff7774de148 GetModuleHandleW 92835->92638 92836->92640 92837->92626 92838->92629 92839->92644 92841 7ff7774de11b GetStartupInfoW 92840->92841 92841->92632 92843 7ff7774f0310 92842->92843 92845 7ff7774f03b6 92843->92845 92847 7ff7774f0363 92843->92847 93103 7ff7774f01e8 71 API calls _fread_nolock 92845->93103 93102 7ff7774eb6a4 37 API calls 2 library calls 92847->93102 92848 7ff7774f038c 92848->92653 92850 7ff7774d2794 92849->92850 92851 7ff7774d1cc0 49 API calls 92850->92851 92852 7ff7774d27e5 92851->92852 93104 7ff7774e5814 92852->93104 92855 7ff7774da220 2 API calls 92856 7ff7774d283a 92855->92856 92857 7ff7774d284f OutputDebugStringA 92856->92857 92858 7ff7774d283f OutputDebugStringW 92856->92858 92859 7ff7774d285a 92857->92859 92858->92859 92860 7ff7774dd3e0 _log10_special 8 API calls 92859->92860 92861 7ff7774d286a 92860->92861 92862 7ff7774d3b40 92861->92862 93131 7ff7774dd6e0 92862->93131 92865 7ff7774d3ba0 93133 7ff7774da110 FindFirstFileExW 92865->93133 92866 7ff7774d3b7b GetLastError 93138 7ff7774d2ec0 52 API calls _log10_special 92866->93138 92869 7ff7774d3b96 92874 7ff7774dd3e0 _log10_special 8 API calls 92869->92874 92871 7ff7774d3bb2 92873 7ff7774d2880 50 API calls 92871->92873 92872 7ff7774d3c22 93141 7ff7774da2d0 WideCharToMultiByte WideCharToMultiByte __std_exception_destroy 92872->93141 92876 7ff7774d3bc3 92873->92876 92877 7ff7774d3c61 92874->92877 93139 7ff7774da190 CreateFileW GetFinalPathNameByHandleW CloseHandle 92876->93139 92877->92658 92877->92773 92878 7ff7774d3c30 92878->92869 93142 7ff7774d2a60 51 API calls _log10_special 92878->93142 92880 7ff7774d3bd5 92882 7ff7774d3bf1 __vcrt_FlsAlloc 92880->92882 92883 7ff7774d3bd9 92880->92883 92882->92872 93140 7ff7774d2a60 51 API calls _log10_special 92883->93140 92885 7ff7774d3bea 92885->92869 92887 7ff7774d2770 53 API calls 92886->92887 92888 7ff7774d1988 92887->92888 92889 7ff7774d4c50 108 API calls 92888->92889 92890 7ff7774d1997 92889->92890 92891 7ff7774d19b5 92890->92891 92892 7ff7774d199f 92890->92892 92894 7ff7774d88f0 89 API calls 92891->92894 92893 7ff7774d2770 53 API calls 92892->92893 92895 7ff7774d19ae 92893->92895 92896 7ff7774d19ef 92894->92896 92899 7ff7774dd3e0 _log10_special 8 API calls 92895->92899 92897 7ff7774d19f7 92896->92897 92898 7ff7774d1a08 92896->92898 92900 7ff7774d2770 53 API calls 92897->92900 92901 7ff7774d2770 53 API calls 92898->92901 92902 7ff7774d1c9e 92899->92902 92945 7ff7774d1a03 92900->92945 92903 7ff7774d1a17 92901->92903 92902->92666 92902->92667 93143 7ff7774e1564 92903->93143 92905 7ff7774e0edc 74 API calls 92905->92895 92906 7ff7774d1a25 92907 7ff7774d1a48 92906->92907 92908 7ff7774d1a29 92906->92908 93147 7ff7774e122c 92907->93147 93150 7ff7774e5d98 11 API calls _get_daylight 92908->93150 92911 7ff7774d1a2e 93151 7ff7774d2b70 56 API calls _log10_special 92911->93151 92914 7ff7774d1a85 92918 7ff7774d1abb 92914->92918 92919 7ff7774d1a9c 92914->92919 92915 7ff7774d1a66 93152 7ff7774e5d98 11 API calls _get_daylight 92915->93152 92917 7ff7774d1a6b 93153 7ff7774d2b70 56 API calls _log10_special 92917->93153 92922 7ff7774d1cc0 49 API calls 92918->92922 93154 7ff7774e5d98 11 API calls _get_daylight 92919->93154 92924 7ff7774d1ad2 92922->92924 92923 7ff7774d1aa1 93155 7ff7774d2b70 56 API calls _log10_special 92923->93155 92926 7ff7774d1cc0 49 API calls 92924->92926 92927 7ff7774d1b1d 92926->92927 92928 7ff7774e1564 73 API calls 92927->92928 92929 7ff7774d1b41 92928->92929 92930 7ff7774d1b75 92929->92930 92931 7ff7774d1b56 92929->92931 92932 7ff7774e122c _fread_nolock 53 API calls 92930->92932 93156 7ff7774e5d98 11 API calls _get_daylight 92931->93156 92935 7ff7774d1b8a 92932->92935 92934 7ff7774d1b5b 93157 7ff7774d2b70 56 API calls _log10_special 92934->93157 92937 7ff7774d1baf 92935->92937 92938 7ff7774d1b90 92935->92938 93160 7ff7774e0fa0 37 API calls 2 library calls 92937->93160 93158 7ff7774e5d98 11 API calls _get_daylight 92938->93158 92941 7ff7774d1b95 93159 7ff7774d2b70 56 API calls _log10_special 92941->93159 92942 7ff7774d1bc9 92942->92945 93161 7ff7774d2960 56 API calls _log10_special 92942->93161 92945->92905 92947 7ff7774d964a 92946->92947 92948 7ff7774da220 2 API calls 92947->92948 92949 7ff7774d9669 GetEnvironmentVariableW 92948->92949 92950 7ff7774d9686 ExpandEnvironmentStringsW 92949->92950 92951 7ff7774d96d2 92949->92951 92950->92951 92953 7ff7774d96a8 92950->92953 92952 7ff7774dd3e0 _log10_special 8 API calls 92951->92952 92954 7ff7774d96e4 92952->92954 93191 7ff7774da2d0 WideCharToMultiByte WideCharToMultiByte __std_exception_destroy 92953->93191 92954->92691 92956 7ff7774d96ba 92957 7ff7774dd3e0 _log10_special 8 API calls 92956->92957 92958 7ff7774d96ca 92957->92958 92958->92691 92960 7ff7774da242 MultiByteToWideChar 92959->92960 92962 7ff7774da266 92959->92962 92960->92962 92963 7ff7774da27c __std_exception_destroy 92960->92963 92961 7ff7774da283 MultiByteToWideChar 92961->92963 92962->92961 92962->92963 92963->92765 92965 7ff7774dd6e0 92964->92965 92966 7ff7774d28a4 GetCurrentProcessId 92965->92966 93192 7ff7774d2710 92966->93192 92968 7ff7774d28f5 93196 7ff7774e5a68 92968->93196 92971 7ff7774dd3e0 _log10_special 8 API calls 92972 7ff7774d294e SetDllDirectoryW 92971->92972 92972->92784 92972->92803 93216 7ff7774d6a60 92973->93216 92976 7ff7774d3648 92976->92805 92978 7ff7774d3601 92978->92976 93308 7ff7774d6700 92978->93308 92980 7ff7774d360d 92980->92976 93321 7ff7774d68d0 92980->93321 92982 7ff7774d3619 92982->92976 93338 7ff7774d3250 92982->93338 92985 7ff7774d2770 53 API calls 92986 7ff7774d3640 92985->92986 92986->92805 93655 7ff7774d66b0 92987->93655 92990 7ff7774d3940 92994 7ff7774d77e0 92990->92994 92991 7ff7774d2770 53 API calls 92992 7ff7774d3934 92991->92992 93659 7ff7774d9de0 FreeLibrary 92992->93659 92995 7ff7774d77f6 92994->92995 92996 7ff7774d7a0a 92994->92996 92997 7ff7774d77ff 92995->92997 92998 7ff7774d7842 92995->92998 92996->92815 92999 7ff7774d7812 92997->92999 93660 7ff7774d9de0 FreeLibrary 92997->93660 93000 7ff7774d2770 53 API calls 92998->93000 92999->92996 93661 7ff7774d9de0 FreeLibrary 92999->93661 93002 7ff7774d7853 93000->93002 93005 7ff7774d2770 53 API calls 93002->93005 93008 7ff7774d7877 93002->93008 93004 7ff7774d782e 93004->92815 93005->93008 93006 7ff7774d2770 53 API calls 93007 7ff7774d78eb 93006->93007 93009 7ff7774d2770 53 API calls 93007->93009 93013 7ff7774d7937 93007->93013 93008->93006 93010 7ff7774d7904 93009->93010 93011 7ff7774d2770 53 API calls 93010->93011 93011->93013 93012 7ff7774d79bf 93017 7ff7774d2770 53 API calls 93012->93017 93023 7ff7774d79f7 93012->93023 93013->93012 93014 7ff7774d2770 53 API calls 93013->93014 93015 7ff7774d79a3 93014->93015 93662 7ff7774d9de0 FreeLibrary 93015->93662 93016 7ff7774d2770 53 API calls 93016->92996 93018 7ff7774d79db 93017->93018 93663 7ff7774d9de0 FreeLibrary 93018->93663 93021 7ff7774d79af 93021->93012 93024 7ff7774d2770 53 API calls 93021->93024 93022 7ff7774d79e7 93022->93023 93025 7ff7774d2770 53 API calls 93022->93025 93023->93016 93024->93012 93025->93023 93027 7ff7774d1ce5 93026->93027 93028 7ff7774e5814 49 API calls 93027->93028 93029 7ff7774d1d08 93028->93029 93029->92670 93030->92693 93032 7ff7774d4c5c 93031->93032 93033 7ff7774da220 2 API calls 93032->93033 93034 7ff7774d4c84 93033->93034 93035 7ff7774da220 2 API calls 93034->93035 93036 7ff7774d4c97 93035->93036 93664 7ff7774e6e24 93036->93664 93039 7ff7774dd3e0 _log10_special 8 API calls 93040 7ff7774d3e46 93039->93040 93040->92676 93041 7ff7774d88f0 93040->93041 93042 7ff7774d8914 93041->93042 93043 7ff7774d8932 93042->93043 93044 7ff7774d891c 93042->93044 93045 7ff7774e1564 73 API calls 93043->93045 93046 7ff7774d2770 53 API calls 93044->93046 93047 7ff7774d8942 93045->93047 93060 7ff7774d892d __std_exception_destroy 93046->93060 93048 7ff7774d8946 93047->93048 93049 7ff7774d8957 93047->93049 93050 7ff7774d2770 53 API calls 93048->93050 93832 7ff7774e8758 93049->93832 93050->93060 93052 7ff7774d8964 93053 7ff7774d896c 93052->93053 93059 7ff7774d897d 93052->93059 93054 7ff7774d2770 53 API calls 93053->93054 93054->93060 93055 7ff7774e1564 73 API calls 93055->93059 93056 7ff7774d8a26 93058 7ff7774d2770 53 API calls 93056->93058 93057 7ff7774e122c _fread_nolock 53 API calls 93057->93059 93058->93060 93059->93055 93059->93056 93059->93057 93059->93060 93060->92680 93062 7ff7774e0f0c 93061->93062 93848 7ff7774e0cb8 93062->93848 93064 7ff7774e0f25 93064->92676 93065->92773 93066->92773 93067->92700 93068->92708 93069->92712 93070->92715 93071->92738 93072->92773 93073->92752 93074->92773 93075->92772 93076->92785 93077->92773 93078->92773 93079->92733 93081 7ff7774d1cc0 49 API calls 93080->93081 93082 7ff7774d4cf0 93081->93082 93082->92763 93083->92773 93084->92829 93085->92829 93086->92785 93087->92816 93088->92818 93089->92823 93090->92830 93091->92833 93092->92824 93094 7ff7774dd3e9 93093->93094 93095 7ff7774dd770 IsProcessorFeaturePresent 93094->93095 93096 7ff7774d4638 93094->93096 93097 7ff7774dd788 93095->93097 93096->92835 93860 7ff7774dd968 RtlCaptureContext RtlLookupFunctionEntry RtlVirtualUnwind 93097->93860 93099 7ff7774dd79b 93861 7ff7774dd730 SetUnhandledExceptionFilter UnhandledExceptionFilter GetCurrentProcess TerminateProcess 93099->93861 93102->92848 93103->92848 93108 7ff7774e586e 93104->93108 93105 7ff7774e5893 93122 7ff7774eb6a4 37 API calls 2 library calls 93105->93122 93107 7ff7774e58cf 93123 7ff7774e3aa0 49 API calls _invalid_parameter_noinfo 93107->93123 93108->93105 93108->93107 93110 7ff7774e58bd 93113 7ff7774dd3e0 _log10_special 8 API calls 93110->93113 93111 7ff7774e59ac 93112 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 93111->93112 93112->93110 93115 7ff7774d2822 93113->93115 93114 7ff7774e5966 93114->93111 93116 7ff7774e59d0 93114->93116 93117 7ff7774e5981 93114->93117 93118 7ff7774e5978 93114->93118 93115->92855 93116->93111 93119 7ff7774e59da 93116->93119 93124 7ff7774eb7d8 93117->93124 93118->93111 93118->93117 93121 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 93119->93121 93121->93110 93122->93110 93123->93114 93125 7ff7774eb7dd RtlFreeHeap 93124->93125 93129 7ff7774eb80c 93124->93129 93126 7ff7774eb7f8 GetLastError 93125->93126 93125->93129 93127 7ff7774eb805 Concurrency::details::SchedulerProxy::DeleteThis 93126->93127 93130 7ff7774e5d98 11 API calls _get_daylight 93127->93130 93129->93110 93130->93129 93132 7ff7774d3b4c GetModuleFileNameW 93131->93132 93132->92865 93132->92866 93134 7ff7774da14f FindClose 93133->93134 93135 7ff7774da162 93133->93135 93134->93135 93136 7ff7774dd3e0 _log10_special 8 API calls 93135->93136 93137 7ff7774d3baa 93136->93137 93137->92871 93137->92872 93138->92869 93139->92880 93140->92885 93141->92878 93142->92869 93144 7ff7774e1594 93143->93144 93162 7ff7774e12f4 93144->93162 93146 7ff7774e15ad 93146->92906 93175 7ff7774e124c 93147->93175 93150->92911 93151->92945 93152->92917 93153->92945 93154->92923 93155->92945 93156->92934 93157->92945 93158->92941 93159->92945 93160->92942 93161->92945 93163 7ff7774e135e 93162->93163 93164 7ff7774e131e 93162->93164 93163->93164 93166 7ff7774e136a 93163->93166 93174 7ff7774eb6a4 37 API calls 2 library calls 93164->93174 93173 7ff7774e62fc EnterCriticalSection 93166->93173 93168 7ff7774e1345 93168->93146 93169 7ff7774e136f 93170 7ff7774e1478 71 API calls 93169->93170 93171 7ff7774e1381 93170->93171 93172 7ff7774e6308 _fread_nolock LeaveCriticalSection 93171->93172 93172->93168 93174->93168 93176 7ff7774e1276 93175->93176 93177 7ff7774d1a60 93175->93177 93176->93177 93178 7ff7774e1285 __scrt_get_show_window_mode 93176->93178 93179 7ff7774e12c2 93176->93179 93177->92914 93177->92915 93189 7ff7774e5d98 11 API calls _get_daylight 93178->93189 93188 7ff7774e62fc EnterCriticalSection 93179->93188 93182 7ff7774e12ca 93184 7ff7774e0fcc _fread_nolock 51 API calls 93182->93184 93183 7ff7774e129a 93190 7ff7774eb770 37 API calls _invalid_parameter_noinfo 93183->93190 93185 7ff7774e12e1 93184->93185 93187 7ff7774e6308 _fread_nolock LeaveCriticalSection 93185->93187 93187->93177 93189->93183 93190->93177 93191->92956 93193 7ff7774d2735 93192->93193 93194 7ff7774e5a68 48 API calls 93193->93194 93195 7ff7774d2758 93194->93195 93195->92968 93198 7ff7774e5ac2 93196->93198 93197 7ff7774e5ae7 93214 7ff7774eb6a4 37 API calls 2 library calls 93197->93214 93198->93197 93200 7ff7774e5b23 93198->93200 93215 7ff7774e3e20 48 API calls _invalid_parameter_noinfo 93200->93215 93202 7ff7774e5b11 93203 7ff7774dd3e0 _log10_special 8 API calls 93202->93203 93207 7ff7774d2933 OutputDebugStringW 93203->93207 93204 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 93204->93202 93205 7ff7774e5bbe 93206 7ff7774e5bd0 93205->93206 93208 7ff7774e5c04 93205->93208 93209 7ff7774e5c2a 93205->93209 93210 7ff7774e5bd9 93205->93210 93206->93208 93206->93210 93207->92971 93208->93204 93209->93208 93211 7ff7774e5c34 93209->93211 93212 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 93210->93212 93213 7ff7774eb7d8 Concurrency::details::SchedulerProxy::DeleteThis 11 API calls 93211->93213 93212->93202 93213->93202 93214->93202 93215->93205 93217 7ff7774d6a75 93216->93217 93218 7ff7774d1cc0 49 API calls 93217->93218 93219 7ff7774d6ab1 93218->93219 93220 7ff7774d6add 93219->93220 93221 7ff7774d6aba 93219->93221 93223 7ff7774d4cc0 49 API calls 93220->93223 93469 7ff7774d2960 56 API calls _log10_special 93221->93469 93224 7ff7774d6af5 93223->93224 93225 7ff7774d6b13 93224->93225 93470 7ff7774d2960 56 API calls _log10_special 93224->93470 93367 7ff7774d4bf0 93225->93367 93228 7ff7774dd3e0 _log10_special 8 API calls 93230 7ff7774d35ee 93228->93230 93230->92976 93251 7ff7774d6c20 93230->93251 93231 7ff7774d6b3c 93233 7ff7774d4cc0 49 API calls 93231->93233 93232 7ff7774d2770 53 API calls 93234 7ff7774d6b32 93232->93234 93235 7ff7774d6b55 93233->93235 93236 7ff7774d9e00 3 API calls 93234->93236 93237 7ff7774d6b7a 93235->93237 93238 7ff7774d6b5a 93235->93238 93236->93231 93239 7ff7774d2770 53 API calls 93237->93239 93471 7ff7774d2960 56 API calls _log10_special 93238->93471 93241 7ff7774d6b8e 93239->93241 93373 7ff7774d9e00 93241->93373 93242 7ff7774d6ad3 93242->93228 93244 7ff7774d6b9b 93245 7ff7774d6be6 93244->93245 93246 7ff7774d6ba7 93244->93246 93377 7ff7774d5ec0 GetProcAddress 93245->93377 93247 7ff7774da220 2 API calls 93246->93247 93249 7ff7774d6bbf GetLastError 93247->93249 93472 7ff7774d2ec0 52 API calls _log10_special 93249->93472 93474 7ff7774d5a90 93251->93474 93253 7ff7774d6c43 93254 7ff7774d6c4b 93253->93254 93255 7ff7774d6c5c 93253->93255 93499 7ff7774d2960 56 API calls _log10_special 93254->93499 93257 7ff7774d2770 53 API calls 93255->93257 93258 7ff7774d6c68 93257->93258 93481 7ff7774d5320 93258->93481 93261 7ff7774d6c74 93500 7ff7774d2960 56 API calls _log10_special 93261->93500 93262 7ff7774d6c85 93265 7ff7774d2770 53 API calls 93262->93265 93263 7ff7774d6c57 93263->92978 93266 7ff7774d6c91 93265->93266 93267 7ff7774d6ca1 93266->93267 93268 7ff7774d6cb2 93266->93268 93501 7ff7774d2960 56 API calls _log10_special 93267->93501 93270 7ff7774d2770 53 API calls 93268->93270 93271 7ff7774d6cbe 93270->93271 93272 7ff7774d2770 53 API calls 93271->93272 93273 7ff7774d6cda 93272->93273 93274 7ff7774d6ce9 93273->93274 93275 7ff7774d6cfa 93273->93275 93502 7ff7774d2960 56 API calls _log10_special 93274->93502 93277 7ff7774d2770 53 API calls 93275->93277 93278 7ff7774d6d06 93277->93278 93279 7ff7774d6d15 93278->93279 93280 7ff7774d6d26 93278->93280 93503 7ff7774d2960 56 API calls _log10_special 93279->93503 93282 7ff7774d2770 53 API calls 93280->93282 93283 7ff7774d6d32 93282->93283 93485 7ff7774d53e0 93283->93485 93286 7ff7774d6d41 93504 7ff7774d2960 56 API calls _log10_special 93286->93504 93287 7ff7774d6d52 93289 7ff7774d2770 53 API calls 93287->93289 93290 7ff7774d6d5e 93289->93290 93291 7ff7774d6d6d 93290->93291 93292 7ff7774d6d7e 93290->93292 93505 7ff7774d2960 56 API calls _log10_special 93291->93505 93294 7ff7774d2770 53 API calls 93292->93294 93295 7ff7774d6d8a 93294->93295 93296 7ff7774d6d9c 93295->93296 93297 7ff7774d6dad 93295->93297 93506 7ff7774d2960 56 API calls _log10_special 93296->93506 93299 7ff7774d2770 53 API calls 93297->93299 93301 7ff7774d6db9 93299->93301 93300 7ff7774d6de3 SetErrorMode 93302 7ff7774d6e03 SetErrorMode 93300->93302 93301->93300 93507 7ff7774e8140 73 API calls 93301->93507 93304 7ff7774d6e42 93302->93304 93304->93263 93509 7ff7774d2960 56 API calls _log10_special 93304->93509 93305 7ff7774d6dd1 93508 7ff7774e8140 73 API calls 93305->93508 93309 7ff7774d2770 53 API calls 93308->93309 93310 7ff7774d6720 93309->93310 93311 7ff7774d6759 93310->93311 93314 7ff7774d6775 93310->93314 93541 7ff7774d2960 56 API calls _log10_special 93311->93541 93313 7ff7774d6765 93313->92980 93315 7ff7774d2770 53 API calls 93314->93315 93320 7ff7774d67a7 __std_exception_destroy 93315->93320 93316 7ff7774d68a7 93316->92980 93318 7ff7774d2960 56 API calls 93318->93320 93319 7ff7774d2770 53 API calls 93319->93320 93320->93316 93320->93318 93320->93319 93511 7ff7774d1470 93320->93511 93322 7ff7774d2770 53 API calls 93321->93322 93324 7ff7774d68f5 93322->93324 93323 7ff7774d692d 93597 7ff7774d2960 56 API calls _log10_special 93323->93597 93324->93323 93327 7ff7774d694e 93324->93327 93326 7ff7774d6939 93326->92982 93328 7ff7774d69c8 93327->93328 93329 7ff7774d69e9 93327->93329 93598 7ff7774d2960 56 API calls _log10_special 93328->93598 93332 7ff7774d6a1d 93329->93332 93333 7ff7774d6a3e 93329->93333 93331 7ff7774d69d4 93331->92982 93599 7ff7774d2960 56 API calls _log10_special 93332->93599 93335 7ff7774d2770 53 API calls 93333->93335 93337 7ff7774d6a4a 93335->93337 93336 7ff7774d6a29 93336->92982 93337->92982 93339 7ff7774d3260 93338->93339 93340 7ff7774d32b1 93339->93340 93341 7ff7774d329b 93339->93341 93343 7ff7774d32d1 93340->93343 93355 7ff7774d32e7 __std_exception_destroy 93340->93355 93614 7ff7774d2960 56 API calls _log10_special 93341->93614 93615 7ff7774d2960 56 API calls _log10_special 93343->93615 93345 7ff7774dd3e0 _log10_special 8 API calls 93347 7ff7774d3479 93345->93347 93346 7ff7774d32a7 __std_exception_destroy 93346->93345 93347->92985 93348 7ff7774d1470 118 API calls 93348->93355 93349 7ff7774d35c8 93620 7ff7774d2960 56 API calls _log10_special 93349->93620 93350 7ff7774d1cc0 49 API calls 93350->93355 93352 7ff7774d35b2 93619 7ff7774d2960 56 API calls _log10_special 93352->93619 93354 7ff7774d2770 53 API calls 93354->93355 93355->93346 93355->93348 93355->93349 93355->93350 93355->93352 93355->93354 93356 7ff7774d358c 93355->93356 93358 7ff7774d3486 93355->93358 93618 7ff7774d2960 56 API calls _log10_special 93356->93618 93359 7ff7774d34f2 93358->93359 93616 7ff7774eb294 37 API calls 2 library calls 93358->93616 93361 7ff7774d350f 93359->93361 93362 7ff7774d351d 93359->93362 93617 7ff7774eb294 37 API calls 2 library calls 93361->93617 93600 7ff7774d3040 93362->93600 93365 7ff7774d351b 93604 7ff7774d2540 93365->93604 93368 7ff7774d4bfa 93367->93368 93369 7ff7774da220 2 API calls 93368->93369 93370 7ff7774d4c1f 93369->93370 93371 7ff7774dd3e0 _log10_special 8 API calls 93370->93371 93372 7ff7774d4c47 93371->93372 93372->93231 93372->93232 93374 7ff7774da220 2 API calls 93373->93374 93375 7ff7774d9e14 LoadLibraryExW 93374->93375 93376 7ff7774d9e33 __std_exception_destroy 93375->93376 93376->93244 93378 7ff7774d5f0f GetProcAddress 93377->93378 93379 7ff7774d5ee2 GetLastError 93377->93379 93380 7ff7774d5f2b GetLastError 93378->93380 93381 7ff7774d5f3a GetProcAddress 93378->93381 93382 7ff7774d5eef 93379->93382 93380->93382 93383 7ff7774d5f65 GetProcAddress 93381->93383 93384 7ff7774d5f56 GetLastError 93381->93384 93473 7ff7774d2ec0 52 API calls _log10_special 93382->93473 93387 7ff7774d5f93 GetProcAddress 93383->93387 93388 7ff7774d5f81 GetLastError 93383->93388 93384->93382 93386 7ff7774d5f04 93386->93242 93389 7ff7774d5faf GetLastError 93387->93389 93390 7ff7774d5fc1 GetProcAddress 93387->93390 93388->93382 93389->93382 93391 7ff7774d5fef GetProcAddress 93390->93391 93392 7ff7774d5fdd GetLastError 93390->93392 93393 7ff7774d600b GetLastError 93391->93393 93394 7ff7774d601d GetProcAddress 93391->93394 93392->93382 93393->93394 93395 7ff7774d604b GetProcAddress 93394->93395 93396 7ff7774d6039 GetLastError 93394->93396 93397 7ff7774d6067 GetLastError 93395->93397 93398 7ff7774d6079 GetProcAddress 93395->93398 93396->93395 93397->93398 93399 7ff7774d6095 GetLastError 93398->93399 93400 7ff7774d60a7 GetProcAddress 93398->93400 93399->93400 93401 7ff7774d60c3 GetLastError 93400->93401 93402 7ff7774d60d5 GetProcAddress 93400->93402 93401->93402 93403 7ff7774d6103 GetProcAddress 93402->93403 93404 7ff7774d60f1 GetLastError 93402->93404 93405 7ff7774d611f GetLastError 93403->93405 93406 7ff7774d6131 GetProcAddress 93403->93406 93404->93403 93405->93406 93407 7ff7774d615f GetProcAddress 93406->93407 93408 7ff7774d614d GetLastError 93406->93408 93409 7ff7774d617b GetLastError 93407->93409 93410 7ff7774d618d GetProcAddress 93407->93410 93408->93407 93409->93410 93411 7ff7774d61bb GetProcAddress 93410->93411 93412 7ff7774d61a9 GetLastError 93410->93412 93413 7ff7774d61d7 GetLastError 93411->93413 93414 7ff7774d61e9 GetProcAddress 93411->93414 93412->93411 93413->93414 93415 7ff7774d6205 GetLastError 93414->93415 93416 7ff7774d6217 GetProcAddress 93414->93416 93415->93416 93417 7ff7774d6233 GetLastError 93416->93417 93418 7ff7774d6245 GetProcAddress 93416->93418 93417->93418 93419 7ff7774d6273 GetProcAddress 93418->93419 93420 7ff7774d6261 GetLastError 93418->93420 93421 7ff7774d628f GetLastError 93419->93421 93422 7ff7774d62a1 GetProcAddress 93419->93422 93420->93419 93421->93422 93423 7ff7774d62cf GetProcAddress 93422->93423 93424 7ff7774d62bd GetLastError 93422->93424 93425 7ff7774d62eb GetLastError 93423->93425 93426 7ff7774d62fd GetProcAddress 93423->93426 93424->93423 93425->93426 93427 7ff7774d632b GetProcAddress 93426->93427 93428 7ff7774d6319 GetLastError 93426->93428 93429 7ff7774d6347 GetLastError 93427->93429 93430 7ff7774d6359 GetProcAddress 93427->93430 93428->93427 93429->93430 93431 7ff7774d6375 GetLastError 93430->93431 93432 7ff7774d6387 GetProcAddress 93430->93432 93431->93432 93433 7ff7774d63a3 GetLastError 93432->93433 93434 7ff7774d63b5 GetProcAddress 93432->93434 93433->93434 93435 7ff7774d63e3 GetProcAddress 93434->93435 93436 7ff7774d63d1 GetLastError 93434->93436 93437 7ff7774d63ff GetLastError 93435->93437 93438 7ff7774d6411 GetProcAddress 93435->93438 93436->93435 93437->93438 93439 7ff7774d643f GetProcAddress 93438->93439 93440 7ff7774d642d GetLastError 93438->93440 93441 7ff7774d645b GetLastError 93439->93441 93442 7ff7774d646d GetProcAddress 93439->93442 93440->93439 93441->93442 93443 7ff7774d649b GetProcAddress 93442->93443 93444 7ff7774d6489 GetLastError 93442->93444 93445 7ff7774d64b7 GetLastError 93443->93445 93446 7ff7774d64c9 GetProcAddress 93443->93446 93444->93443 93445->93446 93447 7ff7774d64e5 GetLastError 93446->93447 93448 7ff7774d64f7 GetProcAddress 93446->93448 93447->93448 93449 7ff7774d6513 GetLastError 93448->93449 93450 7ff7774d6525 GetProcAddress 93448->93450 93449->93450 93451 7ff7774d6553 GetProcAddress 93450->93451 93452 7ff7774d6541 GetLastError 93450->93452 93453 7ff7774d656f GetLastError 93451->93453 93454 7ff7774d6581 GetProcAddress 93451->93454 93452->93451 93453->93454 93455 7ff7774d65af GetProcAddress 93454->93455 93456 7ff7774d659d GetLastError 93454->93456 93457 7ff7774d65cb GetLastError 93455->93457 93458 7ff7774d65dd GetProcAddress 93455->93458 93456->93455 93457->93458 93459 7ff7774d660b GetProcAddress 93458->93459 93460 7ff7774d65f9 GetLastError 93458->93460 93461 7ff7774d6627 GetLastError 93459->93461 93462 7ff7774d6639 GetProcAddress 93459->93462 93460->93459 93461->93462 93463 7ff7774d6655 GetLastError 93462->93463 93464 7ff7774d6667 GetProcAddress 93462->93464 93463->93464 93465 7ff7774d6683 GetLastError 93464->93465 93466 7ff7774d6695 93464->93466 93465->93466 93467 7ff7774d2770 53 API calls 93466->93467 93468 7ff7774d66a1 93467->93468 93468->93242 93469->93242 93470->93225 93471->93242 93472->93242 93473->93386 93476 7ff7774d5abc 93474->93476 93475 7ff7774d5ac4 93475->93253 93476->93475 93479 7ff7774d5c64 93476->93479 93510 7ff7774e7934 48 API calls 93476->93510 93477 7ff7774d5e27 __std_exception_destroy 93477->93253 93478 7ff7774d4e60 47 API calls 93478->93479 93479->93477 93479->93478 93482 7ff7774d5350 93481->93482 93483 7ff7774dd3e0 _log10_special 8 API calls 93482->93483 93484 7ff7774d53ba 93483->93484 93484->93261 93484->93262 93486 7ff7774d53f5 93485->93486 93487 7ff7774d1cc0 49 API calls 93486->93487 93488 7ff7774d5441 93487->93488 93489 7ff7774d54c3 __std_exception_destroy 93488->93489 93490 7ff7774d1cc0 49 API calls 93488->93490 93491 7ff7774dd3e0 _log10_special 8 API calls 93489->93491 93492 7ff7774d5480 93490->93492 93493 7ff7774d550e 93491->93493 93492->93489 93494 7ff7774da220 2 API calls 93492->93494 93493->93286 93493->93287 93495 7ff7774d5496 93494->93495 93496 7ff7774da220 2 API calls 93495->93496 93497 7ff7774d54ad 93496->93497 93498 7ff7774da220 2 API calls 93497->93498 93498->93489 93499->93263 93500->93263 93501->93263 93502->93263 93503->93263 93504->93263 93505->93263 93506->93263 93507->93305 93508->93300 93509->93263 93510->93476 93512 7ff7774d4c50 108 API calls 93511->93512 93513 7ff7774d1493 93512->93513 93514 7ff7774d149b 93513->93514 93515 7ff7774d14bc 93513->93515 93564 7ff7774d2960 56 API calls _log10_special 93514->93564 93517 7ff7774e1564 73 API calls 93515->93517 93519 7ff7774d14d1 93517->93519 93518 7ff7774d14ab 93518->93320 93520 7ff7774d14d5 93519->93520 93522 7ff7774d14f8 93519->93522 93565 7ff7774e5d98 11 API calls _get_daylight 93520->93565 93524 7ff7774d1532 93522->93524 93525 7ff7774d1508 93522->93525 93523 7ff7774d14da 93566 7ff7774d2b70 56 API calls _log10_special 93523->93566 93528 7ff7774d1538 93524->93528 93536 7ff7774d154b 93524->93536 93567 7ff7774e5d98 11 API calls _get_daylight 93525->93567 93542 7ff7774d1210 93528->93542 93529 7ff7774d1510 93568 7ff7774d2b70 56 API calls _log10_special 93529->93568 93532 7ff7774e0edc 74 API calls 93535 7ff7774d15c4 93532->93535 93533 7ff7774d14f3 __std_exception_destroy 93533->93532 93534 7ff7774e122c _fread_nolock 53 API calls 93534->93536 93535->93320 93536->93533 93536->93534 93537 7ff7774d15d6 93536->93537 93569 7ff7774e5d98 11 API calls _get_daylight 93537->93569 93539 7ff7774d15db 93570 7ff7774d2b70 56 API calls _log10_special 93539->93570 93541->93313 93543 7ff7774d1268 93542->93543 93544 7ff7774d126f 93543->93544 93545 7ff7774d1297 93543->93545 93575 7ff7774d2960 56 API calls _log10_special 93544->93575 93548 7ff7774d12d4 93545->93548 93549 7ff7774d12b1 93545->93549 93547 7ff7774d1282 93547->93533 93552 7ff7774d12e6 93548->93552 93562 7ff7774d1309 memcpy_s 93548->93562 93576 7ff7774e5d98 11 API calls _get_daylight 93549->93576 93551 7ff7774d12b6 93577 7ff7774d2b70 56 API calls _log10_special 93551->93577 93578 7ff7774e5d98 11 API calls _get_daylight 93552->93578 93555 7ff7774d12eb 93579 7ff7774d2b70 56 API calls _log10_special 93555->93579 93556 7ff7774e122c _fread_nolock 53 API calls 93556->93562 93558 7ff7774d12cf __std_exception_destroy 93558->93533 93559 7ff7774d13cf 93580 7ff7774d2960 56 API calls _log10_special 93559->93580 93562->93556 93562->93558 93562->93559 93563 7ff7774e0fa0 37 API calls 93562->93563 93571 7ff7774e196c 93562->93571 93563->93562 93564->93518 93565->93523 93566->93533 93567->93529 93568->93533 93569->93539 93570->93533 93572 7ff7774e199c 93571->93572 93581 7ff7774e16bc 93572->93581 93574 7ff7774e19ba 93574->93562 93575->93547 93576->93551 93577->93558 93578->93555 93579->93558 93580->93558 93582 7ff7774e16dc 93581->93582 93583 7ff7774e1709 93581->93583 93582->93583 93584 7ff7774e16e6 93582->93584 93585 7ff7774e1711 93582->93585 93583->93574 93595 7ff7774eb6a4 37 API calls 2 library calls 93584->93595 93588 7ff7774e15fc 93585->93588 93596 7ff7774e62fc EnterCriticalSection 93588->93596 93590 7ff7774e1619 93591 7ff7774e163c 74 API calls 93590->93591 93592 7ff7774e1622 93591->93592 93593 7ff7774e6308 _fread_nolock LeaveCriticalSection 93592->93593 93594 7ff7774e162d 93593->93594 93594->93583 93595->93583 93597->93326 93598->93331 93599->93336 93603 7ff7774d3074 93600->93603 93601 7ff7774d31df 93601->93365 93603->93601 93621 7ff7774eb294 37 API calls 2 library calls 93603->93621 93605 7ff7774d256c 93604->93605 93606 7ff7774d2576 93604->93606 93607 7ff7774da220 2 API calls 93605->93607 93608 7ff7774d258b 93606->93608 93609 7ff7774da220 2 API calls 93606->93609 93607->93606 93610 7ff7774d25a0 93608->93610 93611 7ff7774da220 2 API calls 93608->93611 93609->93608 93622 7ff7774d23d0 93610->93622 93611->93610 93613 7ff7774d25bc __std_exception_destroy 93613->93346 93614->93346 93615->93346 93616->93359 93617->93365 93618->93346 93619->93346 93620->93346 93621->93601 93623 7ff7774dd6e0 93622->93623 93624 7ff7774d23e9 GetModuleHandleW 93623->93624 93625 7ff7774d2425 __scrt_get_show_window_mode 93624->93625 93641 7ff7774d2600 93625->93641 93627 7ff7774d246b __scrt_get_show_window_mode 93645 7ff7774e87fc 93627->93645 93630 7ff7774e87fc 37 API calls 93631 7ff7774d249e 93630->93631 93632 7ff7774e87fc 37 API calls 93631->93632 93633 7ff7774d24ab DialogBoxIndirectParamW 93632->93633 93634 7ff7774d24e1 __std_exception_destroy 93633->93634 93635 7ff7774d2501 DeleteObject 93634->93635 93636 7ff7774d2507 93634->93636 93635->93636 93637 7ff7774d2513 DestroyIcon 93636->93637 93638 7ff7774d2519 93636->93638 93637->93638 93639 7ff7774dd3e0 _log10_special 8 API calls 93638->93639 93640 7ff7774d252a 93639->93640 93640->93613 93642 7ff7774d2625 93641->93642 93643 7ff7774e5a68 48 API calls 93642->93643 93644 7ff7774d2644 93643->93644 93644->93627 93646 7ff7774e881a 93645->93646 93649 7ff7774d2491 93645->93649 93646->93649 93653 7ff7774f1304 37 API calls 2 library calls 93646->93653 93648 7ff7774e8849 93648->93649 93650 7ff7774e8869 93648->93650 93649->93630 93654 7ff7774eb790 17 API calls _isindst 93650->93654 93653->93648 93656 7ff7774d391e 93655->93656 93657 7ff7774d66bd 93655->93657 93656->92990 93656->92991 93657->93656 93658 7ff7774d2770 53 API calls 93657->93658 93658->93656 93659->92990 93660->92999 93661->93004 93662->93021 93663->93022 93665 7ff7774e6d58 93664->93665 93666 7ff7774e6d7e 93665->93666 93669 7ff7774e6db1 93665->93669 93695 7ff7774e5d98 11 API calls _get_daylight 93666->93695 93668 7ff7774e6d83 93696 7ff7774eb770 37 API calls _invalid_parameter_noinfo 93668->93696 93670 7ff7774e6dc4 93669->93670 93671 7ff7774e6db7 93669->93671 93683 7ff7774ebab8 93670->93683 93697 7ff7774e5d98 11 API calls _get_daylight 93671->93697 93676 7ff7774d4ca6 93676->93039 93677 7ff7774e6de5 93690 7ff7774f0d5c 93677->93690 93678 7ff7774e6dd8 93698 7ff7774e5d98 11 API calls _get_daylight 93678->93698 93681 7ff7774e6df8 93699 7ff7774e6308 LeaveCriticalSection 93681->93699 93700 7ff7774f1168 EnterCriticalSection 93683->93700 93685 7ff7774ebacf 93686 7ff7774ebb2c 19 API calls 93685->93686 93687 7ff7774ebada 93686->93687 93688 7ff7774f11c8 _isindst LeaveCriticalSection 93687->93688 93689 7ff7774e6dce 93688->93689 93689->93677 93689->93678 93701 7ff7774f0a58 93690->93701 93693 7ff7774f0db6 93693->93681 93695->93668 93696->93676 93697->93676 93698->93676 93706 7ff7774f0a93 __vcrt_FlsAlloc 93701->93706 93702 7ff7774f0c5a 93707 7ff7774f0c63 93702->93707 93719 7ff7774e5d98 11 API calls _get_daylight 93702->93719 93704 7ff7774f0d31 93720 7ff7774eb770 37 API calls _invalid_parameter_noinfo 93704->93720 93706->93702 93716 7ff7774e88cc 51 API calls 3 library calls 93706->93716 93707->93693 93713 7ff7774f7be4 93707->93713 93709 7ff7774f0cc5 93709->93702 93717 7ff7774e88cc 51 API calls 3 library calls 93709->93717 93711 7ff7774f0ce4 93711->93702 93718 7ff7774e88cc 51 API calls 3 library calls 93711->93718 93721 7ff7774f71e4 93713->93721 93716->93709 93717->93711 93718->93702 93719->93704 93720->93707 93722 7ff7774f71fb 93721->93722 93723 7ff7774f7219 93721->93723 93775 7ff7774e5d98 11 API calls _get_daylight 93722->93775 93723->93722 93725 7ff7774f7235 93723->93725 93732 7ff7774f77f4 93725->93732 93726 7ff7774f7200 93776 7ff7774eb770 37 API calls _invalid_parameter_noinfo 93726->93776 93730 7ff7774f720c 93730->93693 93778 7ff7774f7528 93732->93778 93735 7ff7774f7881 93798 7ff7774e93b0 93735->93798 93736 7ff7774f7869 93810 7ff7774e5d78 11 API calls _get_daylight 93736->93810 93753 7ff7774f7260 93753->93730 93777 7ff7774e9388 LeaveCriticalSection 93753->93777 93755 7ff7774f786e 93811 7ff7774e5d98 11 API calls _get_daylight 93755->93811 93775->93726 93776->93730 93779 7ff7774f7554 93778->93779 93783 7ff7774f756e 93778->93783 93779->93783 93823 7ff7774e5d98 11 API calls _get_daylight 93779->93823 93781 7ff7774f7563 93824 7ff7774eb770 37 API calls _invalid_parameter_noinfo 93781->93824 93785 7ff7774f75ec 93783->93785 93825 7ff7774e5d98 11 API calls _get_daylight 93783->93825 93784 7ff7774f763d 93796 7ff7774f769a 93784->93796 93829 7ff7774eaa08 37 API calls 2 library calls 93784->93829 93785->93784 93827 7ff7774e5d98 11 API calls _get_daylight 93785->93827 93788 7ff7774f7696 93791 7ff7774f7718 93788->93791 93788->93796 93790 7ff7774f7632 93828 7ff7774eb770 37 API calls _invalid_parameter_noinfo 93790->93828 93830 7ff7774eb790 17 API calls _isindst 93791->93830 93792 7ff7774f75e1 93826 7ff7774eb770 37 API calls _invalid_parameter_noinfo 93792->93826 93796->93735 93796->93736 93831 7ff7774f1168 EnterCriticalSection 93798->93831 93810->93755 93811->93753 93823->93781 93824->93783 93825->93792 93826->93785 93827->93790 93828->93784 93829->93788 93833 7ff7774e8788 93832->93833 93836 7ff7774e8264 93833->93836 93835 7ff7774e87a1 93835->93052 93837 7ff7774e827f 93836->93837 93838 7ff7774e82ae 93836->93838 93847 7ff7774eb6a4 37 API calls 2 library calls 93837->93847 93846 7ff7774e62fc EnterCriticalSection 93838->93846 93841 7ff7774e829f 93841->93835 93842 7ff7774e82b3 93843 7ff7774e82d0 38 API calls 93842->93843 93844 7ff7774e82bf 93843->93844 93845 7ff7774e6308 _fread_nolock LeaveCriticalSection 93844->93845 93845->93841 93847->93841 93849 7ff7774e0cd3 93848->93849 93850 7ff7774e0d01 93848->93850 93859 7ff7774eb6a4 37 API calls 2 library calls 93849->93859 93852 7ff7774e0cf3 93850->93852 93858 7ff7774e62fc EnterCriticalSection 93850->93858 93852->93064 93854 7ff7774e0d18 93855 7ff7774e0d34 72 API calls 93854->93855 93856 7ff7774e0d24 93855->93856 93857 7ff7774e6308 _fread_nolock LeaveCriticalSection 93856->93857 93857->93852 93859->93852 93860->93099 93898 7ff7774e64b8 93899 7ff7774e64ef 93898->93899 93900 7ff7774e64d2 93898->93900 93899->93900 93902 7ff7774e6502 CreateFileW 93899->93902 93923 7ff7774e5d78 11 API calls _get_daylight 93900->93923 93904 7ff7774e6536 93902->93904 93905 7ff7774e656c 93902->93905 93903 7ff7774e64d7 93924 7ff7774e5d98 11 API calls _get_daylight 93903->93924 93926 7ff7774e660c 59 API calls 3 library calls 93904->93926 93927 7ff7774e6a94 46 API calls 3 library calls 93905->93927 93909 7ff7774e6571 93912 7ff7774e6575 93909->93912 93913 7ff7774e65a0 93909->93913 93910 7ff7774e64df 93925 7ff7774eb770 37 API calls _invalid_parameter_noinfo 93910->93925 93911 7ff7774e6544 93915 7ff7774e6561 CloseHandle 93911->93915 93916 7ff7774e654b CloseHandle 93911->93916 93928 7ff7774e5d0c 11 API calls 2 library calls 93912->93928 93929 7ff7774e6854 51 API calls 93913->93929 93917 7ff7774e64ea 93915->93917 93916->93917 93920 7ff7774e65ad 93930 7ff7774e6990 21 API calls _fread_nolock 93920->93930 93922 7ff7774e657f 93922->93917 93923->93903 93924->93910 93925->93917 93926->93911 93927->93909 93928->93922 93929->93920 93930->93922 93862 7ff8b8f746e0 PyImport_ImportModuleLevelObject 93863 7ff8b8f74882 93862->93863 93874 7ff8b8f74723 93862->93874 93864 7ff8b8f74750 PyObject_GetAttr 93865 7ff8b8f7476b PyUnicode_FromFormat 93864->93865 93864->93874 93866 7ff8b8f7478f PyObject_GetItem 93865->93866 93867 7ff8b8f74811 PyErr_Clear PyModule_GetFilenameObject PyUnicode_FromFormat PyErr_SetImportError 93865->93867 93872 7ff8b8f747a4 _Py_Dealloc 93866->93872 93866->93874 93870 7ff8b8f7485b _Py_Dealloc 93867->93870 93871 7ff8b8f74864 93867->93871 93868 7ff8b8f747c8 PyDict_SetItem 93868->93874 93869 7ff8b8f747d0 PyObject_SetItem 93869->93874 93870->93871 93875 7ff8b8f7486a _Py_Dealloc 93871->93875 93876 7ff8b8f74873 93871->93876 93872->93874 93873 7ff8b8f747de _Py_Dealloc 93873->93874 93874->93863 93874->93864 93874->93867 93874->93868 93874->93869 93874->93873 93874->93876 93875->93876 93876->93863 93877 7ff8b8f74879 _Py_Dealloc 93876->93877 93877->93863 93931 7ff8b8f78d30 93932 7ff8b8f78d4a 93931->93932 93933 7ff8b8f78d58 PyModule_Create2 93931->93933 93934 7ff8b8f78d7d PyObject_GetAttrString PyModule_GetDict 93933->93934 93935 7ff8b8f78e2e 93933->93935 93934->93935 93942 7ff8b8f78daa 93934->93942 93936 7ff8b8f78e4d 93935->93936 93937 7ff8b8f78e47 _Py_Dealloc 93935->93937 93938 7ff8b8f78e61 93936->93938 93939 7ff8b8f78e58 _Py_Dealloc 93936->93939 93937->93936 93940 7ff8b8f78e80 93938->93940 93943 7ff8b8f78e7a _Py_Dealloc 93938->93943 93939->93938 93941 7ff8b8f78e9f 93940->93941 93944 7ff8b8f78e99 _Py_Dealloc 93940->93944 93946 7ff8b8f78ebe 93941->93946 93949 7ff8b8f78eb8 _Py_Dealloc 93941->93949 93942->93935 93945 7ff8b8f78e0d 93942->93945 93943->93940 93944->93941 93947 7ff8b8f78e1c 93945->93947 93948 7ff8b8f78e13 _Py_Dealloc 93945->93948 93950 7ff8b8f78edd 93946->93950 93951 7ff8b8f78ed7 _Py_Dealloc 93946->93951 93948->93947 93949->93946 93952 7ff8b8f78efc 93950->93952 93953 7ff8b8f78ef6 _Py_Dealloc 93950->93953 93951->93950 93954 7ff8b8f78f1b 93952->93954 93956 7ff8b8f78f15 _Py_Dealloc 93952->93956 93953->93952 93955 7ff8b8f78f3a 93954->93955 93957 7ff8b8f78f34 _Py_Dealloc 93954->93957 93958 7ff8b8f78f59 93955->93958 93959 7ff8b8f78f53 _Py_Dealloc 93955->93959 93956->93954 93957->93955 93960 7ff8b8f78f78 93958->93960 93961 7ff8b8f78f72 _Py_Dealloc 93958->93961 93959->93958 93962 7ff8b8f78f97 93960->93962 93963 7ff8b8f78f91 _Py_Dealloc 93960->93963 93961->93960 93963->93962

                                                                                                                                                                                                Executed Functions

                                                                                                                                                                                                Function 00007FF7774D1000 Relevance: 119.6, APIs: 5, Strings: 63, Instructions: 555COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 92 7ff7774d1000-7ff7774d3cc4 call 7ff7774e0ca8 call 7ff7774e0cb0 call 7ff7774dd6e0 call 7ff7774e6280 call 7ff7774e6314 call 7ff7774d2770 call 7ff7774d3b40 108 7ff7774d3cc6-7ff7774d3ccb 92->108 109 7ff7774d3cd0-7ff7774d3d05 call 7ff7774d2770 * 2 call 7ff7774d1950 92->109 110 7ff7774d4628-7ff7774d4642 call 7ff7774dd3e0 108->110 119 7ff7774d3e2b-7ff7774d3e4c call 7ff7774d2770 call 7ff7774d4c50 109->119 120 7ff7774d3d0b-7ff7774d3d24 call 7ff7774d1cc0 109->120 129 7ff7774d3e55-7ff7774d3e81 call 7ff7774d88f0 119->129 130 7ff7774d3e4e-7ff7774d3e53 119->130 123 7ff7774d3d29-7ff7774d3d99 call 7ff7774d2770 * 2 call 7ff7774d9640 120->123 143 7ff7774d3dc1-7ff7774d3dcf call 7ff7774e5dc0 123->143 144 7ff7774d3d9b-7ff7774d3d9e 123->144 138 7ff7774d3e83-7ff7774d3e8b call 7ff7774e0edc 129->138 139 7ff7774d3eb5-7ff7774d3eda call 7ff7774d1cc0 129->139 133 7ff7774d3e90-7ff7774d3eb0 call 7ff7774d2770 call 7ff7774d2960 130->133 156 7ff7774d4620 133->156 138->133 153 7ff7774d3ee0-7ff7774d3ee9 139->153 159 7ff7774d3dd5-7ff7774d3de7 call 7ff7774d9640 143->159 160 7ff7774d3f79-7ff7774d3fa7 call 7ff7774d9750 call 7ff7774d97b0 * 3 143->160 149 7ff7774d3db5-7ff7774d3dbc call 7ff7774d97b0 144->149 150 7ff7774d3da0-7ff7774d3da4 144->150 149->143 150->149 155 7ff7774d3da6-7ff7774d3db2 call 7ff7774d2770 150->155 153->153 158 7ff7774d3eeb-7ff7774d3f17 call 7ff7774d2770 call 7ff7774d1950 153->158 155->149 156->110 158->123 178 7ff7774d3f1d-7ff7774d3f34 call 7ff7774d2960 158->178 171 7ff7774d3f65-7ff7774d3f74 call 7ff7774d2770 call 7ff7774e5dc0 159->171 172 7ff7774d3ded-7ff7774d3e05 call 7ff7774d2770 159->172 191 7ff7774d3fac-7ff7774d3fc3 call 7ff7774d9640 160->191 171->160 183 7ff7774d3e10-7ff7774d3e16 172->183 178->156 187 7ff7774d3e1c-7ff7774d3e21 183->187 188 7ff7774d3f39-7ff7774d3f3b 183->188 187->183 189 7ff7774d3e23-7ff7774d3e26 187->189 190 7ff7774d3f3e-7ff7774d3f52 call 7ff7774d2770 188->190 189->190 194 7ff7774d3f57-7ff7774d3f61 call 7ff7774e5dc0 190->194 197 7ff7774d40d5-7ff7774d40e3 191->197 198 7ff7774d3fc9-7ff7774d3fcc 191->198 194->191 206 7ff7774d3f63 194->206 200 7ff7774d3fec 197->200 201 7ff7774d40e9-7ff7774d40ec 197->201 198->197 199 7ff7774d3fd2-7ff7774d3fd5 198->199 203 7ff7774d40a1-7ff7774d40a4 199->203 204 7ff7774d3fdb-7ff7774d3fdf 199->204 205 7ff7774d3ff0-7ff7774d401d call 7ff7774e5dc0 call 7ff7774d2770 200->205 201->205 208 7ff7774d40a6-7ff7774d40aa 203->208 209 7ff7774d40bc-7ff7774d40d0 call 7ff7774d2960 203->209 204->203 207 7ff7774d3fe5 204->207 218 7ff7774d401f-7ff7774d4033 call 7ff7774d9750 205->218 219 7ff7774d4038-7ff7774d404d 205->219 206->160 207->200 208->209 211 7ff7774d40ac-7ff7774d40b7 208->211 217 7ff7774d4600-7ff7774d4618 209->217 211->205 217->156 218->219 221 7ff7774d4053-7ff7774d4057 219->221 222 7ff7774d4177-7ff7774d4189 call 7ff7774d9640 219->222 223 7ff7774d415c-7ff7774d4171 call 7ff7774d1940 221->223 224 7ff7774d405d-7ff7774d4075 call 7ff7774e60e0 221->224 231 7ff7774d418b-7ff7774d4191 222->231 232 7ff7774d41a8-7ff7774d41b7 call 7ff7774e5dc0 222->232 223->221 223->222 233 7ff7774d40f1-7ff7774d4109 call 7ff7774e60e0 224->233 234 7ff7774d4077-7ff7774d408f call 7ff7774e60e0 224->234 236 7ff7774d4193-7ff7774d419b 231->236 237 7ff7774d419d-7ff7774d41a2 231->237 242 7ff7774d42f4-7ff7774d4315 call 7ff7774d4b70 232->242 243 7ff7774d41bd-7ff7774d41c3 232->243 249 7ff7774d4116-7ff7774d412e call 7ff7774e60e0 233->249 250 7ff7774d410b-7ff7774d410f 233->250 234->223 245 7ff7774d4095-7ff7774d409c 234->245 236->237 237->232 255 7ff7774d4323-7ff7774d4334 call 7ff7774d1cc0 242->255 256 7ff7774d4317-7ff7774d4321 call 7ff7774d4cc0 242->256 246 7ff7774d4258-7ff7774d4273 call 7ff7774d2770 243->246 247 7ff7774d41c9-7ff7774d41f0 call 7ff7774d2770 * 2 call 7ff7774d9e70 243->247 245->223 259 7ff7774d4278-7ff7774d428a call 7ff7774d9640 246->259 285 7ff7774d41f2-7ff7774d4203 call 7ff7774d2960 247->285 286 7ff7774d4208-7ff7774d4225 call 7ff7774d2770 call 7ff7774d9450 247->286 260 7ff7774d4130-7ff7774d4134 249->260 261 7ff7774d413b-7ff7774d4153 call 7ff7774e60e0 249->261 250->249 268 7ff7774d4339-7ff7774d4356 call 7ff7774d2770 255->268 256->268 274 7ff7774d428c-7ff7774d428f 259->274 275 7ff7774d42de-7ff7774d42ef call 7ff7774d2960 259->275 260->261 261->223 277 7ff7774d4155 261->277 282 7ff7774d43b5-7ff7774d43cb call 7ff7774da220 268->282 283 7ff7774d4358-7ff7774d435f 268->283 274->275 276 7ff7774d4291-7ff7774d42b4 call 7ff7774d1cc0 274->276 292 7ff7774d45f8 275->292 294 7ff7774d42d4-7ff7774d42dc call 7ff7774e5dc0 276->294 295 7ff7774d42b6-7ff7774d42cf call 7ff7774d2960 call 7ff7774e5dc0 276->295 277->223 301 7ff7774d43e3-7ff7774d440f call 7ff7774d2880 SetDllDirectoryW 282->301 302 7ff7774d43cd-7ff7774d43de call 7ff7774d2960 282->302 283->282 290 7ff7774d4361-7ff7774d4364 283->290 285->292 311 7ff7774d423d-7ff7774d4253 call 7ff7774d2770 286->311 312 7ff7774d4227-7ff7774d4238 call 7ff7774d2960 286->312 290->282 297 7ff7774d4366-7ff7774d43a7 SetDllDirectoryW call 7ff7774d2880 LoadLibraryExW 290->297 292->217 294->268 295->292 316 7ff7774d43b0 call 7ff7774d2880 297->316 317 7ff7774d43a9 297->317 322 7ff7774d4411-7ff7774d4418 301->322 323 7ff7774d441d-7ff7774d442c call 7ff7774d9640 301->323 302->292 311->268 312->292 316->282 317->316 326 7ff7774d44a7 call 7ff7774d2770 322->326 331 7ff7774d4445-7ff7774d444f call 7ff7774e5dc0 323->331 332 7ff7774d442e-7ff7774d4434 323->332 330 7ff7774d44ac-7ff7774d44b3 326->330 334 7ff7774d458c-7ff7774d4593 330->334 335 7ff7774d44b9-7ff7774d44c0 330->335 342 7ff7774d4451-7ff7774d446c call 7ff7774d2770 call 7ff7774d9750 331->342 343 7ff7774d446e-7ff7774d4474 331->343 336 7ff7774d4436-7ff7774d443e 332->336 337 7ff7774d4440-7ff7774d4442 332->337 340 7ff7774d4595-7ff7774d45b2 PostMessageW GetMessageW 334->340 341 7ff7774d45b8-7ff7774d45f1 call 7ff7774d3960 call 7ff7774d35e0 call 7ff7774d3910 call 7ff7774d77e0 call 7ff7774d7590 call 7ff7774d2770 334->341 335->334 339 7ff7774d44c6-7ff7774d44ce call 7ff7774d3970 335->339 336->337 337->331 339->292 340->341 381 7ff7774d45f6 341->381 342->330 348 7ff7774d4493-7ff7774d449a 343->348 349 7ff7774d4476-7ff7774d4491 call 7ff7774d2770 call 7ff7774d9750 343->349 351 7ff7774d44d3-7ff7774d44d5 348->351 352 7ff7774d449c-7ff7774d449e 348->352 349->330 356 7ff7774d44a0 351->356 357 7ff7774d44d7-7ff7774d44ff call 7ff7774d2770 call 7ff7774d75e0 call 7ff7774d7c80 351->357 352->356 352->357 356->326 376 7ff7774d4501-7ff7774d4508 357->376 377 7ff7774d450a-7ff7774d451d call 7ff7774d2770 357->377 380 7ff7774d4572-7ff7774d4587 call 7ff7774d2cb0 call 7ff7774d77e0 call 7ff7774d7590 376->380 384 7ff7774d4543-7ff7774d454d call 7ff7774d7ab0 377->384 385 7ff7774d451f-7ff7774d4538 call 7ff7774d2770 call 7ff7774d7620 377->385 380->330 381->292 395 7ff7774d454f-7ff7774d4556 384->395 396 7ff7774d4558-7ff7774d4565 call 7ff7774d7e30 384->396 385->384 401 7ff7774d453a-7ff7774d4541 385->401 395->380 396->330 402 7ff7774d456b 396->402 401->380 402->380
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: DebugErrorFileLastModuleNameOutputString
                                                                                                                                                                                                • String ID: Could not create temporary directory!$Could not load PyInstaller's embedded PKG archive from the executable (%s)$Could not side-load PyInstaller's PKG archive from external file (%s)$Failed to convert DLL search path!$Failed to initialize security descriptor for temporary directory!$Failed to load Tcl/Tk shared libraries for splash screen!$Failed to load splash screen resources!$Failed to start splash screen!$Failed to unpack splash screen dependencies from PKG archive!$Invalid value in _PYI_PARENT_PROCESS_LEVEL: %s$LOADER: _PYI_ARCHIVE_FILE already defined: %s$LOADER: _PYI_ARCHIVE_FILE not defined...$LOADER: application has %s semantics...$LOADER: application's top-level directory: %s$LOADER: archive file: %s$LOADER: attempting to pre-load system copy of %ls...$LOADER: calling SetDllDirectory: %ls$LOADER: could not load system copy of %ls.$LOADER: created temporary directory: %s$LOADER: creating temporary directory (runtime_tmpdir=%s)...$LOADER: end of process reached!$LOADER: executable file: %s$LOADER: explicit environment reset enabled via environment variable!$LOADER: extracting splash screen dependencies...$LOADER: failed to open executable-embedded archive!$LOADER: initializing security descriptor for temporary directory...$LOADER: loading splash screen resources...$LOADER: process is not eligible for splash screen$LOADER: process level = %d$LOADER: setting up splash screen...$LOADER: side-load is disabled (code %d)!$LOADER: spawned subprocess - suppressing splash screen...$LOADER: splash screen is explicitly suppressed via environment variable!$LOADER: splash screen is unavailable.$LOADER: successfully loaded system copy of %ls.$LOADER: this is child process of onefile application (%s).$LOADER: this is parent process of onefile application.$LOADER: trying to load executable-embedded archive...$LOADER: trying to load external PKG archive (%s)...$LOADER: using different archive file than parent environment!$LOADER: using same archive file as parent environment!$MEI$PYINSTALLER_RESET_ENVIRONMENT$PYINSTALLER_STRICT_UNPACK_MODE$PYINSTALLER_SUPPRESS_SPLASH_SCREEN$Path exceeds PYI_PATH_MAX limit.$PyInstaller Bootloader 6.x$Py_GIL_DISABLED$VCRUNTIME140.dll$_PYI_APPLICATION_HOME_DIR$_PYI_APPLICATION_HOME_DIR not set for onefile child process!$_PYI_ARCHIVE_FILE$_PYI_PARENT_PROCESS_LEVEL$_PYI_SPLASH_IPC$main application process$onedir$onefile$pkg$pyi-contents-directory$pyi-disable-windowed-traceback$pyi-python-flag$pyi-runtime-tmpdir$spawned subprocess
                                                                                                                                                                                                • API String ID: 3669267851-3110933790
                                                                                                                                                                                                • Opcode ID: 3d4e2b8bcc883e09296984d87fda7c9b30862286619bdd5e2353c0f604ffcd7e
                                                                                                                                                                                                • Instruction ID: 6404f395096b8bdd2d14734ceabfdf6796709bee082d2a267dad4c3b92b45e67
                                                                                                                                                                                                • Opcode Fuzzy Hash: 3d4e2b8bcc883e09296984d87fda7c9b30862286619bdd5e2353c0f604ffcd7e
                                                                                                                                                                                                • Instruction Fuzzy Hash: 86428F23A3C64290EA94FB27D8A41B9E3A1AF45784FC84171DE9D432D6DF2CE527C720
                                                                                                                                                                                                Function 00007FF7774F77F4 Relevance: 13.8, APIs: 9, Instructions: 276fileCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 821 7ff7774f77f4-7ff7774f7867 call 7ff7774f7528 824 7ff7774f7881-7ff7774f788b call 7ff7774e93b0 821->824 825 7ff7774f7869-7ff7774f7872 call 7ff7774e5d78 821->825 831 7ff7774f78a6-7ff7774f790f CreateFileW 824->831 832 7ff7774f788d-7ff7774f78a4 call 7ff7774e5d78 call 7ff7774e5d98 824->832 830 7ff7774f7875-7ff7774f787c call 7ff7774e5d98 825->830 848 7ff7774f7bc2-7ff7774f7be2 830->848 833 7ff7774f7911-7ff7774f7917 831->833 834 7ff7774f798c-7ff7774f7997 GetFileType 831->834 832->830 837 7ff7774f7959-7ff7774f7987 GetLastError call 7ff7774e5d0c 833->837 838 7ff7774f7919-7ff7774f791d 833->838 840 7ff7774f7999-7ff7774f79d4 GetLastError call 7ff7774e5d0c CloseHandle 834->840 841 7ff7774f79ea-7ff7774f79f1 834->841 837->830 838->837 846 7ff7774f791f-7ff7774f7957 CreateFileW 838->846 840->830 856 7ff7774f79da-7ff7774f79e5 call 7ff7774e5d98 840->856 844 7ff7774f79f3-7ff7774f79f7 841->844 845 7ff7774f79f9-7ff7774f79fc 841->845 851 7ff7774f7a02-7ff7774f7a57 call 7ff7774e92c8 844->851 845->851 852 7ff7774f79fe 845->852 846->834 846->837 859 7ff7774f7a76-7ff7774f7aa7 call 7ff7774f72a8 851->859 860 7ff7774f7a59-7ff7774f7a65 call 7ff7774f7730 851->860 852->851 856->830 866 7ff7774f7aad-7ff7774f7aef 859->866 867 7ff7774f7aa9-7ff7774f7aab 859->867 860->859 868 7ff7774f7a67 860->868 870 7ff7774f7b11-7ff7774f7b1c 866->870 871 7ff7774f7af1-7ff7774f7af5 866->871 869 7ff7774f7a69-7ff7774f7a71 call 7ff7774eb950 867->869 868->869 869->848 873 7ff7774f7b22-7ff7774f7b26 870->873 874 7ff7774f7bc0 870->874 871->870 872 7ff7774f7af7-7ff7774f7b0c 871->872 872->870 873->874 876 7ff7774f7b2c-7ff7774f7b71 CloseHandle CreateFileW 873->876 874->848 878 7ff7774f7ba6-7ff7774f7bbb 876->878 879 7ff7774f7b73-7ff7774f7ba1 GetLastError call 7ff7774e5d0c call 7ff7774e94f0 876->879 878->874 879->878
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: File$CreateErrorLast_invalid_parameter_noinfo$CloseHandle$Type
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1617910340-0
                                                                                                                                                                                                • Opcode ID: 1d9ed3d4efa89bdc1dc95a4a467970b21b1bc653c22a6d7fb70e9ddd5adb907c
                                                                                                                                                                                                • Instruction ID: a3d94dcad0636a3e9ee6c29d2ba72d5ff418a65d99f0bdd63ecfb09de0831737
                                                                                                                                                                                                • Opcode Fuzzy Hash: 1d9ed3d4efa89bdc1dc95a4a467970b21b1bc653c22a6d7fb70e9ddd5adb907c
                                                                                                                                                                                                • Instruction Fuzzy Hash: 25C1B033B34A4285EB11EF66C4906AC7761FB49BA8B854225EE2E57794CF3CD056C310
                                                                                                                                                                                                Function 00007FF7774DA110 Relevance: 3.0, APIs: 2, Instructions: 29COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Find$CloseFileFirst
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2295610775-0
                                                                                                                                                                                                • Opcode ID: b115aaa5e8937644bfb662755a1459c59560f1bb963ed3fb365ba1dcea5c7f5a
                                                                                                                                                                                                • Instruction ID: a4fc46a0b28e9b0dc9ec15537efaa0443dd1a42b02c86c7093d26463f2b90ebb
                                                                                                                                                                                                • Opcode Fuzzy Hash: b115aaa5e8937644bfb662755a1459c59560f1bb963ed3fb365ba1dcea5c7f5a
                                                                                                                                                                                                • Instruction Fuzzy Hash: C2F04427B38742C6F7A09B65B48976AA350AB44764F841735DEAD02AE4CF3CD46ACA10
                                                                                                                                                                                                Function 00007FF7774D5EC0 Relevance: 231.4, APIs: 86, Strings: 46, Instructions: 402libraryloaderCOMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 0 7ff7774d5ec0-7ff7774d5ee0 GetProcAddress 1 7ff7774d5f0f-7ff7774d5f29 GetProcAddress 0->1 2 7ff7774d5ee2-7ff7774d5ee8 GetLastError 0->2 3 7ff7774d5f2b-7ff7774d5f38 GetLastError 1->3 4 7ff7774d5f3a-7ff7774d5f54 GetProcAddress 1->4 5 7ff7774d5eef-7ff7774d5f0e call 7ff7774d2ec0 2->5 3->5 6 7ff7774d5f65-7ff7774d5f7f GetProcAddress 4->6 7 7ff7774d5f56-7ff7774d5f63 GetLastError 4->7 10 7ff7774d5f93-7ff7774d5fad GetProcAddress 6->10 11 7ff7774d5f81-7ff7774d5f8e GetLastError 6->11 7->5 12 7ff7774d5faf-7ff7774d5fbc GetLastError 10->12 13 7ff7774d5fc1-7ff7774d5fdb GetProcAddress 10->13 11->5 12->5 14 7ff7774d5fef-7ff7774d6009 GetProcAddress 13->14 15 7ff7774d5fdd-7ff7774d5fea GetLastError 13->15 16 7ff7774d600b-7ff7774d6011 GetLastError 14->16 17 7ff7774d601d-7ff7774d6037 GetProcAddress 14->17 15->5 16->17 18 7ff7774d604b-7ff7774d6065 GetProcAddress 17->18 19 7ff7774d6039-7ff7774d603f GetLastError 17->19 20 7ff7774d6067-7ff7774d606d GetLastError 18->20 21 7ff7774d6079-7ff7774d6093 GetProcAddress 18->21 19->18 20->21 22 7ff7774d6095-7ff7774d609b GetLastError 21->22 23 7ff7774d60a7-7ff7774d60c1 GetProcAddress 21->23 22->23 24 7ff7774d60c3-7ff7774d60c9 GetLastError 23->24 25 7ff7774d60d5-7ff7774d60ef GetProcAddress 23->25 24->25 26 7ff7774d6103-7ff7774d611d GetProcAddress 25->26 27 7ff7774d60f1-7ff7774d60f7 GetLastError 25->27 28 7ff7774d611f-7ff7774d6125 GetLastError 26->28 29 7ff7774d6131-7ff7774d614b GetProcAddress 26->29 27->26 28->29 30 7ff7774d615f-7ff7774d6179 GetProcAddress 29->30 31 7ff7774d614d-7ff7774d6153 GetLastError 29->31 32 7ff7774d617b-7ff7774d6181 GetLastError 30->32 33 7ff7774d618d-7ff7774d61a7 GetProcAddress 30->33 31->30 32->33 34 7ff7774d61bb-7ff7774d61d5 GetProcAddress 33->34 35 7ff7774d61a9-7ff7774d61af GetLastError 33->35 36 7ff7774d61d7-7ff7774d61dd GetLastError 34->36 37 7ff7774d61e9-7ff7774d6203 GetProcAddress 34->37 35->34 36->37 38 7ff7774d6205-7ff7774d620b GetLastError 37->38 39 7ff7774d6217-7ff7774d6231 GetProcAddress 37->39 38->39 40 7ff7774d6233-7ff7774d6239 GetLastError 39->40 41 7ff7774d6245-7ff7774d625f GetProcAddress 39->41 40->41 42 7ff7774d6273-7ff7774d628d GetProcAddress 41->42 43 7ff7774d6261-7ff7774d6267 GetLastError 41->43 44 7ff7774d628f-7ff7774d6295 GetLastError 42->44 45 7ff7774d62a1-7ff7774d62bb GetProcAddress 42->45 43->42 44->45 46 7ff7774d62cf-7ff7774d62e9 GetProcAddress 45->46 47 7ff7774d62bd-7ff7774d62c3 GetLastError 45->47 48 7ff7774d62eb-7ff7774d62f1 GetLastError 46->48 49 7ff7774d62fd-7ff7774d6317 GetProcAddress 46->49 47->46 48->49 50 7ff7774d632b-7ff7774d6345 GetProcAddress 49->50 51 7ff7774d6319-7ff7774d631f GetLastError 49->51 52 7ff7774d6347-7ff7774d634d GetLastError 50->52 53 7ff7774d6359-7ff7774d6373 GetProcAddress 50->53 51->50 52->53 54 7ff7774d6375-7ff7774d637b GetLastError 53->54 55 7ff7774d6387-7ff7774d63a1 GetProcAddress 53->55 54->55 56 7ff7774d63a3-7ff7774d63a9 GetLastError 55->56 57 7ff7774d63b5-7ff7774d63cf GetProcAddress 55->57 56->57 58 7ff7774d63e3-7ff7774d63fd GetProcAddress 57->58 59 7ff7774d63d1-7ff7774d63d7 GetLastError 57->59 60 7ff7774d63ff-7ff7774d6405 GetLastError 58->60 61 7ff7774d6411-7ff7774d642b GetProcAddress 58->61 59->58 60->61 62 7ff7774d643f-7ff7774d6459 GetProcAddress 61->62 63 7ff7774d642d-7ff7774d6433 GetLastError 61->63 64 7ff7774d645b-7ff7774d6461 GetLastError 62->64 65 7ff7774d646d-7ff7774d6487 GetProcAddress 62->65 63->62 64->65 66 7ff7774d649b-7ff7774d64b5 GetProcAddress 65->66 67 7ff7774d6489-7ff7774d648f GetLastError 65->67 68 7ff7774d64b7-7ff7774d64bd GetLastError 66->68 69 7ff7774d64c9-7ff7774d64e3 GetProcAddress 66->69 67->66 68->69 70 7ff7774d64e5-7ff7774d64eb GetLastError 69->70 71 7ff7774d64f7-7ff7774d6511 GetProcAddress 69->71 70->71 72 7ff7774d6513-7ff7774d6519 GetLastError 71->72 73 7ff7774d6525-7ff7774d653f GetProcAddress 71->73 72->73 74 7ff7774d6553-7ff7774d656d GetProcAddress 73->74 75 7ff7774d6541-7ff7774d6547 GetLastError 73->75 76 7ff7774d656f-7ff7774d6575 GetLastError 74->76 77 7ff7774d6581-7ff7774d659b GetProcAddress 74->77 75->74 76->77 78 7ff7774d65af-7ff7774d65c9 GetProcAddress 77->78 79 7ff7774d659d-7ff7774d65a3 GetLastError 77->79 80 7ff7774d65cb-7ff7774d65d1 GetLastError 78->80 81 7ff7774d65dd-7ff7774d65f7 GetProcAddress 78->81 79->78 80->81 82 7ff7774d660b-7ff7774d6625 GetProcAddress 81->82 83 7ff7774d65f9-7ff7774d65ff GetLastError 81->83 84 7ff7774d6627-7ff7774d662d GetLastError 82->84 85 7ff7774d6639-7ff7774d6653 GetProcAddress 82->85 83->82 84->85 86 7ff7774d6655-7ff7774d665b GetLastError 85->86 87 7ff7774d6667-7ff7774d6681 GetProcAddress 85->87 86->87 88 7ff7774d6683-7ff7774d6689 GetLastError 87->88 89 7ff7774d6695-7ff7774d669c call 7ff7774d2770 87->89 88->89 91 7ff7774d66a1-7ff7774d66a8 89->91
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetProcAddress.KERNEL32(?,00007FF7774D6BF4,?,00007FF7774D35EE), ref: 00007FF7774D5ED0
                                                                                                                                                                                                • GetLastError.KERNEL32(?,00007FF7774D6BF4,?,00007FF7774D35EE), ref: 00007FF7774D5EE2
                                                                                                                                                                                                • GetProcAddress.KERNEL32(?,00007FF7774D6BF4,?,00007FF7774D35EE), ref: 00007FF7774D5F19
                                                                                                                                                                                                • GetLastError.KERNEL32(?,00007FF7774D6BF4,?,00007FF7774D35EE), ref: 00007FF7774D5F2B
                                                                                                                                                                                                • GetProcAddress.KERNEL32(?,00007FF7774D6BF4,?,00007FF7774D35EE), ref: 00007FF7774D5F44
                                                                                                                                                                                                • GetLastError.KERNEL32(?,00007FF7774D6BF4,?,00007FF7774D35EE), ref: 00007FF7774D5F56
                                                                                                                                                                                                • GetProcAddress.KERNEL32(?,00007FF7774D6BF4,?,00007FF7774D35EE), ref: 00007FF7774D5F6F
                                                                                                                                                                                                • GetLastError.KERNEL32(?,00007FF7774D6BF4,?,00007FF7774D35EE), ref: 00007FF7774D5F81
                                                                                                                                                                                                • GetProcAddress.KERNEL32(?,00007FF7774D6BF4,?,00007FF7774D35EE), ref: 00007FF7774D5F9D
                                                                                                                                                                                                • GetLastError.KERNEL32(?,00007FF7774D6BF4,?,00007FF7774D35EE), ref: 00007FF7774D5FAF
                                                                                                                                                                                                • GetProcAddress.KERNEL32(?,00007FF7774D6BF4,?,00007FF7774D35EE), ref: 00007FF7774D5FCB
                                                                                                                                                                                                • GetLastError.KERNEL32(?,00007FF7774D6BF4,?,00007FF7774D35EE), ref: 00007FF7774D5FDD
                                                                                                                                                                                                • GetProcAddress.KERNEL32(?,00007FF7774D6BF4,?,00007FF7774D35EE), ref: 00007FF7774D5FF9
                                                                                                                                                                                                • GetLastError.KERNEL32(?,00007FF7774D6BF4,?,00007FF7774D35EE), ref: 00007FF7774D600B
                                                                                                                                                                                                • GetProcAddress.KERNEL32(?,00007FF7774D6BF4,?,00007FF7774D35EE), ref: 00007FF7774D6027
                                                                                                                                                                                                • GetLastError.KERNEL32(?,00007FF7774D6BF4,?,00007FF7774D35EE), ref: 00007FF7774D6039
                                                                                                                                                                                                • GetProcAddress.KERNEL32(?,00007FF7774D6BF4,?,00007FF7774D35EE), ref: 00007FF7774D6055
                                                                                                                                                                                                • GetLastError.KERNEL32(?,00007FF7774D6BF4,?,00007FF7774D35EE), ref: 00007FF7774D6067
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: AddressErrorLastProc
                                                                                                                                                                                                • String ID: Failed to get address for %hs$GetProcAddress$LOADER: loaded functions from Python shared library.$PyConfig_Clear$PyConfig_InitIsolatedConfig$PyConfig_Read$PyConfig_SetBytesString$PyConfig_SetString$PyConfig_SetWideStringList$PyErr_Clear$PyErr_Fetch$PyErr_NormalizeException$PyErr_Occurred$PyErr_Print$PyErr_Restore$PyEval_EvalCode$PyImport_AddModule$PyImport_ExecCodeModule$PyImport_ImportModule$PyMarshal_ReadObjectFromString$PyMem_RawFree$PyModule_GetDict$PyObject_CallFunction$PyObject_CallFunctionObjArgs$PyObject_GetAttrString$PyObject_SetAttrString$PyObject_Str$PyPreConfig_InitIsolatedConfig$PyRun_SimpleStringFlags$PyStatus_Exception$PySys_GetObject$PySys_SetObject$PyUnicode_AsUTF8$PyUnicode_Decode$PyUnicode_DecodeFSDefault$PyUnicode_FromFormat$PyUnicode_FromString$PyUnicode_Join$PyUnicode_Replace$Py_DecRef$Py_DecodeLocale$Py_ExitStatusException$Py_Finalize$Py_InitializeFromConfig$Py_IsInitialized$Py_PreInitialize
                                                                                                                                                                                                • API String ID: 199729137-601071275
                                                                                                                                                                                                • Opcode ID: ba0205765689898c81f4b1a764ca233421d3031cecdd78931fe28e0ee4661a18
                                                                                                                                                                                                • Instruction ID: 35d96b5948b6f6982d8a63e7de585d3b742c90ca54d42ced0e23d56372fc911e
                                                                                                                                                                                                • Opcode Fuzzy Hash: ba0205765689898c81f4b1a764ca233421d3031cecdd78931fe28e0ee4661a18
                                                                                                                                                                                                • Instruction Fuzzy Hash: D932D562E7DF17D1FA64FB56A844474E3A1AF08786BC85935CD5E02260EF3CB16B8234
                                                                                                                                                                                                Function 00007FF7774D6C20 Relevance: 35.1, APIs: 2, Strings: 18, Instructions: 145COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 403 7ff7774d6c20-7ff7774d6c49 call 7ff7774d5a90 406 7ff7774d6c4b-7ff7774d6c57 call 7ff7774d2960 403->406 407 7ff7774d6c5c-7ff7774d6c72 call 7ff7774d2770 call 7ff7774d5320 403->407 412 7ff7774d6e7c-7ff7774d6ea5 call 7ff7774d52f0 call 7ff7774d59f0 406->412 416 7ff7774d6c74-7ff7774d6c80 call 7ff7774d2960 407->416 417 7ff7774d6c85-7ff7774d6c9f call 7ff7774d2770 call 7ff7774d5230 407->417 416->412 427 7ff7774d6ca1-7ff7774d6cad call 7ff7774d2960 417->427 428 7ff7774d6cb2-7ff7774d6ce7 call 7ff7774d2770 * 2 call 7ff7774d5530 417->428 427->412 438 7ff7774d6ce9-7ff7774d6cf5 call 7ff7774d2960 428->438 439 7ff7774d6cfa-7ff7774d6d13 call 7ff7774d2770 call 7ff7774d55f0 428->439 438->412 446 7ff7774d6d15-7ff7774d6d21 call 7ff7774d2960 439->446 447 7ff7774d6d26-7ff7774d6d3f call 7ff7774d2770 call 7ff7774d53e0 439->447 446->412 454 7ff7774d6d41-7ff7774d6d4d call 7ff7774d2960 447->454 455 7ff7774d6d52-7ff7774d6d6b call 7ff7774d2770 call 7ff7774d53d0 447->455 454->412 462 7ff7774d6d6d-7ff7774d6d79 call 7ff7774d2960 455->462 463 7ff7774d6d7e-7ff7774d6d9a call 7ff7774d2770 call 7ff7774d56c0 455->463 462->412 470 7ff7774d6d9c-7ff7774d6da8 call 7ff7774d2960 463->470 471 7ff7774d6dad-7ff7774d6dbd call 7ff7774d2770 463->471 470->412 476 7ff7774d6de3-7ff7774d6e37 SetErrorMode * 2 471->476 477 7ff7774d6dbf-7ff7774d6dde call 7ff7774e6280 call 7ff7774e8140 call 7ff7774e6280 call 7ff7774e8140 471->477 482 7ff7774d6e42-7ff7774d6e44 476->482 477->476 484 7ff7774d6e46-7ff7774d6e78 call 7ff7774d2960 482->484 485 7ff7774d6e7a 482->485 484->412 485->412
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CurrentProcess
                                                                                                                                                                                                • String ID: Failed to allocate PyConfig structure! Unsupported python version?$Failed to parse run-time options!$Failed to pre-initialize embedded python interpreter!$Failed to set module search paths!$Failed to set program name!$Failed to set python home path!$Failed to set run-time options!$Failed to set sys.argv!$Failed to start embedded python interpreter!$LOADER: applying run-time options...$LOADER: creating PyConfig structure...$LOADER: initializing interpreter configuration...$LOADER: pre-initializing embedded python interpreter...$LOADER: setting module search paths...$LOADER: setting program name...$LOADER: setting python home path...$LOADER: setting sys.argv...$LOADER: starting embedded python interpreter...
                                                                                                                                                                                                • API String ID: 2050909247-1204188993
                                                                                                                                                                                                • Opcode ID: ec8dd98a91ddca416502cf26b7f44789849eb6dc3779d0a007a05ec32447d8ec
                                                                                                                                                                                                • Instruction ID: bc1d4927a734ee5b10d55f4602de77b36b69c618c209148aa1300bd41670efca
                                                                                                                                                                                                • Opcode Fuzzy Hash: ec8dd98a91ddca416502cf26b7f44789849eb6dc3779d0a007a05ec32447d8ec
                                                                                                                                                                                                • Instruction Fuzzy Hash: 19618213E3CA4351FA50BB27E8911B9E361AF55785FC40131EE8E422A2EF2DF5578361
                                                                                                                                                                                                Function 00007FF7774D1950 Relevance: 29.9, APIs: 2, Strings: 15, Instructions: 199COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 492 7ff7774d1950-7ff7774d199d call 7ff7774d2770 call 7ff7774d4c50 497 7ff7774d19b5-7ff7774d19f5 call 7ff7774d88f0 492->497 498 7ff7774d199f-7ff7774d19b0 call 7ff7774d2770 492->498 504 7ff7774d19f7-7ff7774d1a03 call 7ff7774d2770 497->504 505 7ff7774d1a08-7ff7774d1a27 call 7ff7774d2770 call 7ff7774e1564 497->505 503 7ff7774d1c8e-7ff7774d1cb2 call 7ff7774dd3e0 498->503 512 7ff7774d1c7b-7ff7774d1c7e call 7ff7774e0edc 504->512 516 7ff7774d1a48-7ff7774d1a64 call 7ff7774e122c 505->516 517 7ff7774d1a29-7ff7774d1a43 call 7ff7774e5d98 call 7ff7774d2b70 505->517 518 7ff7774d1c83-7ff7774d1c8b 512->518 524 7ff7774d1a85-7ff7774d1a9a call 7ff7774e5db8 516->524 525 7ff7774d1a66-7ff7774d1a80 call 7ff7774e5d98 call 7ff7774d2b70 516->525 517->512 518->503 531 7ff7774d1abb-7ff7774d1b45 call 7ff7774d1cc0 * 2 call 7ff7774e1564 call 7ff7774e5dd4 524->531 532 7ff7774d1a9c-7ff7774d1ab6 call 7ff7774e5d98 call 7ff7774d2b70 524->532 525->512 546 7ff7774d1b4a-7ff7774d1b54 531->546 532->512 547 7ff7774d1b75-7ff7774d1b8e call 7ff7774e122c 546->547 548 7ff7774d1b56-7ff7774d1b70 call 7ff7774e5d98 call 7ff7774d2b70 546->548 554 7ff7774d1baf-7ff7774d1bcb call 7ff7774e0fa0 547->554 555 7ff7774d1b90-7ff7774d1baa call 7ff7774e5d98 call 7ff7774d2b70 547->555 548->512 562 7ff7774d1bcd-7ff7774d1bd9 call 7ff7774d2960 554->562 563 7ff7774d1bde-7ff7774d1bec 554->563 555->512 562->512 563->512 564 7ff7774d1bf2-7ff7774d1bf9 563->564 568 7ff7774d1c01-7ff7774d1c07 564->568 569 7ff7774d1c20-7ff7774d1c2f 568->569 570 7ff7774d1c09-7ff7774d1c16 568->570 569->569 571 7ff7774d1c31-7ff7774d1c3a 569->571 570->571 572 7ff7774d1c4f 571->572 573 7ff7774d1c3c-7ff7774d1c3f 571->573 575 7ff7774d1c51-7ff7774d1c64 572->575 573->572 574 7ff7774d1c41-7ff7774d1c44 573->574 574->572 576 7ff7774d1c46-7ff7774d1c49 574->576 577 7ff7774d1c66 575->577 578 7ff7774d1c6d-7ff7774d1c79 575->578 576->572 579 7ff7774d1c4b-7ff7774d1c4d 576->579 577->578 578->512 578->568 579->575
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: DebugOutputString
                                                                                                                                                                                                • String ID: Could not allocate buffer for TOC!$Could not allocate memory for archive structure!$Could not read full TOC!$Error on file.$Failed to read cookie!$Failed to seek to cookie position!$LOADER: attempting to open archive %s$LOADER: cannot find cookie!$LOADER: cannot open archive: %s$LOADER: cookie found at offset 0x%llX$MEI$calloc$fread$fseek$malloc
                                                                                                                                                                                                • API String ID: 1166629820-2612702325
                                                                                                                                                                                                • Opcode ID: b0569c5fe91db1d79890538d24aa02d68a5c7969c7b35bfe865b4d1c0159de18
                                                                                                                                                                                                • Instruction ID: b8a918c1c4afba9ba9aba66d0b2c85201ede529ae0bc1ada91e0a636ea8dd6ad
                                                                                                                                                                                                • Opcode Fuzzy Hash: b0569c5fe91db1d79890538d24aa02d68a5c7969c7b35bfe865b4d1c0159de18
                                                                                                                                                                                                • Instruction Fuzzy Hash: CA919332A3C68285EB60FB26D4846F9A3A1EF45B80FC44832DE8D47795DE7CE5578720
                                                                                                                                                                                                Function 00007FF8B8F78D30 Relevance: 29.9, APIs: 16, Strings: 1, Instructions: 143COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 580 7ff8b8f78d30-7ff8b8f78d48 581 7ff8b8f78d4a-7ff8b8f78d57 580->581 582 7ff8b8f78d58-7ff8b8f78d77 PyModule_Create2 580->582 583 7ff8b8f78d7d-7ff8b8f78da4 PyObject_GetAttrString PyModule_GetDict 582->583 584 7ff8b8f78e35-7ff8b8f78e38 582->584 587 7ff8b8f78e2e 583->587 588 7ff8b8f78daa-7ff8b8f78db0 583->588 585 7ff8b8f78e4d-7ff8b8f78e50 584->585 586 7ff8b8f78e3a-7ff8b8f78e45 584->586 590 7ff8b8f78e52-7ff8b8f78e56 585->590 591 7ff8b8f78e61-7ff8b8f78e6b 585->591 586->585 589 7ff8b8f78e47 _Py_Dealloc 586->589 587->584 592 7ff8b8f78e04 call 7ff8b8f81ff0 588->592 593 7ff8b8f78db2-7ff8b8f78df8 call 7ff8b8f74270 588->593 589->585 590->591 595 7ff8b8f78e58-7ff8b8f78e5b _Py_Dealloc 590->595 597 7ff8b8f78e6d-7ff8b8f78e78 591->597 598 7ff8b8f78e80-7ff8b8f78e8a 591->598 601 7ff8b8f78e09-7ff8b8f78e0b 592->601 593->587 608 7ff8b8f78dfa 593->608 595->591 597->598 603 7ff8b8f78e7a _Py_Dealloc 597->603 599 7ff8b8f78e9f-7ff8b8f78ea9 598->599 600 7ff8b8f78e8c-7ff8b8f78e97 598->600 606 7ff8b8f78ebe-7ff8b8f78ec8 599->606 607 7ff8b8f78eab-7ff8b8f78eb6 599->607 600->599 604 7ff8b8f78e99 _Py_Dealloc 600->604 601->587 605 7ff8b8f78e0d-7ff8b8f78e11 601->605 603->598 604->599 609 7ff8b8f78e1c-7ff8b8f78e2d 605->609 610 7ff8b8f78e13-7ff8b8f78e16 _Py_Dealloc 605->610 612 7ff8b8f78edd-7ff8b8f78ee7 606->612 613 7ff8b8f78eca-7ff8b8f78ed5 606->613 607->606 611 7ff8b8f78eb8 _Py_Dealloc 607->611 608->592 610->609 611->606 615 7ff8b8f78efc-7ff8b8f78f06 612->615 616 7ff8b8f78ee9-7ff8b8f78ef4 612->616 613->612 614 7ff8b8f78ed7 _Py_Dealloc 613->614 614->612 618 7ff8b8f78f1b-7ff8b8f78f25 615->618 619 7ff8b8f78f08-7ff8b8f78f13 615->619 616->615 617 7ff8b8f78ef6 _Py_Dealloc 616->617 617->615 620 7ff8b8f78f3a-7ff8b8f78f44 618->620 621 7ff8b8f78f27-7ff8b8f78f32 618->621 619->618 622 7ff8b8f78f15 _Py_Dealloc 619->622 624 7ff8b8f78f59-7ff8b8f78f63 620->624 625 7ff8b8f78f46-7ff8b8f78f51 620->625 621->620 623 7ff8b8f78f34 _Py_Dealloc 621->623 622->618 623->620 627 7ff8b8f78f78-7ff8b8f78f82 624->627 628 7ff8b8f78f65-7ff8b8f78f70 624->628 625->624 626 7ff8b8f78f53 _Py_Dealloc 625->626 626->624 630 7ff8b8f78f97-7ff8b8f78fa3 627->630 631 7ff8b8f78f84-7ff8b8f78f8f 627->631 628->627 629 7ff8b8f78f72 _Py_Dealloc 628->629 629->627 631->630 632 7ff8b8f78f91 _Py_Dealloc 631->632 632->630
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411342969.00007FF8B8F71000.00000020.00000001.01000000.00000012.sdmp, Offset: 00007FF8B8F70000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411309664.00007FF8B8F70000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411378281.00007FF8B8F85000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411410144.00007FF8B8F8B000.00000004.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411444821.00007FF8B8F8F000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8f70000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Module_$AttrCreate2DeallocDictObject_String
                                                                                                                                                                                                • String ID: __name__
                                                                                                                                                                                                • API String ID: 2272293537-3954359393
                                                                                                                                                                                                • Opcode ID: c7dfa23e24619b3b6a6b2c70335f91a3b917a3ce639685580eccec247397ed14
                                                                                                                                                                                                • Instruction ID: 93db8c5ee0bba87257f2eac80afb43ec8f9eecf91cc920c57dedc9c4f653356a
                                                                                                                                                                                                • Opcode Fuzzy Hash: c7dfa23e24619b3b6a6b2c70335f91a3b917a3ce639685580eccec247397ed14
                                                                                                                                                                                                • Instruction Fuzzy Hash: 1D71D439E19E02C2FF568B68AC4493437A5BF49BD2F584834CB1D46762DF2CA457871C
                                                                                                                                                                                                Function 00007FF8B8F746E0 Relevance: 29.9, APIs: 15, Strings: 2, Instructions: 118COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411342969.00007FF8B8F71000.00000020.00000001.01000000.00000012.sdmp, Offset: 00007FF8B8F70000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411309664.00007FF8B8F70000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411378281.00007FF8B8F85000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411410144.00007FF8B8F8B000.00000004.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411444821.00007FF8B8F8F000.00000002.00000001.01000000.00000012.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8f70000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Dealloc$ItemObject_$Err_FormatFromImportObjectUnicode_$AttrClearDict_ErrorFilenameImport_LevelModuleModule_
                                                                                                                                                                                                • String ID: %U.%U$cannot import name %R from %R (%S)
                                                                                                                                                                                                • API String ID: 3630264407-438398067
                                                                                                                                                                                                • Opcode ID: 6c93363f3a041544119e73659b1bd69e60de92cf4ac8987f66f4c27ced5c75bf
                                                                                                                                                                                                • Instruction ID: 865a1a679fd8fa080fb224b122d5cce86a8dcc83b7629c7c1c328179874bcdda
                                                                                                                                                                                                • Opcode Fuzzy Hash: 6c93363f3a041544119e73659b1bd69e60de92cf4ac8987f66f4c27ced5c75bf
                                                                                                                                                                                                • Instruction Fuzzy Hash: 75416A36E09A86C2FB148B6AA80467977A0BB59FD6F448034CF4E47755EF3CE4468308
                                                                                                                                                                                                Function 00007FF7774D21C0 Relevance: 17.6, APIs: 9, Strings: 1, Instructions: 120COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: MoveWindow$ObjectSelect$DrawReleaseText
                                                                                                                                                                                                • String ID: P%
                                                                                                                                                                                                • API String ID: 2147705588-2959514604
                                                                                                                                                                                                • Opcode ID: 3500614061f5ceb163c3b7033a707fbd0e5c5059e6765f43b08d1a25968858d7
                                                                                                                                                                                                • Instruction ID: b52472a4dd967086f25e7f5d595ccee8ebb5f2936e6dc1d97123b0c896f37612
                                                                                                                                                                                                • Opcode Fuzzy Hash: 3500614061f5ceb163c3b7033a707fbd0e5c5059e6765f43b08d1a25968858d7
                                                                                                                                                                                                • Instruction Fuzzy Hash: 3D5107266247A186D634AF36A0181BAF7A1FB98B65F404121EFCF43684DF3CD046CB20
                                                                                                                                                                                                Function 00007FF7774D1470 Relevance: 14.1, APIs: 1, Strings: 7, Instructions: 107COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CurrentProcess
                                                                                                                                                                                                • String ID: Failed to extract %s: failed to allocate data buffer (%u bytes)!$Failed to extract %s: failed to open archive file!$Failed to extract %s: failed to read data chunk!$Failed to extract %s: failed to seek to the entry's data!$fread$fseek$malloc
                                                                                                                                                                                                • API String ID: 2050909247-3659356012
                                                                                                                                                                                                • Opcode ID: ea131b24949925cd0476ec8c04e690a3afc1639cb1e8b3486950fb5c779c9f30
                                                                                                                                                                                                • Instruction ID: 17409fe3dc9bf598ac3ff9d3285ede9d999a96e2d541335d6e488f42cb415dd8
                                                                                                                                                                                                • Opcode Fuzzy Hash: ea131b24949925cd0476ec8c04e690a3afc1639cb1e8b3486950fb5c779c9f30
                                                                                                                                                                                                • Instruction Fuzzy Hash: FB41AF23B3864285EA50EB27E8905B9E3A0FF44794FC54932EE9D07B95DE7CE5138720
                                                                                                                                                                                                Function 00007FF7774D3B40 Relevance: 14.1, APIs: 2, Strings: 6, Instructions: 66COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetModuleFileNameW.KERNEL32(?,00007FF7774D3CC2), ref: 00007FF7774D3B71
                                                                                                                                                                                                • GetLastError.KERNEL32(?,00007FF7774D3CC2), ref: 00007FF7774D3B7B
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D2EC0: GetCurrentProcessId.KERNEL32(?,?,?,?,?,?,?,?,00007FF7774D3B96,?,00007FF7774D3CC2), ref: 00007FF7774D2F0E
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D2EC0: FormatMessageW.KERNEL32(?,?,?,?,?,?,?,?,00007FF7774D3B96,?,00007FF7774D3CC2), ref: 00007FF7774D2FD3
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D2EC0: OutputDebugStringW.KERNEL32(?,?,?,?,?,?,?,00007FF7774D3B96,?,00007FF7774D3CC2), ref: 00007FF7774D2FF4
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D2EC0: MessageBoxW.USER32 ref: 00007FF7774D3014
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Message$CurrentDebugErrorFileFormatLastModuleNameOutputProcessString
                                                                                                                                                                                                • String ID: Failed to convert executable path to UTF-8.$Failed to obtain executable path.$Failed to resolve full path to executable %ls.$GetModuleFileNameW$LOADER: executable file %ls is a symbolic link - resolving...$\\?\
                                                                                                                                                                                                • API String ID: 1136975792-3595768550
                                                                                                                                                                                                • Opcode ID: 3f0d2045d867ba6a9036b7ecfe629d26dc74542ff17c6d43d71c23cd2c6b008d
                                                                                                                                                                                                • Instruction ID: 57dc3ab81dc635df3ca14e197edfc3652a2aa65720b0f64737796269844fef7b
                                                                                                                                                                                                • Opcode Fuzzy Hash: 3f0d2045d867ba6a9036b7ecfe629d26dc74542ff17c6d43d71c23cd2c6b008d
                                                                                                                                                                                                • Instruction Fuzzy Hash: 72314423B3854291EEA4B712D8952B9A251FF58755FC00132EE9D825D5EF2CE617C720
                                                                                                                                                                                                Function 00007FF7774D6A60 Relevance: 13.6, APIs: 1, Strings: 8, Instructions: 88COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CurrentProcess
                                                                                                                                                                                                • String ID: Failed to load Python DLL '%ls'.$LOADER: loading Python shared library: %s$LOADER: ucrtbase.dll found: %s$LoadLibrary$Path of Python shared library (%s) and its name (%s) exceed buffer size (%d)$Path of ucrtbase.dll (%s) and its name exceed buffer size (%d)$Reported length (%d) of Python shared library name (%s) exceeds buffer size (%d)$ucrtbase.dll
                                                                                                                                                                                                • API String ID: 2050909247-523516585
                                                                                                                                                                                                • Opcode ID: bf0f968212efadea07085856b6f75e63e3666c900369e0dfa99b8d5beba31081
                                                                                                                                                                                                • Instruction ID: b99e0253956d71e4b59f882761a9311efa20c0a3a7a6756ba0372b6971e94c3c
                                                                                                                                                                                                • Opcode Fuzzy Hash: bf0f968212efadea07085856b6f75e63e3666c900369e0dfa99b8d5beba31081
                                                                                                                                                                                                • Instruction Fuzzy Hash: 23415332A38A8691EA50FB16E4841F9A361FB45384FC00132DE9D43695DF3CE527C760
                                                                                                                                                                                                Function 00007FF7774D1210 Relevance: 12.4, APIs: 1, Strings: 6, Instructions: 158COMMON
                                                                                                                                                                                                Download Yara Rule

                                                                                                                                                                                                Control-flow Graph

                                                                                                                                                                                                • Executed
                                                                                                                                                                                                • Not Executed
                                                                                                                                                                                                control_flow_graph 968 7ff7774d1210-7ff7774d126d call 7ff7774dcc10 971 7ff7774d126f-7ff7774d1296 call 7ff7774d2960 968->971 972 7ff7774d1297-7ff7774d12af call 7ff7774e5dd4 968->972 977 7ff7774d12d4-7ff7774d12e4 call 7ff7774e5dd4 972->977 978 7ff7774d12b1-7ff7774d12cf call 7ff7774e5d98 call 7ff7774d2b70 972->978 983 7ff7774d12e6-7ff7774d1304 call 7ff7774e5d98 call 7ff7774d2b70 977->983 984 7ff7774d1309-7ff7774d131b 977->984 991 7ff7774d1439-7ff7774d146d call 7ff7774dc8f0 call 7ff7774e5dc0 * 2 978->991 983->991 987 7ff7774d1320-7ff7774d1345 call 7ff7774e122c 984->987 997 7ff7774d1431 987->997 998 7ff7774d134b-7ff7774d1355 call 7ff7774e0fa0 987->998 997->991 998->997 1004 7ff7774d135b-7ff7774d1367 998->1004 1006 7ff7774d1370-7ff7774d1398 call 7ff7774db050 1004->1006 1009 7ff7774d1416-7ff7774d142c call 7ff7774d2960 1006->1009 1010 7ff7774d139a-7ff7774d139d 1006->1010 1009->997 1011 7ff7774d139f-7ff7774d13a9 1010->1011 1012 7ff7774d1411 1010->1012 1014 7ff7774d13d4-7ff7774d13d7 1011->1014 1015 7ff7774d13ab-7ff7774d13b9 call 7ff7774e196c 1011->1015 1012->1009 1017 7ff7774d13d9-7ff7774d13e7 call 7ff7774facc0 1014->1017 1018 7ff7774d13ea-7ff7774d13ef 1014->1018 1019 7ff7774d13be-7ff7774d13c1 1015->1019 1017->1018 1018->1006 1021 7ff7774d13f5-7ff7774d13f8 1018->1021 1022 7ff7774d13c3-7ff7774d13cd call 7ff7774e0fa0 1019->1022 1023 7ff7774d13cf-7ff7774d13d2 1019->1023 1025 7ff7774d140c-7ff7774d140f 1021->1025 1026 7ff7774d13fa-7ff7774d13fd 1021->1026 1022->1018 1022->1023 1023->1009 1025->997 1026->1009 1027 7ff7774d13ff-7ff7774d1407 1026->1027 1027->987
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CurrentProcess
                                                                                                                                                                                                • String ID: 1.3.1$Failed to extract %s: decompression resulted in return code %d!$Failed to extract %s: failed to allocate temporary input buffer!$Failed to extract %s: failed to allocate temporary output buffer!$Failed to extract %s: inflateInit() failed with return code %d!$malloc
                                                                                                                                                                                                • API String ID: 2050909247-2813020118
                                                                                                                                                                                                • Opcode ID: a958641869dc32ac051dd18a5977695317fa9ec1590220bf6f47a29704d6173e
                                                                                                                                                                                                • Instruction ID: 8d637580f43b9321fd9f98cb2c616928698b9ba3934a26f469e151d5811e5df3
                                                                                                                                                                                                • Opcode Fuzzy Hash: a958641869dc32ac051dd18a5977695317fa9ec1590220bf6f47a29704d6173e
                                                                                                                                                                                                • Instruction Fuzzy Hash: 7051B423A3868285E6A0BB23A4803BAE2A1BF45794FC44535EE9D477C5EF7CE553C710
                                                                                                                                                                                                Function 00007FF7774EC8EC Relevance: 10.8, APIs: 7, Instructions: 290COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3215553584-0
                                                                                                                                                                                                • Opcode ID: f15b985ce3f152b18b66d5b07577823b310100741c724b4bc4395fbed96f4122
                                                                                                                                                                                                • Instruction ID: 54d8c6e9ffcfbeb7b94afc086335a20d3c841ea8af4d4dc0bf6d1dc27a74e04f
                                                                                                                                                                                                • Opcode Fuzzy Hash: f15b985ce3f152b18b66d5b07577823b310100741c724b4bc4395fbed96f4122
                                                                                                                                                                                                • Instruction Fuzzy Hash: A5C1B323A3878695E670AB1694046BDBBA1EF81BA0FD54231DD9E03791CFBDE4578320
                                                                                                                                                                                                Function 00007FF7774D88F0 Relevance: 10.6, APIs: 1, Strings: 5, Instructions: 101COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: DebugOutputString
                                                                                                                                                                                                • String ID: LOADER: failed to allocate read buffer (%d bytes)!$LOADER: failed to read chunk (%zd bytes)!$LOADER: failed to seek to the end of the file!$LOADER: failed to seek to the offset 0x%llX!$LOADER: file is too short to contain magic pattern!
                                                                                                                                                                                                • API String ID: 1166629820-3243231480
                                                                                                                                                                                                • Opcode ID: 3937d2b0e626d4774a1a736d9bcdcaea0658b290e6ed379a02db01a7fd0ab828
                                                                                                                                                                                                • Instruction ID: e2ee94189adc24f761565d472b626efb12f3480825334e65c177de7216d4195e
                                                                                                                                                                                                • Opcode Fuzzy Hash: 3937d2b0e626d4774a1a736d9bcdcaea0658b290e6ed379a02db01a7fd0ab828
                                                                                                                                                                                                • Instruction Fuzzy Hash: DB316B22B3865241FA50BB1398943BAD259BF45BD4FC85431EE8D47B86DE7CF4138320
                                                                                                                                                                                                Function 00007FF7774D23D0 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 81windowCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: DeleteDestroyDialogHandleIconIndirectModuleObjectParam
                                                                                                                                                                                                • String ID: Unhandled exception in script
                                                                                                                                                                                                • API String ID: 3081866767-2699770090
                                                                                                                                                                                                • Opcode ID: 4d8badd71b354068f730db50211dc73bd221c1e5eed45224060b7d332f82d8b8
                                                                                                                                                                                                • Instruction ID: 5a6524d1fb5d203ec8f6a04924ddf2381e55e52be45b918935e85a5b3521e927
                                                                                                                                                                                                • Opcode Fuzzy Hash: 4d8badd71b354068f730db50211dc73bd221c1e5eed45224060b7d332f82d8b8
                                                                                                                                                                                                • Instruction Fuzzy Hash: 42314F73A29A8285EB20EF62E8556FAA360FF88794F840135EE4D47A55DF3CD146C710
                                                                                                                                                                                                Function 00007FF7774D2770 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 66COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: DebugOutputString
                                                                                                                                                                                                • String ID: DEBUG$[PYI-%d:%s]
                                                                                                                                                                                                • API String ID: 1166629820-1289759194
                                                                                                                                                                                                • Opcode ID: 4e2da7be96e34044e3c8c2166f3068f10969eb6c46fedfa1a9fbf2f37b8a8d35
                                                                                                                                                                                                • Instruction ID: aaa19572caac3799d60d672908092fb8ecbebb5117fb720b498b687841c76c0b
                                                                                                                                                                                                • Opcode Fuzzy Hash: 4e2da7be96e34044e3c8c2166f3068f10969eb6c46fedfa1a9fbf2f37b8a8d35
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6C218223639B8291EA61AB52F4916EAE364FF847C4F800135EE8D43A59DF3CD2168710
                                                                                                                                                                                                Function 00007FF7774D2880 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 57COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetCurrentProcessId.KERNEL32(?,?,?,?,?,00007FF7774D3BC3,?,00007FF7774D3CC2), ref: 00007FF7774D28CE
                                                                                                                                                                                                • OutputDebugStringW.KERNEL32(?,?,?,?,?,00007FF7774D3BC3,?,00007FF7774D3CC2), ref: 00007FF7774D2938
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CurrentDebugOutputProcessString
                                                                                                                                                                                                • String ID: DEBUG$[PYI-%d:%ls]
                                                                                                                                                                                                • API String ID: 181776342-790511422
                                                                                                                                                                                                • Opcode ID: bc909d26c9dc07dfb65630bf97fe78a0f14605aa939dcb74c70597dff8d1da7a
                                                                                                                                                                                                • Instruction ID: 7da1e65d459f8d3fedbf383d8c71c3d75a9ae2304131296ba514923c4d814b09
                                                                                                                                                                                                • Opcode Fuzzy Hash: bc909d26c9dc07dfb65630bf97fe78a0f14605aa939dcb74c70597dff8d1da7a
                                                                                                                                                                                                • Instruction Fuzzy Hash: AC118423738B4191E660EB61F8845AAB365FB84784F804536EF8D53A55DF7CE117C710
                                                                                                                                                                                                Function 00007FF7774E64B8 Relevance: 6.1, APIs: 4, Instructions: 90fileCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CloseCreateFileHandle_invalid_parameter_noinfo
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1279662727-0
                                                                                                                                                                                                • Opcode ID: d185cbf4a60f5ae576ca3d227a4fa15dfbff37ed7af454cf93889846c7a247a9
                                                                                                                                                                                                • Instruction ID: 74001efc0f0852ac6ff36ae43342b4f5aab7fd950956be9c43536c0f564da905
                                                                                                                                                                                                • Opcode Fuzzy Hash: d185cbf4a60f5ae576ca3d227a4fa15dfbff37ed7af454cf93889846c7a247a9
                                                                                                                                                                                                • Instruction Fuzzy Hash: 23418323E3878293E750AF229510379A260FF95768F509334EA6C03AD5DFBCA5A18721
                                                                                                                                                                                                Function 00007FF7774D2100 Relevance: 6.1, APIs: 4, Instructions: 52COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: LongWindow$DialogInvalidateRect
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1956198572-0
                                                                                                                                                                                                • Opcode ID: 0d6a54b01a0c48151da7b8fe57f6b19d6aed648dbf882a6b24d0b939765cf479
                                                                                                                                                                                                • Instruction ID: f0effdca2faee34cf72e25947281fcfd8fb55a310882844f09c0d02a47c44b49
                                                                                                                                                                                                • Opcode Fuzzy Hash: 0d6a54b01a0c48151da7b8fe57f6b19d6aed648dbf882a6b24d0b939765cf479
                                                                                                                                                                                                • Instruction Fuzzy Hash: F211AC22A3815241FA94B767E98427D9252EB85780FC88430DF8907B99CD2CD4974610
                                                                                                                                                                                                Function 00007FF7774DDACC Relevance: 4.6, APIs: 3, Instructions: 94COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: __scrt_acquire_startup_lock__scrt_dllmain_crt_thread_attach__scrt_get_show_window_mode__scrt_release_startup_lock
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3251591375-0
                                                                                                                                                                                                • Opcode ID: 16d03e73980375e06462375b2106f8ecdc7d8f81dd6b90faf4ae389839a669cc
                                                                                                                                                                                                • Instruction ID: c7f3223e24800b5bed8afbb9e6e52e7691c80f7a9d7a979ebe275638d068386e
                                                                                                                                                                                                • Opcode Fuzzy Hash: 16d03e73980375e06462375b2106f8ecdc7d8f81dd6b90faf4ae389839a669cc
                                                                                                                                                                                                • Instruction Fuzzy Hash: 4F315013A3C25341FEA4BB2694913B9A2919F41748FC54436EF8D472D7DE6CA427CA70
                                                                                                                                                                                                Function 00007FF7774EA8C0 Relevance: 4.5, APIs: 3, Instructions: 14COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Process$CurrentExitTerminate
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1703294689-0
                                                                                                                                                                                                • Opcode ID: b76257344a5b50ebda4ee83f8be65098c3a4b9f4f631976851ec82effe05ecc4
                                                                                                                                                                                                • Instruction ID: 071195c9e6ac2558db58790d4982ed9cd63e8359d4a90e31bcf242e3045e445e
                                                                                                                                                                                                • Opcode Fuzzy Hash: b76257344a5b50ebda4ee83f8be65098c3a4b9f4f631976851ec82effe05ecc4
                                                                                                                                                                                                • Instruction Fuzzy Hash: 9ED05E13B3870242FA283B331C4403892112F49750F841838CC0B02383CE6CA84F4221
                                                                                                                                                                                                Function 00007FF7774E0FCC Relevance: 3.2, APIs: 2, Instructions: 177COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3215553584-0
                                                                                                                                                                                                • Opcode ID: c4e64ce7d34520ab18a1a9df6a2c98bb111fb23a5c8be597fccc1ee1feab7f28
                                                                                                                                                                                                • Instruction ID: 83cbb234996a7b9b13ce826dbe4182811bbdd4ecd4126543c7ec6cb086050a42
                                                                                                                                                                                                • Opcode Fuzzy Hash: c4e64ce7d34520ab18a1a9df6a2c98bb111fb23a5c8be597fccc1ee1feab7f28
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6351E963B79281C6F624BE67980067AE2A1BF45BB4F944B70DD7D47BC5CEBCD4028620
                                                                                                                                                                                                Function 00007FF7774ECFC4 Relevance: 3.0, APIs: 2, Instructions: 46COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ErrorFileLastPointer
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2976181284-0
                                                                                                                                                                                                • Opcode ID: 96d2edb60fa6006c921da832751023f9e82c24f7d036db6c415003cfc4d6a9e5
                                                                                                                                                                                                • Instruction ID: aa5bbc6d66d03da6a03608a5305d4b47f2cfe62d56ab3db01bbd0f829ceb5d13
                                                                                                                                                                                                • Opcode Fuzzy Hash: 96d2edb60fa6006c921da832751023f9e82c24f7d036db6c415003cfc4d6a9e5
                                                                                                                                                                                                • Instruction Fuzzy Hash: D4118262A38B9181DA20AB26E404169A361EB45BF4F984735EE7D4B7E9CFBCD0568700
                                                                                                                                                                                                Function 00007FF7774EB7D8 Relevance: 3.0, APIs: 2, Instructions: 19memoryCOMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • RtlFreeHeap.NTDLL(?,?,?,00007FF7774F3BB2,?,?,?,00007FF7774F3BEF,?,?,00000000,00007FF7774F40B5,?,?,?,00007FF7774F3FE7), ref: 00007FF7774EB7EE
                                                                                                                                                                                                • GetLastError.KERNEL32(?,?,?,00007FF7774F3BB2,?,?,?,00007FF7774F3BEF,?,?,00000000,00007FF7774F40B5,?,?,?,00007FF7774F3FE7), ref: 00007FF7774EB7F8
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ErrorFreeHeapLast
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 485612231-0
                                                                                                                                                                                                • Opcode ID: 1b20a3debd526edf3a8c9a5df2e98288861d52d7c4b626b35b8767b378a30627
                                                                                                                                                                                                • Instruction ID: 666286cc1d9b154fd46b4b9980d530b38e8f738f9ba5f1e2fbeb568cafd194a9
                                                                                                                                                                                                • Opcode Fuzzy Hash: 1b20a3debd526edf3a8c9a5df2e98288861d52d7c4b626b35b8767b378a30627
                                                                                                                                                                                                • Instruction Fuzzy Hash: A6E08613F3970282FF147BF3988553492505F44B51FC48934CC1D47391DE6C68878230
                                                                                                                                                                                                Function 00007FF7774EB9E8 Relevance: 2.6, APIs: 2, Instructions: 59COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • CloseHandle.KERNEL32(?,?,?,00007FF7774EB865,?,?,00000000,00007FF7774EB91A), ref: 00007FF7774EBA56
                                                                                                                                                                                                • GetLastError.KERNEL32(?,?,?,00007FF7774EB865,?,?,00000000,00007FF7774EB91A), ref: 00007FF7774EBA60
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CloseErrorHandleLast
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 918212764-0
                                                                                                                                                                                                • Opcode ID: 112934bd90ed67d7ea17ef96cdf701313af9393377a295654a3cf3f6e4ed98fb
                                                                                                                                                                                                • Instruction ID: d5e2d736abd964a53e3f84f9e74a1b584d7554e26241c4a4bb60201a21a8f94d
                                                                                                                                                                                                • Opcode Fuzzy Hash: 112934bd90ed67d7ea17ef96cdf701313af9393377a295654a3cf3f6e4ed98fb
                                                                                                                                                                                                • Instruction Fuzzy Hash: 0321CF13B3868241FE517722948067992829F857B0F884335DE6E472C2CEECE4478321
                                                                                                                                                                                                Function 00007FF7774ECD3C Relevance: 1.6, APIs: 1, Instructions: 112COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3215553584-0
                                                                                                                                                                                                • Opcode ID: 344e63662847237e0b97254d560fa1a354dc3eb6544fb98752088a82209b4f15
                                                                                                                                                                                                • Instruction ID: 784e1c444bff7cb1593dae2cbc48023face7746de150007cbc17fa391badf40a
                                                                                                                                                                                                • Opcode Fuzzy Hash: 344e63662847237e0b97254d560fa1a354dc3eb6544fb98752088a82209b4f15
                                                                                                                                                                                                • Instruction Fuzzy Hash: 8241C93393870187EA34AB2AE541679B7A0EF55F60F940631DE9E43690CFADE403C761
                                                                                                                                                                                                Function 00007FF7774EC7CC Relevance: 1.6, APIs: 1, Instructions: 79COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3215553584-0
                                                                                                                                                                                                • Opcode ID: a2e5381428b21ee47129e20153b1025ca0327abd0cc1cd39f75774f17e046770
                                                                                                                                                                                                • Instruction ID: df2aae6992d23cd2336b31ee904b7ffc667bd7a4dca17935f02f4d1e821bfbb0
                                                                                                                                                                                                • Opcode Fuzzy Hash: a2e5381428b21ee47129e20153b1025ca0327abd0cc1cd39f75774f17e046770
                                                                                                                                                                                                • Instruction Fuzzy Hash: 8B316B63E3861285E6217B56884137CA660BF44B76FD14635ED2D433D2CEFCA4438371
                                                                                                                                                                                                Function 00007FF7774EA7F1 Relevance: 1.6, APIs: 1, Instructions: 61COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: HandleModule$AddressFreeLibraryProc
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3947729631-0
                                                                                                                                                                                                • Opcode ID: 5c87d5e2cdc2aee00809c2c9bd46e42fe3ca8807361521a4afe60ccc332579e8
                                                                                                                                                                                                • Instruction ID: 4a52cbdef48b31ab10a09d122a8b0df8b8e4606e7c4e2043841b686e300e3ef8
                                                                                                                                                                                                • Opcode Fuzzy Hash: 5c87d5e2cdc2aee00809c2c9bd46e42fe3ca8807361521a4afe60ccc332579e8
                                                                                                                                                                                                • Instruction Fuzzy Hash: EF217F33F2474189FB64AF66C4442BC73A0FB44728F844A36DA5D06AD5DF78D546CB90
                                                                                                                                                                                                Function 00007FF7774E6E24 Relevance: 1.6, APIs: 1, Instructions: 55COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3215553584-0
                                                                                                                                                                                                • Opcode ID: d0ecc1d4814c8292f6d285d86e9f4332b8d7141ecd04c52723bb65a1ba9d936a
                                                                                                                                                                                                • Instruction ID: b25b869373727d382b8e027208f09ab1231a8f5db97e61af0cc65f2e265d28a7
                                                                                                                                                                                                • Opcode Fuzzy Hash: d0ecc1d4814c8292f6d285d86e9f4332b8d7141ecd04c52723bb65a1ba9d936a
                                                                                                                                                                                                • Instruction Fuzzy Hash: A7119623A3C64191EA61BF53D400A7DE364AF85BA4FC44431EE6C57B96CFBCE4228761
                                                                                                                                                                                                Function 00007FF7774F71E4 Relevance: 1.6, APIs: 1, Instructions: 54COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3215553584-0
                                                                                                                                                                                                • Opcode ID: 1efe6439c1f0d71c5b97f8069ea4f116aceac123a977d1e365d726560a3bc520
                                                                                                                                                                                                • Instruction ID: 6723a95297c4612080482213c08877412c897a84869a54a7ae0659560dfdcc5c
                                                                                                                                                                                                • Opcode Fuzzy Hash: 1efe6439c1f0d71c5b97f8069ea4f116aceac123a977d1e365d726560a3bc520
                                                                                                                                                                                                • Instruction Fuzzy Hash: 3A218633638A8286D761AF29D440379B6A0FB84B54F984234FE5D476D5DF3CD4028B10
                                                                                                                                                                                                Function 00007FF7774E124C Relevance: 1.5, APIs: 1, Instructions: 48COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3215553584-0
                                                                                                                                                                                                • Opcode ID: 8e9754deeba93abb4745aa2efb451e77357aefa8fb0fbddb16feb6c8c90fdd62
                                                                                                                                                                                                • Instruction ID: 023f8ff444d589457cf07726fd9f4ed26b43914b3a34977a99c4b0eddf45529b
                                                                                                                                                                                                • Opcode Fuzzy Hash: 8e9754deeba93abb4745aa2efb451e77357aefa8fb0fbddb16feb6c8c90fdd62
                                                                                                                                                                                                • Instruction Fuzzy Hash: F101C862B3874281E904BB679901179E7A1BF86FF0F884A71DE6C67BD6CEBCD4124310
                                                                                                                                                                                                Function 00007FF7774D9E00 Relevance: 1.5, APIs: 1, Instructions: 19libraryCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                  • Part of subcall function 00007FF7774DA220: MultiByteToWideChar.KERNEL32(?,?,?,00007FF7774D3CB6), ref: 00007FF7774DA259
                                                                                                                                                                                                • LoadLibraryExW.KERNEL32(?,00007FF7774D6B9B,?,00007FF7774D35EE), ref: 00007FF7774D9E22
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ByteCharLibraryLoadMultiWide
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2592636585-0
                                                                                                                                                                                                • Opcode ID: 5f128538f2523a4eba0a93d9d6b91d4d83038ae9c5489ace6f7b5f5bc1d7f4d2
                                                                                                                                                                                                • Instruction ID: bfd4d2048c679a5b4e6344f12c319b010ad258ad3860436bc145ae1c6c108c0f
                                                                                                                                                                                                • Opcode Fuzzy Hash: 5f128538f2523a4eba0a93d9d6b91d4d83038ae9c5489ace6f7b5f5bc1d7f4d2
                                                                                                                                                                                                • Instruction Fuzzy Hash: BCD0C202F3824641EA94B767BA46A79D1519F89BC0F88D034EE5C03B46EC3CC4964B00
                                                                                                                                                                                                Function 00007FF8A8782B58 Relevance: 1.5, APIs: 1, Instructions: 12COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Free
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3978063606-0
                                                                                                                                                                                                • Opcode ID: fb128cc568dcee73a38db5d6e8c2531c5ff05eb1f8ac0af479b44c2e35020676
                                                                                                                                                                                                • Instruction ID: f50701b6abebd8459314cb88cfece952a9138acc8dc1dce0a18f0365e51ffa3a
                                                                                                                                                                                                • Opcode Fuzzy Hash: fb128cc568dcee73a38db5d6e8c2531c5ff05eb1f8ac0af479b44c2e35020676
                                                                                                                                                                                                • Instruction Fuzzy Hash: BFC01265F07403DBE34827389C6B2691190AF49351F904034E10EC2AD0DE0C68594765
                                                                                                                                                                                                Function 00007FF7774EFA28 Relevance: 1.3, APIs: 1, Instructions: 36memoryCOMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • HeapAlloc.KERNEL32(?,?,00000000,00007FF7774EC1BA,?,?,?,00007FF7774E5DA1,?,?,?,?,00007FF7774EB31A), ref: 00007FF7774EFA7D
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: AllocHeap
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 4292702814-0
                                                                                                                                                                                                • Opcode ID: 1fec90483929581ecf61e3aa8e6a4315ca1e17ba0cf65d59ce036437c1ee893b
                                                                                                                                                                                                • Instruction ID: 3d7ec49b00672ca50a0232711a3d2a9a3e0575dd4157474740d0262605447a5e
                                                                                                                                                                                                • Opcode Fuzzy Hash: 1fec90483929581ecf61e3aa8e6a4315ca1e17ba0cf65d59ce036437c1ee893b
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6DF04F06B3964355FF947BA794543B4D2C05F48B60FCC6430CD0D4A6C1DE9CA4874230
                                                                                                                                                                                                Function 00007FF7774EE48C Relevance: 1.3, APIs: 1, Instructions: 29memoryCOMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • HeapAlloc.KERNEL32(?,?,?,00007FF7774E1A74,?,?,?,00007FF7774E2F86,?,?,?,?,?,00007FF7774E4579), ref: 00007FF7774EE4CA
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: AllocHeap
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 4292702814-0
                                                                                                                                                                                                • Opcode ID: efacbb839d677795a0d989681b51e67fb8ba832133a292f9e9a9629c8f364437
                                                                                                                                                                                                • Instruction ID: 1286be16d1ce6650715842c9f801cdb9d7bf077627baa6ce2f3a121f87d6207e
                                                                                                                                                                                                • Opcode Fuzzy Hash: efacbb839d677795a0d989681b51e67fb8ba832133a292f9e9a9629c8f364437
                                                                                                                                                                                                • Instruction Fuzzy Hash: B8F0F813BB925B55FA6476B35945675D2804F84BB0F884A30EE2E866C2DEACE5838234

                                                                                                                                                                                                Non-executed Functions

                                                                                                                                                                                                Function 00007FF7774D97F0 Relevance: 112.3, APIs: 36, Strings: 28, Instructions: 319synchronizationwindowregistryCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ErrorLast$MessageObjectProcessSingleWait$Window$CloseCreateHandlePeek$ByteCharClassCodeCommandConsoleCtrlCurrentDebugDestroyDispatchExitHandlerInfoLineMultiOutputRegisterShowStartupStringTerminateTranslateWide
                                                                                                                                                                                                • String ID: CreateProcessW$Failed to create child process!$LOADER: TerminateProcess call failed (%d)$LOADER: WaitForSingleObject() failed with error code %d!$LOADER: child process has finished - exiting the wait loop!$LOADER: child process has finished.$LOADER: child process not terminated!$LOADER: child process started!$LOADER: child process terminated!$LOADER: creating hidden window to capture system shutdown events...$LOADER: done waiting for WM_QUERYENDSESSION - message received!$LOADER: done waiting for WM_QUERYENDSESSION - timed-out!$LOADER: entering the waiting loop...$LOADER: failed to create hidden window (%d)!$LOADER: failed to install console ctrl handler!$LOADER: failed to register hidden window class (%d)!$LOADER: handling console shutdown - giving the child %d ms to exit...$LOADER: hidden window created!$LOADER: made it out of the waiting loop!$LOADER: received console shutdown event - exiting the wait loop!$LOADER: received session shutdown signal via WM_QUERYENDSESSION; waiting for WM_ENDSESSION...$LOADER: retrieving process exit code and performing cleanup...$LOADER: setting up child process...$LOADER: terminating the child process...$LOADER: waited %lld ms / %d ms...$LOADER: waiting %d ms in case we receive WM_QUERYENDSESSION...$PyInstaller Onefile Hidden Window$PyInstallerOnefileHiddenWindow
                                                                                                                                                                                                • API String ID: 247756579-819605309
                                                                                                                                                                                                • Opcode ID: 9e68f0d3c1ae404164363dc681d093a88c430c894559e0f741e3528e3a4623fa
                                                                                                                                                                                                • Instruction ID: 8e2d26d3197687b28d7b86f012be9bbe24934b8bdeafe9c5d13b027d0f9780b5
                                                                                                                                                                                                • Opcode Fuzzy Hash: 9e68f0d3c1ae404164363dc681d093a88c430c894559e0f741e3528e3a4623fa
                                                                                                                                                                                                • Instruction Fuzzy Hash: 52F16323A38A8296FB54BB35E8902B9A360FF44754FC40235DE5D836A5DF3CE566C720
                                                                                                                                                                                                Function 00007FF8A8936100 Relevance: 31.9, APIs: 10, Strings: 8, Instructions: 351stringCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: strspn$strncmp$strcspn
                                                                                                                                                                                                • String ID: $ $ ,$..\s\crypto\pem\pem_lib.c$DEK-Info:$ENCRYPTED$Expecting: $Proc-Type:
                                                                                                                                                                                                • API String ID: 232339659-387852012
                                                                                                                                                                                                • Opcode ID: c727e7b79681e13fa786a26f4670d2cafe1edc675d1980e5690cae0e7b50c03f
                                                                                                                                                                                                • Instruction ID: b1a1b439be166ba78de01751a4bafcdbabf68d31d7cd4c9855c991bf4638bc83
                                                                                                                                                                                                • Opcode Fuzzy Hash: c727e7b79681e13fa786a26f4670d2cafe1edc675d1980e5690cae0e7b50c03f
                                                                                                                                                                                                • Instruction Fuzzy Hash: 88F1BF76F0AA02A6FB11CB72D4442B823A1FB057C8F488035CE4D57695EF3CE54AC368
                                                                                                                                                                                                Function 00007FF8B837F400 Relevance: 24.5, APIs: 16, Instructions: 493COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411114212.00007FF8B8331000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF8B8330000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411075132.00007FF8B8330000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411240037.00007FF8B83F7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411275256.00007FF8B83F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8330000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: log2$memset$memmove
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1685334282-0
                                                                                                                                                                                                • Opcode ID: 1edd070486128180aaf4a9b6a699bce50f64173daa6afe7625103dfdb958fdbf
                                                                                                                                                                                                • Instruction ID: e24266297dd74c13ae6d8bd63b7609e6ece836525116e0ffede4ad2b66b7520c
                                                                                                                                                                                                • Opcode Fuzzy Hash: 1edd070486128180aaf4a9b6a699bce50f64173daa6afe7625103dfdb958fdbf
                                                                                                                                                                                                • Instruction Fuzzy Hash: 3322C236A14F8586DA169B38D5107BAB765FF597C8F198332DB8B27650DF3EE0828304
                                                                                                                                                                                                Function 00007FF8B837FEB0 Relevance: 24.5, APIs: 16, Instructions: 493COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411114212.00007FF8B8331000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF8B8330000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411075132.00007FF8B8330000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411240037.00007FF8B83F7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411275256.00007FF8B83F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8330000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: log2$memset$memmove
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1685334282-0
                                                                                                                                                                                                • Opcode ID: d0ebc9dcb9b4dfbefd1d47e463b8048210ff77d408c872b9899fd701b123924b
                                                                                                                                                                                                • Instruction ID: f3cfd3c1222fefae088866b70405d593178243310c705ded427ce42643632128
                                                                                                                                                                                                • Opcode Fuzzy Hash: d0ebc9dcb9b4dfbefd1d47e463b8048210ff77d408c872b9899fd701b123924b
                                                                                                                                                                                                • Instruction Fuzzy Hash: C722C132A04F8586DA1A9B3991503BAA365FF997D4F198332DB8F27751DF3DE0828704
                                                                                                                                                                                                Function 00007FF8A8782671 Relevance: 21.2, APIs: 7, Strings: 5, Instructions: 168COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: EnvironmentVariable$ByteCharMultiWide
                                                                                                                                                                                                • String ID: .rnd$HOME$RANDFILE$SYSTEMROOT$USERPROFILE
                                                                                                                                                                                                • API String ID: 2184640988-1666712896
                                                                                                                                                                                                • Opcode ID: 6ae7bf8170fe4eb4311700b15542d8ceb35a2668fc38af68052a7f4661d56c96
                                                                                                                                                                                                • Instruction ID: efdb2ddfa2226e96b296ce5187bd2cded1785352ab7e19609f5039e202ed9a5a
                                                                                                                                                                                                • Opcode Fuzzy Hash: 6ae7bf8170fe4eb4311700b15542d8ceb35a2668fc38af68052a7f4661d56c96
                                                                                                                                                                                                • Instruction Fuzzy Hash: E9611622B1ABC3A6EB109F25A45417967A1FF45BE9F484231DE2E43BD0EF3DE0058324
                                                                                                                                                                                                Function 00007FF8A878322E Relevance: 19.8, APIs: 13, Instructions: 251fileCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ByteCharMultiWide_errno$FileFind$ErrorFirstLastNextfreemalloc
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2879850182-0
                                                                                                                                                                                                • Opcode ID: 2d14182a43d6b154a267ad0b98e55e0737c9bb517ed9d516c0e43a6e55635043
                                                                                                                                                                                                • Instruction ID: c5fec1444c0066e7b02f2900e47d2c3802029f327bc6bbb9cdd01fa41dcf9dc1
                                                                                                                                                                                                • Opcode Fuzzy Hash: 2d14182a43d6b154a267ad0b98e55e0737c9bb517ed9d516c0e43a6e55635043
                                                                                                                                                                                                • Instruction Fuzzy Hash: 0DB1C462A06B82DAEB508F65D448279B7A4FF48BE6F484335DA5D43794FF3CE0418328
                                                                                                                                                                                                Function 00007FF8B8376FC0 Relevance: 18.4, APIs: 12, Instructions: 450COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411114212.00007FF8B8331000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF8B8330000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411075132.00007FF8B8330000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411240037.00007FF8B83F7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411275256.00007FF8B83F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8330000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: log2
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 4048861018-0
                                                                                                                                                                                                • Opcode ID: 1ba6ff57bb3133cb648baf168f3054a4e5542cce55b8d95569e4c63513385875
                                                                                                                                                                                                • Instruction ID: 6d46ee6d1569947985725b662cbf63dcb902ca53f1e6fdcff9f03650f49b63b5
                                                                                                                                                                                                • Opcode Fuzzy Hash: 1ba6ff57bb3133cb648baf168f3054a4e5542cce55b8d95569e4c63513385875
                                                                                                                                                                                                • Instruction Fuzzy Hash: A702D635F18E01CAE607C77881417BAA7666F297D8F1AC332EA0F36654DF79A0938744
                                                                                                                                                                                                Function 00007FF7774D8E90 Relevance: 17.6, APIs: 6, Strings: 4, Instructions: 100fileCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • FindFirstFileW.KERNEL32(?,00007FF7774D9729,00007FF7774D3A80), ref: 00007FF7774D8EFB
                                                                                                                                                                                                • RemoveDirectoryW.KERNEL32(?,00007FF7774D9729,00007FF7774D3A80), ref: 00007FF7774D8F86
                                                                                                                                                                                                • DeleteFileW.KERNEL32(?,00007FF7774D9729,00007FF7774D3A80), ref: 00007FF7774D8FBB
                                                                                                                                                                                                • FindNextFileW.KERNEL32(?,00007FF7774D9729,00007FF7774D3A80), ref: 00007FF7774D8FE1
                                                                                                                                                                                                • FindClose.KERNEL32(?,00007FF7774D9729,00007FF7774D3A80), ref: 00007FF7774D8FF2
                                                                                                                                                                                                • RemoveDirectoryW.KERNEL32(?,00007FF7774D9729,00007FF7774D3A80), ref: 00007FF7774D8FFB
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: FileFind$DirectoryRemove$CloseDeleteFirstNext
                                                                                                                                                                                                • String ID: %s\*$LOADER: failed to remove directory symbolic link: %ls$LOADER: failed to remove directory: %ls$LOADER: failed to remove file: %ls
                                                                                                                                                                                                • API String ID: 1057558799-1659351542
                                                                                                                                                                                                • Opcode ID: f802805698d42e27875edb504d05d6784fb30aaadce349cc1165116ee08b7f93
                                                                                                                                                                                                • Instruction ID: 6f6acb368705198b07fafe8be00cb737afc2a7e696583aa333c52a360fb5dfca
                                                                                                                                                                                                • Opcode Fuzzy Hash: f802805698d42e27875edb504d05d6784fb30aaadce349cc1165116ee08b7f93
                                                                                                                                                                                                • Instruction Fuzzy Hash: B8418422A3CA4291EAB0BB22E4841FAE3A5FB94754FC00535EF8D825D4EF2CD51BC710
                                                                                                                                                                                                Function 00007FF8A8661860 Relevance: 13.9, APIs: 9, Instructions: 437COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408935570.00007FF8A8661000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF8A8660000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408899288.00007FF8A8660000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8666000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A86C4000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8713000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A876C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409279437.00007FF8A876F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409316182.00007FF8A8771000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8660000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Mem_$SubtypeType_$DataFreeFromKindMallocReallocUnicode_
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1742244024-0
                                                                                                                                                                                                • Opcode ID: c9d9c4627cf2f8baa2e07995f47ef7262a1ee094cf9010b1a5e97e1c28034e83
                                                                                                                                                                                                • Instruction ID: 676dac5edcf8cb469d56e883331857e92e5017659fc1e568493a2f26d92655f7
                                                                                                                                                                                                • Opcode Fuzzy Hash: c9d9c4627cf2f8baa2e07995f47ef7262a1ee094cf9010b1a5e97e1c28034e83
                                                                                                                                                                                                • Instruction Fuzzy Hash: 63022472A0E5C2A2F76C8B19D55C67D66A1FB457C4F146235DA8F86794EF3CE800C328
                                                                                                                                                                                                Function 00007FF8A8663028 Relevance: 13.6, APIs: 9, Instructions: 72COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408935570.00007FF8A8661000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF8A8660000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408899288.00007FF8A8660000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8666000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A86C4000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8713000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A876C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409279437.00007FF8A876F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409316182.00007FF8A8771000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8660000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ExceptionFilterPresentUnhandledmemset$CaptureContextDebuggerEntryFeatureFunctionLookupProcessorUnwindVirtual
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 313767242-0
                                                                                                                                                                                                • Opcode ID: bc038827588cf40f583b99cfdd4304ae94c893dbf377535741e30029c5cf38f6
                                                                                                                                                                                                • Instruction ID: 25733413ef13e109c94f31bb115deb0ff0abafebc5df67365ba5b8a8cdf655e9
                                                                                                                                                                                                • Opcode Fuzzy Hash: bc038827588cf40f583b99cfdd4304ae94c893dbf377535741e30029c5cf38f6
                                                                                                                                                                                                • Instruction Fuzzy Hash: BD31397260ABC19AFB648F60E9543EE7364FB84784F44503ADA4F47A98DF38D648C724
                                                                                                                                                                                                Function 00007FF8B8377660 Relevance: 10.8, APIs: 7, Instructions: 267COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411114212.00007FF8B8331000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF8B8330000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411075132.00007FF8B8330000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411240037.00007FF8B83F7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411275256.00007FF8B83F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8330000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: log2$memset
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3759962277-0
                                                                                                                                                                                                • Opcode ID: 0a616068c14d0cc25b55d560957346411adc6e39c4d7ed9e6f163420d756dbf1
                                                                                                                                                                                                • Instruction ID: c16acff50c97d9940f1e3e0cdd65af180dcc71ef232607177f4d8b020a1f7cfc
                                                                                                                                                                                                • Opcode Fuzzy Hash: 0a616068c14d0cc25b55d560957346411adc6e39c4d7ed9e6f163420d756dbf1
                                                                                                                                                                                                • Instruction Fuzzy Hash: A0B12925E19E55C9E607973881017BAAA56AF5A7D8F1AC332EA4F27754DF3CE0838304
                                                                                                                                                                                                Function 00007FF8B8366F40 Relevance: 10.8, APIs: 5, Strings: 1, Instructions: 265COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411114212.00007FF8B8331000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF8B8330000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411075132.00007FF8B8330000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411240037.00007FF8B83F7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411275256.00007FF8B83F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8330000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: exitmemset
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2099101326-2920267241
                                                                                                                                                                                                • Opcode ID: 1e7f654b3abe498549c85a9da2b5d6289def08c45c33cc899f933d97bd9daf92
                                                                                                                                                                                                • Instruction ID: 7b6b019cc7f95c36c914667d684ac28ad9e77e66d92d9878eecbec756293e23d
                                                                                                                                                                                                • Opcode Fuzzy Hash: 1e7f654b3abe498549c85a9da2b5d6289def08c45c33cc899f933d97bd9daf92
                                                                                                                                                                                                • Instruction Fuzzy Hash: 4AC10672618BC582D660CB29F8407AAB7A4FB89BC4F544126EFCD43B59DF38D156CB04
                                                                                                                                                                                                Function 00007FF8A8785A24 Relevance: 10.6, APIs: 7, Instructions: 73COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ExceptionFilterPresentUnhandled$CaptureContextDebuggerEntryFeatureFunctionLookupProcessorUnwindVirtual
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3140674995-0
                                                                                                                                                                                                • Opcode ID: fd064582dca017b65f84a5af08fa13e40438419c70a5fa8198f5f7a8a5acb07e
                                                                                                                                                                                                • Instruction ID: 50c67aab08427de23b01762b70d9b22c44faab563c35d96a2d9324631044f1fc
                                                                                                                                                                                                • Opcode Fuzzy Hash: fd064582dca017b65f84a5af08fa13e40438419c70a5fa8198f5f7a8a5acb07e
                                                                                                                                                                                                • Instruction Fuzzy Hash: 42315CB260AA81A9EB609F64E8547EE3370FB84785F44403ADB4D47B94EF3CD548C724
                                                                                                                                                                                                Function 00007FF7774DDFBC Relevance: 10.6, APIs: 7, Instructions: 71COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ExceptionFilterPresentUnhandled$CaptureContextDebuggerEntryFeatureFunctionLookupProcessorUnwindVirtual
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3140674995-0
                                                                                                                                                                                                • Opcode ID: c3adc2d70a46416e0016ebc7a976b5d71081f12b88a2fc355b22615e51f13282
                                                                                                                                                                                                • Instruction ID: 4c21a652f03d6d783ebf9674add508f0290d9bc39b196231d77948fbf985200e
                                                                                                                                                                                                • Opcode Fuzzy Hash: c3adc2d70a46416e0016ebc7a976b5d71081f12b88a2fc355b22615e51f13282
                                                                                                                                                                                                • Instruction Fuzzy Hash: E7315073A28B8186EB609F61E8807EDB364FB85704F84443ADB4D47B98DF38D559C720
                                                                                                                                                                                                Function 00007FF7774F6A90 Relevance: 9.3, APIs: 6, Instructions: 334timeCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • _get_daylight.LIBCMT ref: 00007FF7774F6AD5
                                                                                                                                                                                                  • Part of subcall function 00007FF7774F6428: _invalid_parameter_noinfo.LIBCMT ref: 00007FF7774F643C
                                                                                                                                                                                                  • Part of subcall function 00007FF7774EB7D8: RtlFreeHeap.NTDLL(?,?,?,00007FF7774F3BB2,?,?,?,00007FF7774F3BEF,?,?,00000000,00007FF7774F40B5,?,?,?,00007FF7774F3FE7), ref: 00007FF7774EB7EE
                                                                                                                                                                                                  • Part of subcall function 00007FF7774EB7D8: GetLastError.KERNEL32(?,?,?,00007FF7774F3BB2,?,?,?,00007FF7774F3BEF,?,?,00000000,00007FF7774F40B5,?,?,?,00007FF7774F3FE7), ref: 00007FF7774EB7F8
                                                                                                                                                                                                  • Part of subcall function 00007FF7774EB790: IsProcessorFeaturePresent.KERNEL32(?,?,?,?,00007FF7774EB76F,?,?,?,?,?,00007FF7774EB65A), ref: 00007FF7774EB799
                                                                                                                                                                                                  • Part of subcall function 00007FF7774EB790: GetCurrentProcess.KERNEL32(?,?,?,?,00007FF7774EB76F,?,?,?,?,?,00007FF7774EB65A), ref: 00007FF7774EB7BE
                                                                                                                                                                                                • _get_daylight.LIBCMT ref: 00007FF7774F6AC4
                                                                                                                                                                                                  • Part of subcall function 00007FF7774F6488: _invalid_parameter_noinfo.LIBCMT ref: 00007FF7774F649C
                                                                                                                                                                                                • _get_daylight.LIBCMT ref: 00007FF7774F6D3A
                                                                                                                                                                                                • _get_daylight.LIBCMT ref: 00007FF7774F6D4B
                                                                                                                                                                                                • _get_daylight.LIBCMT ref: 00007FF7774F6D5C
                                                                                                                                                                                                • GetTimeZoneInformation.KERNEL32(?,?,?,?,?,?,?,?,?,00000000,?,00007FF7774F6F9C), ref: 00007FF7774F6D83
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _get_daylight$_invalid_parameter_noinfo$CurrentErrorFeatureFreeHeapInformationLastPresentProcessProcessorTimeZone
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 4070488512-0
                                                                                                                                                                                                • Opcode ID: 21d60ebfbae8e31730b035635c8b8c2b126424aee6fcc9a8911b7a28c2f6a71d
                                                                                                                                                                                                • Instruction ID: 282e3e2d7420db3c61a977b88e64d0cfa991c300e74c768c0e133425b8d2031d
                                                                                                                                                                                                • Opcode Fuzzy Hash: 21d60ebfbae8e31730b035635c8b8c2b126424aee6fcc9a8911b7a28c2f6a71d
                                                                                                                                                                                                • Instruction Fuzzy Hash: DED1D023A3825296EB20BF26D4415B9A7A1FF85B98FC84435EE4D47A85DF3CE442C361
                                                                                                                                                                                                Function 00007FF8B835F5D0 Relevance: 9.2, APIs: 6, Instructions: 245COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411114212.00007FF8B8331000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF8B8330000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411075132.00007FF8B8330000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411240037.00007FF8B83F7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411275256.00007FF8B83F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8330000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: memset$log2
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3851851888-0
                                                                                                                                                                                                • Opcode ID: 64f3392d5d0c07b22c2d9f88ec33949d3f89d5b72106fb347fe14f0603d3ecf4
                                                                                                                                                                                                • Instruction ID: d5874960894296cff0e0b2d67ecbd792d3080a6b29224096a4f879bb15583c04
                                                                                                                                                                                                • Opcode Fuzzy Hash: 64f3392d5d0c07b22c2d9f88ec33949d3f89d5b72106fb347fe14f0603d3ecf4
                                                                                                                                                                                                • Instruction Fuzzy Hash: 8FA1C622A18FC585D6128B39A4007EAA765FF9A7C4F089232DF8E27655DF3DE047C704
                                                                                                                                                                                                Function 00007FF8B8362700 Relevance: 9.2, APIs: 6, Instructions: 239COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411114212.00007FF8B8331000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF8B8330000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411075132.00007FF8B8330000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411240037.00007FF8B83F7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411275256.00007FF8B83F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8330000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: memset$log2
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3851851888-0
                                                                                                                                                                                                • Opcode ID: 630956aaa5f078cabb962465cabea9a2edb90d42bcb192cf7cf7d8a395303877
                                                                                                                                                                                                • Instruction ID: e4391a897bfc4f224ff7cb29ad7a1db97123e3e8187ccf586307e529dfd05c57
                                                                                                                                                                                                • Opcode Fuzzy Hash: 630956aaa5f078cabb962465cabea9a2edb90d42bcb192cf7cf7d8a395303877
                                                                                                                                                                                                • Instruction Fuzzy Hash: 4BA1C622A1CBC685D6528B3DA4407AAE755FF9A7C4F098232DB4E27A55CF3CE087C704
                                                                                                                                                                                                Function 00007FF8B8360EB0 Relevance: 9.2, APIs: 6, Instructions: 239COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411114212.00007FF8B8331000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF8B8330000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411075132.00007FF8B8330000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411240037.00007FF8B83F7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411275256.00007FF8B83F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8330000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: memset$log2
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3851851888-0
                                                                                                                                                                                                • Opcode ID: 9cac2ff7569d438a0fc14b80d39a9464d9c8e47c46ba66bb0d0afa152fd710d5
                                                                                                                                                                                                • Instruction ID: 6c531ff72405f78f08ff840c1038e8521ba684682ab98c63183c8f71acce4022
                                                                                                                                                                                                • Opcode Fuzzy Hash: 9cac2ff7569d438a0fc14b80d39a9464d9c8e47c46ba66bb0d0afa152fd710d5
                                                                                                                                                                                                • Instruction Fuzzy Hash: 68A1E522A1CBC585E6128B79A4113AAF765FF9A7C4F088232DB4E27655DF3DE087C704
                                                                                                                                                                                                Function 00007FF7774EB4A4 Relevance: 9.1, APIs: 6, Instructions: 83COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ExceptionFilterUnhandled$CaptureContextDebuggerEntryFunctionLookupPresentUnwindVirtual
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1239891234-0
                                                                                                                                                                                                • Opcode ID: 4ae03e7b9a19b86c5d22b90a6790336bc10b9c87be4c5dc0ee32ae9123a7051c
                                                                                                                                                                                                • Instruction ID: 76f1e0574038eace907714abb11f2dd32c250b4b5c91b2c367baa86c26cd2f78
                                                                                                                                                                                                • Opcode Fuzzy Hash: 4ae03e7b9a19b86c5d22b90a6790336bc10b9c87be4c5dc0ee32ae9123a7051c
                                                                                                                                                                                                • Instruction Fuzzy Hash: 5B318733628B8186DB60DF65E8806AEB3A4FB85758F950236EE8D43B54DF3CC556CB10
                                                                                                                                                                                                Function 00007FF8B835E090 Relevance: 7.9, APIs: 5, Instructions: 359COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • log2.API-MS-WIN-CRT-MATH-L1-1-0(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000100,?), ref: 00007FF8B835E341
                                                                                                                                                                                                • log2.API-MS-WIN-CRT-MATH-L1-1-0(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000100,?), ref: 00007FF8B835E3C5
                                                                                                                                                                                                • log2.API-MS-WIN-CRT-MATH-L1-1-0(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000100,?), ref: 00007FF8B835E551
                                                                                                                                                                                                • log2.API-MS-WIN-CRT-MATH-L1-1-0(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000100,?), ref: 00007FF8B835E5B0
                                                                                                                                                                                                • log2.API-MS-WIN-CRT-MATH-L1-1-0(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000100,?), ref: 00007FF8B835E600
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411114212.00007FF8B8331000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF8B8330000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411075132.00007FF8B8330000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411240037.00007FF8B83F7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411275256.00007FF8B83F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8330000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: log2
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 4048861018-0
                                                                                                                                                                                                • Opcode ID: 4ce18a24f6bbc4e66d1632d99029d87051404aa3dbe531e978db1d1c2478575e
                                                                                                                                                                                                • Instruction ID: e1fbe1c65c69bcf59cf505ab827bf68ce4a3e2a9b2230cca9f1a372882100504
                                                                                                                                                                                                • Opcode Fuzzy Hash: 4ce18a24f6bbc4e66d1632d99029d87051404aa3dbe531e978db1d1c2478575e
                                                                                                                                                                                                • Instruction Fuzzy Hash: 4FE1A671E18E858AE6178B3D91013B9A356FF9D7D4F189336DA4F22754EB39B0838704
                                                                                                                                                                                                Function 00007FF7774F2704 Relevance: 7.8, APIs: 5, Instructions: 282COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: FileFindFirst_invalid_parameter_noinfo
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2227656907-0
                                                                                                                                                                                                • Opcode ID: cf7461f85acd42e3485247e372fbe24a613c1ef59c66a98e18cf909f25cb1e89
                                                                                                                                                                                                • Instruction ID: 47ef4044578e073c8d0ad85959b57d109e1cc62f5406add07a9a3d9e48dac06a
                                                                                                                                                                                                • Opcode Fuzzy Hash: cf7461f85acd42e3485247e372fbe24a613c1ef59c66a98e18cf909f25cb1e89
                                                                                                                                                                                                • Instruction Fuzzy Hash: 53B1C323B3969241EA61EB2794105BEE390EB45BE4F885232EE4D47BC5DE7CE442C720
                                                                                                                                                                                                Function 00007FF8B8377AA0 Relevance: 6.2, APIs: 4, Instructions: 169COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411114212.00007FF8B8331000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF8B8330000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411075132.00007FF8B8330000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411240037.00007FF8B83F7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411275256.00007FF8B83F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8330000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: log2$memset
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3759962277-0
                                                                                                                                                                                                • Opcode ID: 7cb003af3fe56c2fa4ef3186a0cf0e2ba4dccb740a689c643034ce6301a7a5df
                                                                                                                                                                                                • Instruction ID: bf6fb2bba2acaa0bd01baf4075963ff80e37a1d0f4b096223900e7ea945ba3ab
                                                                                                                                                                                                • Opcode Fuzzy Hash: 7cb003af3fe56c2fa4ef3186a0cf0e2ba4dccb740a689c643034ce6301a7a5df
                                                                                                                                                                                                • Instruction Fuzzy Hash: BA613861F18E8689E517873C91017BA9655AF5D7D8F198332DB4F36A44EF2DF0438708
                                                                                                                                                                                                Function 00007FF8B8370600 Relevance: 6.2, APIs: 4, Instructions: 160COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411114212.00007FF8B8331000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF8B8330000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411075132.00007FF8B8330000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411240037.00007FF8B83F7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411275256.00007FF8B83F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8330000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: log2$memset
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3759962277-0
                                                                                                                                                                                                • Opcode ID: c462b1730b2cc9fe60fe652cd5c109c1ac0dba0022eaa0918e110071f0e1ffe6
                                                                                                                                                                                                • Instruction ID: 5f6060e0e587e845d94e594ffd59fa6156d7095026ad5bf340546160d68f9c8d
                                                                                                                                                                                                • Opcode Fuzzy Hash: c462b1730b2cc9fe60fe652cd5c109c1ac0dba0022eaa0918e110071f0e1ffe6
                                                                                                                                                                                                • Instruction Fuzzy Hash: D7513625F18E8449E507973C812177AE656AFA97D8F1D8332EA4F32A51DF2DF0838708
                                                                                                                                                                                                Function 00007FF7774F6D0C Relevance: 6.1, APIs: 4, Instructions: 143timeCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • _get_daylight.LIBCMT ref: 00007FF7774F6D3A
                                                                                                                                                                                                  • Part of subcall function 00007FF7774F6488: _invalid_parameter_noinfo.LIBCMT ref: 00007FF7774F649C
                                                                                                                                                                                                • _get_daylight.LIBCMT ref: 00007FF7774F6D4B
                                                                                                                                                                                                  • Part of subcall function 00007FF7774F6428: _invalid_parameter_noinfo.LIBCMT ref: 00007FF7774F643C
                                                                                                                                                                                                • _get_daylight.LIBCMT ref: 00007FF7774F6D5C
                                                                                                                                                                                                  • Part of subcall function 00007FF7774F6458: _invalid_parameter_noinfo.LIBCMT ref: 00007FF7774F646C
                                                                                                                                                                                                  • Part of subcall function 00007FF7774EB7D8: RtlFreeHeap.NTDLL(?,?,?,00007FF7774F3BB2,?,?,?,00007FF7774F3BEF,?,?,00000000,00007FF7774F40B5,?,?,?,00007FF7774F3FE7), ref: 00007FF7774EB7EE
                                                                                                                                                                                                  • Part of subcall function 00007FF7774EB7D8: GetLastError.KERNEL32(?,?,?,00007FF7774F3BB2,?,?,?,00007FF7774F3BEF,?,?,00000000,00007FF7774F40B5,?,?,?,00007FF7774F3FE7), ref: 00007FF7774EB7F8
                                                                                                                                                                                                • GetTimeZoneInformation.KERNEL32(?,?,?,?,?,?,?,?,?,00000000,?,00007FF7774F6F9C), ref: 00007FF7774F6D83
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _get_daylight_invalid_parameter_noinfo$ErrorFreeHeapInformationLastTimeZone
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3458911817-0
                                                                                                                                                                                                • Opcode ID: 62e3c1159af9373ae78a462a2e0d22da9cd378e2d0735f3ef515df906fa7d1c8
                                                                                                                                                                                                • Instruction ID: 854d5ed0d821892a191eea96b8776ee7faee76ed5af2f6051fc8f685da2cea2b
                                                                                                                                                                                                • Opcode Fuzzy Hash: 62e3c1159af9373ae78a462a2e0d22da9cd378e2d0735f3ef515df906fa7d1c8
                                                                                                                                                                                                • Instruction Fuzzy Hash: DB516F33A3864296E710FF26D8815A9E761FB49788FC84536EE4D43A96DF3CE442C760
                                                                                                                                                                                                Function 00007FF8A8782B62 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 57networkCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ErrorLastbind
                                                                                                                                                                                                • String ID: ..\s\crypto\bio\b_sock2.c
                                                                                                                                                                                                • API String ID: 2328862993-3200932406
                                                                                                                                                                                                • Opcode ID: f4eba0e76321d527428058d812512f7d5c496053af6b33bf15f3205fea0f7f21
                                                                                                                                                                                                • Instruction ID: f334ee3ccfc611482bc1e69c2cd6797b09386e264f4d59745ad8b0b246154fc7
                                                                                                                                                                                                • Opcode Fuzzy Hash: f4eba0e76321d527428058d812512f7d5c496053af6b33bf15f3205fea0f7f21
                                                                                                                                                                                                • Instruction Fuzzy Hash: 2221CD72B0A61296E710DB65E8042AE7360FB84BC8F400135EB5C47BDAEF3DE5858B18
                                                                                                                                                                                                Function 00007FF8A8784246 Relevance: .0, Instructions: 33COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: a46b17bfff405d911cbf0ed16f10332b4be66aad2a683c4b6cb6413eca26ac33
                                                                                                                                                                                                • Instruction ID: 775b63d9f5390000a6edd01235e46df88ba3d9913a5c851553efa0d12a434e16
                                                                                                                                                                                                • Opcode Fuzzy Hash: a46b17bfff405d911cbf0ed16f10332b4be66aad2a683c4b6cb6413eca26ac33
                                                                                                                                                                                                • Instruction Fuzzy Hash: 8EF0E2323783E105CBA5CA36A848FA92ED5D391BC8F62C030E90CC3F44EE2ED6018B40
                                                                                                                                                                                                Function 00007FF8A8785731 Relevance: .0, Instructions: 22COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: 47cb47f2231c500fe69675262d211844ffd3893697c7c00b0061ec7b87a542e7
                                                                                                                                                                                                • Instruction ID: 0354191fefde897002f48b30806bf1ad50ef23912536c8eb26c5181493ea151c
                                                                                                                                                                                                • Opcode Fuzzy Hash: 47cb47f2231c500fe69675262d211844ffd3893697c7c00b0061ec7b87a542e7
                                                                                                                                                                                                • Instruction Fuzzy Hash: 76E04F727793A445D756CA372908E696A94A715BC9F83C170990EC3B45EE2ED701CB80
                                                                                                                                                                                                Function 00007FF8A87832FB Relevance: .0, Instructions: 5COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                • Opcode ID: d97060366a19393a5f378523a58d3a9988204d3c9b3160ae50f75094774aa8b0
                                                                                                                                                                                                • Instruction ID: 44449b1f58a7e2afac94bd25db7f118431386946b8ab8a780e9f7e337922188d
                                                                                                                                                                                                • Opcode Fuzzy Hash: d97060366a19393a5f378523a58d3a9988204d3c9b3160ae50f75094774aa8b0
                                                                                                                                                                                                • Instruction Fuzzy Hash: 00A002E4B25555396E641261164537445034A493C2CF295B0946D512445F1D61909164
                                                                                                                                                                                                Function 00007FF7774D8020 Relevance: 178.8, APIs: 66, Strings: 36, Instructions: 316libraryloaderCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: AddressErrorLastProc
                                                                                                                                                                                                • String ID: Failed to get address for %hs$GetProcAddress$LOADER: loaded functions from Tcl/Tk shared libraries.$Tcl_Alloc$Tcl_ConditionFinalize$Tcl_ConditionNotify$Tcl_ConditionWait$Tcl_CreateInterp$Tcl_CreateObjCommand$Tcl_CreateThread$Tcl_DeleteInterp$Tcl_DoOneEvent$Tcl_EvalEx$Tcl_EvalFile$Tcl_EvalObjv$Tcl_Finalize$Tcl_FinalizeThread$Tcl_FindExecutable$Tcl_Free$Tcl_GetCurrentThread$Tcl_GetObjResult$Tcl_GetString$Tcl_GetVar2$Tcl_Init$Tcl_JoinThread$Tcl_MutexFinalize$Tcl_MutexLock$Tcl_MutexUnlock$Tcl_NewByteArrayObj$Tcl_NewStringObj$Tcl_SetVar2$Tcl_SetVar2Ex$Tcl_ThreadAlert$Tcl_ThreadQueueEvent$Tk_GetNumMainWindows$Tk_Init
                                                                                                                                                                                                • API String ID: 199729137-248881121
                                                                                                                                                                                                • Opcode ID: 7e0d7149220800b724579cc4bed98750da8bcd62af3b83edd804d4e6d4172d12
                                                                                                                                                                                                • Instruction ID: 667a1d7b97c539a8d49b924fba854364c28fc7a5b59ad7fe3e1f2b3647cda9fe
                                                                                                                                                                                                • Opcode Fuzzy Hash: 7e0d7149220800b724579cc4bed98750da8bcd62af3b83edd804d4e6d4172d12
                                                                                                                                                                                                • Instruction Fuzzy Hash: C202D262E39F07D2FAA5BB56A844574A3E8AF05741FC85931CD5E02360EF3CB16B8230
                                                                                                                                                                                                Function 00007FF7774D8A70 Relevance: 40.4, APIs: 9, Strings: 14, Instructions: 106COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: LongWindow$BlockCreateErrorLastReasonShutdown
                                                                                                                                                                                                • String ID: LOADER: TerminateProcess call failed (%d)$LOADER: child process has finished.$LOADER: child process not terminated!$LOADER: child process terminated!$LOADER: end of WM_ENDSESSION handler reached!$LOADER: failed to register shutdown block reason (%d)!$LOADER: handling session shutdown - giving the child %d ms to exit...$LOADER: hidden window received WM_ENDSESSION with logoff-option %X and end-session option %X$LOADER: hidden window received WM_QUERYENDSESSION with logoff-option %X$LOADER: performing cleanup...$LOADER: session shutdown has been canceled!$LOADER: session shutdown has been confirmed!$LOADER: terminating the child process...$Needs to remove its temporary files.
                                                                                                                                                                                                • API String ID: 3975851968-1164846305
                                                                                                                                                                                                • Opcode ID: 8b515b9669939dd519e8b3320e39ebc673359c8679d30505b45fbaaca6fc1381
                                                                                                                                                                                                • Instruction ID: 641bc8b7d9f44f753c201fe2ab1205e9dea289790cc066e52eebd676c317656d
                                                                                                                                                                                                • Opcode Fuzzy Hash: 8b515b9669939dd519e8b3320e39ebc673359c8679d30505b45fbaaca6fc1381
                                                                                                                                                                                                • Instruction Fuzzy Hash: 46414823E3968281F654BB36E890075E355AF84B90FC44531EF5E837A5DE2CE557C360
                                                                                                                                                                                                Function 00007FF8B8331EE0 Relevance: 35.1, APIs: 11, Strings: 9, Instructions: 76COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411114212.00007FF8B8331000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF8B8330000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411075132.00007FF8B8330000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411240037.00007FF8B83F7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411275256.00007FF8B83F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8330000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Module_$Constant$Object$ReadyType_$Create2Err_ExceptionString
                                                                                                                                                                                                • String ID: %d.%d.%d$Compressor$Decompressor$MODE_FONT$MODE_GENERIC$MODE_TEXT$__version__$brotli.error$error
                                                                                                                                                                                                • API String ID: 85873462-3709432877
                                                                                                                                                                                                • Opcode ID: c527ea57f1a6fa79dc78c15721b8764123cc718b26bb66bf4bdf31074b340112
                                                                                                                                                                                                • Instruction ID: 1f5ad488c1d80ba974504ad1d100dd7435a5991ab1768a2b379e7f4543c314b9
                                                                                                                                                                                                • Opcode Fuzzy Hash: c527ea57f1a6fa79dc78c15721b8764123cc718b26bb66bf4bdf31074b340112
                                                                                                                                                                                                • Instruction Fuzzy Hash: AD310A61A18A4392FE009B19E8542B92361FF8CBC5F885436DB0E46666FF3DE14BC748
                                                                                                                                                                                                Function 00007FF7774D8C50 Relevance: 33.4, APIs: 6, Strings: 13, Instructions: 132COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                  • Part of subcall function 00007FF7774DA220: MultiByteToWideChar.KERNEL32(?,?,?,00007FF7774D3CB6), ref: 00007FF7774DA259
                                                                                                                                                                                                • ExpandEnvironmentStringsW.KERNEL32(?,00007FF7774D94A7,?,?,00000000,00007FF7774D4223), ref: 00007FF7774D8CAC
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D2A60: GetCurrentProcessId.KERNEL32(?,?,?,?,?,00007FF7774D3C41,?,00007FF7774D3CC2), ref: 00007FF7774D2AB0
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D2A60: OutputDebugStringW.KERNEL32(?,?,?,?,?,00007FF7774D3C41), ref: 00007FF7774D2B25
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D2A60: MessageBoxW.USER32 ref: 00007FF7774D2B45
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ByteCharCurrentDebugEnvironmentExpandMessageMultiOutputProcessStringStringsWide
                                                                                                                                                                                                • String ID: %.*s$CreateDirectory$LOADER: absolute runtime-tmpdir is %ls$LOADER: appending backslash to the given drive root %ls$LOADER: creating runtime-tmpdir path component: %ls$LOADER: creating runtime-tmpdir path: %ls$LOADER: expanded runtime-tmpdir is a drive root: %ls$LOADER: failed to convert runtime-tmpdir to a wide string.$LOADER: failed to create runtime-tmpdir path %ls!$LOADER: failed to expand environment variables in the runtime-tmpdir.$LOADER: failed to obtain the absolute path of the runtime-tmpdir.$LOADER: runtime-tmpdir points to non-existent drive %ls (type: %d)!$\
                                                                                                                                                                                                • API String ID: 398162068-1319882304
                                                                                                                                                                                                • Opcode ID: 2d94faeb1c79c65ca02da19601acefabe9b5568a6344e963fb9307eae368c1a0
                                                                                                                                                                                                • Instruction ID: 7870940e1ce00c3db33e53123db6951629ce299cd872dfc06144c07f2e7413cf
                                                                                                                                                                                                • Opcode Fuzzy Hash: 2d94faeb1c79c65ca02da19601acefabe9b5568a6344e963fb9307eae368c1a0
                                                                                                                                                                                                • Instruction Fuzzy Hash: 0E514813A3964381FB90FB27E8952BAE255FF54780FC44432DF8E82695EF2CE5168720
                                                                                                                                                                                                Function 00007FF8A8781B7C Relevance: 30.0, APIs: 10, Strings: 7, Instructions: 204stringCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: strspn$strncmp
                                                                                                                                                                                                • String ID: $ $ ,$..\s\crypto\pem\pem_lib.c$DEK-Info:$ENCRYPTED$Proc-Type:
                                                                                                                                                                                                • API String ID: 1384302209-3505811795
                                                                                                                                                                                                • Opcode ID: 6f4bd565c760ef683c335e3032099a5dbc3b072bbf452e8024a4d14d29473981
                                                                                                                                                                                                • Instruction ID: 366c8c4360e949268d39703caa9a0cfaff16145532fcea2b291b238d322ee1b2
                                                                                                                                                                                                • Opcode Fuzzy Hash: 6f4bd565c760ef683c335e3032099a5dbc3b072bbf452e8024a4d14d29473981
                                                                                                                                                                                                • Instruction Fuzzy Hash: 4291DF61E0FA57A6EB208B21E8081B93751FF117C5F498038DA4E83A91EF2CF556C72D
                                                                                                                                                                                                Function 00007FF7774D3970 Relevance: 28.1, APIs: 2, Strings: 14, Instructions: 106windowCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D2770: OutputDebugStringW.KERNEL32(?,?,?,?,?,00007FF7774D3CB6), ref: 00007FF7774D2847
                                                                                                                                                                                                • PostMessageW.USER32 ref: 00007FF7774D39E0
                                                                                                                                                                                                • GetMessageW.USER32 ref: 00007FF7774D39F3
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D2770: OutputDebugStringA.KERNEL32(?,?,?,?,?,00007FF7774D3CB6), ref: 00007FF7774D2854
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: DebugMessageOutputString$Post
                                                                                                                                                                                                • String ID: Failed to remove temporary directory: %s$LOADER: child process exited (return code: %d)$LOADER: end of process reached!$LOADER: extracting files to temporary directory...$LOADER: failed to extract files!$LOADER: failed to remove temporary directory - attempting to mitigate the situation...$LOADER: mitigation failed!$LOADER: mitigation succeeded.$LOADER: performing cleanup...$LOADER: removing temporary directory: %s$LOADER: setting _PYI_APPLICATION_HOME_DIR to %s$LOADER: starting the child process...$LOADER: temporary directory %s was successfully removed.$_PYI_APPLICATION_HOME_DIR
                                                                                                                                                                                                • API String ID: 3280635411-4248730274
                                                                                                                                                                                                • Opcode ID: 4958be8e23b89adf3e41aa49ff38005cc4f1f68959390d6f7135bb980885aea9
                                                                                                                                                                                                • Instruction ID: 15111e857907b88231a869dba903d14f54343615c4c2f093b540b2077d899962
                                                                                                                                                                                                • Opcode Fuzzy Hash: 4958be8e23b89adf3e41aa49ff38005cc4f1f68959390d6f7135bb980885aea9
                                                                                                                                                                                                • Instruction Fuzzy Hash: 3B412227A3854291FB50FF36E8A11BA9351AF94784FC80131EF8D871A6DE2CE567C760
                                                                                                                                                                                                Function 00007FF8B8331C80 Relevance: 26.4, APIs: 13, Strings: 2, Instructions: 145COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411114212.00007FF8B8331000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF8B8330000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411075132.00007FF8B8330000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411240037.00007FF8B83F7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411275256.00007FF8B83F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8330000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: DeallocSizeString$Arg_Buffer_Bytes_Err_FromKeywords_List_ParseReleaseTuplefreemalloc
                                                                                                                                                                                                • String ID: BrotliDecompress failed$y*|:decompress
                                                                                                                                                                                                • API String ID: 3129089932-3609120798
                                                                                                                                                                                                • Opcode ID: 21fc62796acf40556abf5966d126bf01a84e1109d329ffa3a643c5993f22310f
                                                                                                                                                                                                • Instruction ID: bc9c8ac01b8bfb8199f543963a32e4e02881ede654884e3316daf167e7a00ea5
                                                                                                                                                                                                • Opcode Fuzzy Hash: 21fc62796acf40556abf5966d126bf01a84e1109d329ffa3a643c5993f22310f
                                                                                                                                                                                                • Instruction Fuzzy Hash: BB611936B49B8685EB209B69E4403AD23A5FB48BC8F484436DF4E13B59EF3CD516C348
                                                                                                                                                                                                Function 00007FF8A8784E44 Relevance: 24.7, APIs: 10, Strings: 4, Instructions: 205registryfileCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Event$FileSource$ByteCharDeregisterHandleMultiRegisterReportTypeWideWrite__stdio_common_vsprintf__stdio_common_vswprintf
                                                                                                                                                                                                • String ID: $OpenSSL$OpenSSL: FATAL$no stack?
                                                                                                                                                                                                • API String ID: 2603057392-2963566556
                                                                                                                                                                                                • Opcode ID: 59a87a5942c62673d1eda9d489acfd17bfac18cd3cdeff8e5dabbfc5dde2d1c3
                                                                                                                                                                                                • Instruction ID: 1804381116d184df68f8df844bcfe4e96e2b883825afb5cc17a642abbdf691fd
                                                                                                                                                                                                • Opcode Fuzzy Hash: 59a87a5942c62673d1eda9d489acfd17bfac18cd3cdeff8e5dabbfc5dde2d1c3
                                                                                                                                                                                                • Instruction Fuzzy Hash: 4091E472B1AB82A6EB208F64E8441B93760FB45BD4F404236EA5D17B95EF3CE255C324
                                                                                                                                                                                                Function 00007FF7774D90B0 Relevance: 24.7, APIs: 6, Strings: 8, Instructions: 159COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetCurrentProcess.KERNEL32(?,00000000,?,?,00007FF7774D9FC1), ref: 00007FF7774D90E2
                                                                                                                                                                                                • K32EnumProcessModules.KERNEL32(?,?,00007FF7774D9FC1), ref: 00007FF7774D9139
                                                                                                                                                                                                  • Part of subcall function 00007FF7774DA220: MultiByteToWideChar.KERNEL32(?,?,?,00007FF7774D3CB6), ref: 00007FF7774DA259
                                                                                                                                                                                                • K32GetModuleFileNameExW.KERNEL32(?,?,00007FF7774D9FC1), ref: 00007FF7774D91E2
                                                                                                                                                                                                • K32GetModuleFileNameExW.KERNEL32(?,?,00007FF7774D9FC1), ref: 00007FF7774D9281
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D2880: GetCurrentProcessId.KERNEL32(?,?,?,?,?,00007FF7774D3BC3,?,00007FF7774D3CC2), ref: 00007FF7774D28CE
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D2880: OutputDebugStringW.KERNEL32(?,?,?,?,?,00007FF7774D3BC3,?,00007FF7774D3CC2), ref: 00007FF7774D2938
                                                                                                                                                                                                  • Part of subcall function 00007FF7774E88CC: _invalid_parameter_noinfo.LIBCMT ref: 00007FF7774E88E9
                                                                                                                                                                                                • FreeLibrary.KERNEL32(?,?,00007FF7774D9FC1), ref: 00007FF7774D92B4
                                                                                                                                                                                                • FreeLibrary.KERNEL32(?,?,00007FF7774D9FC1), ref: 00007FF7774D92DE
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Process$CurrentFileFreeLibraryModuleName$ByteCharDebugEnumModulesMultiOutputStringWide_invalid_parameter_noinfo
                                                                                                                                                                                                • String ID: LOADER: DLL unloaded after %d attempt(s)!$LOADER: could not resolve DLL's name (was it unloaded?) - skipping!$LOADER: could not resolve DLL's name - skipping!$LOADER: forcing unload of %ls (attempt #%d)$LOADER: found %d DLL(s) loaded from application's temporary directory!$LOADER: found %d loaded DLLs...$LOADER: giving up after %d attempts!$LOADER: loaded DLL: %ls
                                                                                                                                                                                                • API String ID: 1205768147-1546440269
                                                                                                                                                                                                • Opcode ID: dce3b337aeeebd1b2b341947902b1087ce4c9c78866d218aadd05a1d61dc6054
                                                                                                                                                                                                • Instruction ID: 4a34346a97b077a32424d81bb2e170b1e52fb1d5003c8e001b8f67ccbf200633
                                                                                                                                                                                                • Opcode Fuzzy Hash: dce3b337aeeebd1b2b341947902b1087ce4c9c78866d218aadd05a1d61dc6054
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6C617423B3968242EA60BB12A9802BAE394FF44784FC44535EF8D87695EE3CD517C720
                                                                                                                                                                                                Function 00007FF7774D1600 Relevance: 22.9, APIs: 1, Strings: 12, Instructions: 145COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CurrentProcess
                                                                                                                                                                                                • String ID: Failed to create symbolic link %s!$Failed to extract %s: failed to allocate temporary buffer!$Failed to extract %s: failed to open archive file!$Failed to extract %s: failed to open target file!$Failed to extract %s: failed to read data chunk!$Failed to extract %s: failed to seek to the entry's data!$Failed to extract %s: failed to write data chunk!$fopen$fread$fseek$fwrite$malloc
                                                                                                                                                                                                • API String ID: 2050909247-1550345328
                                                                                                                                                                                                • Opcode ID: 96a6c77363cdddef76b1f568d95d5a3780f36f42c1844c21fd6703df8e9fddca
                                                                                                                                                                                                • Instruction ID: 2259f940eedf286196ce7edf90c77b8300f499e03ca734060096e493c4ce8926
                                                                                                                                                                                                • Opcode Fuzzy Hash: 96a6c77363cdddef76b1f568d95d5a3780f36f42c1844c21fd6703df8e9fddca
                                                                                                                                                                                                • Instruction Fuzzy Hash: 9D519323B3864792EA50FB6394805B9E3A0BF45B94FC44932EE9C07795DE7CE5678320
                                                                                                                                                                                                Function 00007FF8B83319E0 Relevance: 22.9, APIs: 11, Strings: 2, Instructions: 125COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411114212.00007FF8B8331000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF8B8330000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411075132.00007FF8B8330000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411240037.00007FF8B83F7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411275256.00007FF8B83F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8330000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: DeallocSizeString$Arg_Buffer_Bytes_Err_FromList_ParseReleaseTuple_
                                                                                                                                                                                                • String ID: BrotliDecoderDecompressStream failed while processing the stream$y*:process
                                                                                                                                                                                                • API String ID: 2327171786-3378180327
                                                                                                                                                                                                • Opcode ID: 0409f8f06fc8815c48b07b2be836251baa69eb390988694566013f5be1359561
                                                                                                                                                                                                • Instruction ID: b183052456ce99791af74a73e88841d5d1b1fd69c689ae4eab4df187a6130a75
                                                                                                                                                                                                • Opcode Fuzzy Hash: 0409f8f06fc8815c48b07b2be836251baa69eb390988694566013f5be1359561
                                                                                                                                                                                                • Instruction Fuzzy Hash: 09510932B4AB4699EB518F69E4403AD63A5FB48B88F48043ADF4D17B58EF3CD456C344
                                                                                                                                                                                                Function 00007FF8A8781F6E Relevance: 21.1, APIs: 9, Strings: 3, Instructions: 135COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID: ..\s\crypto\rand\randfile.c$Filename=$i
                                                                                                                                                                                                • API String ID: 0-1799673945
                                                                                                                                                                                                • Opcode ID: 38c64de6083e27b285f8cd618f22682045234ba5fda0c2ac3b6a6d0f1d4d7116
                                                                                                                                                                                                • Instruction ID: 2e39eebc5a97dc6cbc66d83f2db4093d7548ffaecbfc07581fcf5d43be7ee4ff
                                                                                                                                                                                                • Opcode Fuzzy Hash: 38c64de6083e27b285f8cd618f22682045234ba5fda0c2ac3b6a6d0f1d4d7116
                                                                                                                                                                                                • Instruction Fuzzy Hash: 2251F271A1EA43AAF7109B62D8456BA33A0FF84BC1F440134EA1D07695EF3CF5058B29
                                                                                                                                                                                                Function 00007FF8A86624C0 Relevance: 21.1, APIs: 8, Strings: 4, Instructions: 72COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408935570.00007FF8A8661000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF8A8660000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408899288.00007FF8A8660000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8666000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A86C4000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8713000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A876C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409279437.00007FF8A876F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409316182.00007FF8A8771000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8660000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Module_$Dealloc$ObjectObject_$Capsule_ConstantFromMallocMem_SpecStringTrackTypeType_
                                                                                                                                                                                                • String ID: 13.0.0$_ucnhash_CAPI$ucd_3_2_0$unidata_version
                                                                                                                                                                                                • API String ID: 288921926-2302946913
                                                                                                                                                                                                • Opcode ID: 8849700e4595db79af61cb0ca23ecac910159f79cad4801844aab08d1f2a0480
                                                                                                                                                                                                • Instruction ID: 20ec29c93183dd1304b4d5bff70a2d8b1bfe32fab9faa4597b1d9db10c925304
                                                                                                                                                                                                • Opcode Fuzzy Hash: 8849700e4595db79af61cb0ca23ecac910159f79cad4801844aab08d1f2a0480
                                                                                                                                                                                                • Instruction Fuzzy Hash: 01211A60E0AAC3A2FA695B65E918178A394EF59BD1F047431C94F86B95EF2CE4058328
                                                                                                                                                                                                Function 00007FF7774D9450 Relevance: 17.6, APIs: 3, Strings: 7, Instructions: 121COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetTempPathW.KERNEL32(?,?,00000000,00007FF7774D4223), ref: 00007FF7774D9500
                                                                                                                                                                                                • GetCurrentProcessId.KERNEL32(?,00000000,00007FF7774D4223), ref: 00007FF7774D9517
                                                                                                                                                                                                • CreateDirectoryW.KERNEL32(?,00000000,00007FF7774D4223), ref: 00007FF7774D955C
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D9640: GetEnvironmentVariableW.KERNEL32(00007FF7774D3D93), ref: 00007FF7774D9677
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D9640: ExpandEnvironmentStringsW.KERNEL32 ref: 00007FF7774D9699
                                                                                                                                                                                                  • Part of subcall function 00007FF7774E90C8: _invalid_parameter_noinfo.LIBCMT ref: 00007FF7774E90E1
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D2A60: GetCurrentProcessId.KERNEL32(?,?,?,?,?,00007FF7774D3C41,?,00007FF7774D3CC2), ref: 00007FF7774D2AB0
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D2A60: OutputDebugStringW.KERNEL32(?,?,?,?,?,00007FF7774D3C41), ref: 00007FF7774D2B25
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D2A60: MessageBoxW.USER32 ref: 00007FF7774D2B45
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CurrentEnvironmentProcess$CreateDebugDirectoryExpandMessageOutputPathStringStringsTempVariable_invalid_parameter_noinfo
                                                                                                                                                                                                • String ID: LOADER: attempting to create temporary application directory under %ls$LOADER: failed to set the TMP environment variable.$LOADER: length of teporary directory path exceeds maximum path length!$LOADER: successfully resolved the specified runtime-tmpdir$TMP$TMP$_MEI%d
                                                                                                                                                                                                • API String ID: 1643647955-3213535515
                                                                                                                                                                                                • Opcode ID: 03761bf1df6f1260ee824890fcb3f8531e785bd7790309c5682e3dd389f1f6a6
                                                                                                                                                                                                • Instruction ID: 76d763b10866c47b4a91e2071bf2e7d68da73418d37b6eb597b40e3af4cac063
                                                                                                                                                                                                • Opcode Fuzzy Hash: 03761bf1df6f1260ee824890fcb3f8531e785bd7790309c5682e3dd389f1f6a6
                                                                                                                                                                                                • Instruction Fuzzy Hash: B5518E23B3964341EAA0BB63A8952F9D250EF45790FC44031EE4D83796EE7CE517C760
                                                                                                                                                                                                Function 00007FF8A86646DC Relevance: 17.6, APIs: 6, Strings: 4, Instructions: 101COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408935570.00007FF8A8661000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF8A8660000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408899288.00007FF8A8660000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8666000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A86C4000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8713000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A876C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409279437.00007FF8A876F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409316182.00007FF8A8771000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8660000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Arg_Unicode_$ArgumentCheckDigitErr_FromLongLong_PositionalReadyString
                                                                                                                                                                                                • String ID: a unicode character$argument 1$digit$not a digit
                                                                                                                                                                                                • API String ID: 2437920334-4278345224
                                                                                                                                                                                                • Opcode ID: d8e6a483aa124d8a0f7fadfcdbea60320d10b9bba425ecb1969d68fb569105d1
                                                                                                                                                                                                • Instruction ID: f109bb8811b82e9210e442a8c6e3d126115530e78cb16db88697442ed4e0152a
                                                                                                                                                                                                • Opcode Fuzzy Hash: d8e6a483aa124d8a0f7fadfcdbea60320d10b9bba425ecb1969d68fb569105d1
                                                                                                                                                                                                • Instruction Fuzzy Hash: 17419E31B0A6C6A2FB588B25E4582792761FF85BD4F54A031CB0F47694EF3DE846C368
                                                                                                                                                                                                Function 00007FF8A8662700 Relevance: 16.7, APIs: 11, Instructions: 230COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408935570.00007FF8A8661000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF8A8660000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408899288.00007FF8A8660000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8666000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A86C4000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8713000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A876C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409279437.00007FF8A876F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409316182.00007FF8A8771000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8660000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Initialize__scrt_acquire_startup_lock__scrt_dllmain_after_initialize_c__scrt_dllmain_crt_thread_attach__scrt_initialize_crt__scrt_release_startup_lock
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 349153199-0
                                                                                                                                                                                                • Opcode ID: 1738fc931c46e0016abe01128f6c04fa9ae34eb026bf82ed76cd7c7c3c76c679
                                                                                                                                                                                                • Instruction ID: 6703675c43015dea3c03e4dd16a98058eaab7578b29dfd0b98605d56f4fd00f1
                                                                                                                                                                                                • Opcode Fuzzy Hash: 1738fc931c46e0016abe01128f6c04fa9ae34eb026bf82ed76cd7c7c3c76c679
                                                                                                                                                                                                • Instruction Fuzzy Hash: 8381C220E0F2C3B6FB5C9B669849279A690EF857C4F046139DA4E47796DF3CE8458338
                                                                                                                                                                                                Function 00007FF8A8664A94 Relevance: 15.8, APIs: 8, Strings: 1, Instructions: 94COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408935570.00007FF8A8661000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF8A8660000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408899288.00007FF8A8660000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8666000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A86C4000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8713000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A876C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409279437.00007FF8A876F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409316182.00007FF8A8771000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8660000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Unicode_$Equal$CompareDeallocErr_ReadyString
                                                                                                                                                                                                • String ID: invalid normalization form
                                                                                                                                                                                                • API String ID: 3010910608-2281882113
                                                                                                                                                                                                • Opcode ID: 71d70c814a1b85dfb32b3f0810df02494d5ba905ed5b44fd8e565b17dcf905d8
                                                                                                                                                                                                • Instruction ID: aabf3af52d617cf9e3d31ca5bd25752e32cec2bf8b7273e771954512cdc9932f
                                                                                                                                                                                                • Opcode Fuzzy Hash: 71d70c814a1b85dfb32b3f0810df02494d5ba905ed5b44fd8e565b17dcf905d8
                                                                                                                                                                                                • Instruction Fuzzy Hash: 67416025A0E682A5FA588F16F9583396361FF49BC4F482435CD4F477A4EF2DE4048378
                                                                                                                                                                                                Function 00007FF8A8661000 Relevance: 15.8, APIs: 5, Strings: 4, Instructions: 61COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408935570.00007FF8A8661000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF8A8660000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408899288.00007FF8A8660000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8666000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A86C4000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8713000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A876C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409279437.00007FF8A876F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409316182.00007FF8A8771000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8660000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Unicode_$Arg_$ArgumentEqualReady$CheckPositionalSubtypeType_
                                                                                                                                                                                                • String ID: argument 1$argument 2$normalize$str
                                                                                                                                                                                                • API String ID: 2760394311-1320425463
                                                                                                                                                                                                • Opcode ID: 201e1a0c86d96ed07084084db240da97117a3eea60c9e8d2cbe13f47ad1407c3
                                                                                                                                                                                                • Instruction ID: 2de16083d6bea3f59fcc8232b75e074e64c4e004912fe409ae219c12bfb618cf
                                                                                                                                                                                                • Opcode Fuzzy Hash: 201e1a0c86d96ed07084084db240da97117a3eea60c9e8d2cbe13f47ad1407c3
                                                                                                                                                                                                • Instruction Fuzzy Hash: 43217120A0AAC6A1FB188B55E54C2B87360FF44BD8F586232D95F472E4CF2CE446C368
                                                                                                                                                                                                Function 00007FF8A86649A8 Relevance: 15.8, APIs: 5, Strings: 4, Instructions: 58COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408935570.00007FF8A8661000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF8A8660000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408899288.00007FF8A8660000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8666000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A86C4000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8713000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A876C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409279437.00007FF8A876F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409316182.00007FF8A8771000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8660000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Arg_$ArgumentReadyUnicode_$CheckPositional
                                                                                                                                                                                                • String ID: argument 1$argument 2$is_normalized$str
                                                                                                                                                                                                • API String ID: 396090033-184702317
                                                                                                                                                                                                • Opcode ID: 499ad2b4e8d2c61c6c3904c5fb4ee9275f40f4ad30840fc7374985e9f058fd08
                                                                                                                                                                                                • Instruction ID: 3fd233082741b7d06e0189cc38b86b0981685851f0a0ff296e9ad20d7eb559d8
                                                                                                                                                                                                • Opcode Fuzzy Hash: 499ad2b4e8d2c61c6c3904c5fb4ee9275f40f4ad30840fc7374985e9f058fd08
                                                                                                                                                                                                • Instruction Fuzzy Hash: 29217E21A09AC6B5FA148B55E8482B57360FF44FD8F486231D95F472E8EF2CE506C36C
                                                                                                                                                                                                Function 00007FF8A888DFC0 Relevance: 15.2, APIs: 1, Strings: 9, Instructions: 238stringCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: strncmp
                                                                                                                                                                                                • String ID: %-8d$, path=$, retcode=$, value=$..\s\crypto\conf\conf_mod.c$OPENSSL_finish$OPENSSL_init$module=$path
                                                                                                                                                                                                • API String ID: 1114863663-3652895664
                                                                                                                                                                                                • Opcode ID: 9d549e217570969d12a2cd50667e6118ba01b15105e4bf1ef8aa952497a48bf9
                                                                                                                                                                                                • Instruction ID: 5fa45f623592df727aeecb2b6d864f42d336c3070c1df289b61097987b7cf50a
                                                                                                                                                                                                • Opcode Fuzzy Hash: 9d549e217570969d12a2cd50667e6118ba01b15105e4bf1ef8aa952497a48bf9
                                                                                                                                                                                                • Instruction Fuzzy Hash: 68A1C061B0B746A2FB60AB12E8046B92790FF84BC0F480175DE0D57796EF7CE984C328
                                                                                                                                                                                                Function 00007FF8A8784B42 Relevance: 15.1, APIs: 3, Strings: 7, Instructions: 127stringCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: strncmp
                                                                                                                                                                                                • String ID: , value=$..\s\crypto\x509v3\v3_conf.c$/$ASN1:$DER:$critical,$name=
                                                                                                                                                                                                • API String ID: 1114863663-1429737502
                                                                                                                                                                                                • Opcode ID: d8692db6c55102258f18e242426c4eb0e575738db7c4b8f67f2ced113da6dce9
                                                                                                                                                                                                • Instruction ID: 156725c6b24577232e1e4f01d262ac0252deb5557ef8c3a1ce4678d50b2636b2
                                                                                                                                                                                                • Opcode Fuzzy Hash: d8692db6c55102258f18e242426c4eb0e575738db7c4b8f67f2ced113da6dce9
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6D41F421B0F68669FB109F22A90877A2A90FF45BD9F4C4530DD5D07B86EF3CE9418768
                                                                                                                                                                                                Function 00007FF7774E7120 Relevance: 14.5, APIs: 3, Strings: 5, Instructions: 494COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                • String ID: -$:$f$p$p
                                                                                                                                                                                                • API String ID: 3215553584-2013873522
                                                                                                                                                                                                • Opcode ID: 05289c79a0973464c9e6def38ad17f96859a0f6bf6326b9c8ee99a6d91406060
                                                                                                                                                                                                • Instruction ID: 1dc00039014d95103d86b13ef995ba2b4e3318de1a24d6a6bb1923f33ba6fe16
                                                                                                                                                                                                • Opcode Fuzzy Hash: 05289c79a0973464c9e6def38ad17f96859a0f6bf6326b9c8ee99a6d91406060
                                                                                                                                                                                                • Instruction Fuzzy Hash: D5129163E3C14386FB667A16E55467AF691FB40770FC44136EE8946AC4DBBCE482CB20
                                                                                                                                                                                                Function 00007FF7774E1E58 Relevance: 14.5, APIs: 3, Strings: 5, Instructions: 475COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                • String ID: f$f$p$p$f
                                                                                                                                                                                                • API String ID: 3215553584-1325933183
                                                                                                                                                                                                • Opcode ID: 36904858277830fb8bea51a287cdb11102976cd150a0ae475a72b14e7f9093e8
                                                                                                                                                                                                • Instruction ID: e146b679cc6fccba92f43ff9e8364366a6c6a6162e12e18439b9390c4b37c0c7
                                                                                                                                                                                                • Opcode Fuzzy Hash: 36904858277830fb8bea51a287cdb11102976cd150a0ae475a72b14e7f9093e8
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6712B673E3C94386FB24BB16D454679F2A1FB40764FC44139EA99465C4DFBCE5828B20
                                                                                                                                                                                                Function 00007FF7774D1050 Relevance: 14.1, APIs: 1, Strings: 7, Instructions: 119COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CurrentProcess
                                                                                                                                                                                                • String ID: Failed to extract %s: failed to allocate data buffer (%u bytes)!$Failed to extract %s: failed to open archive file!$Failed to extract %s: failed to read data chunk!$Failed to extract %s: failed to seek to the entry's data!$fread$fseek$malloc
                                                                                                                                                                                                • API String ID: 2050909247-3659356012
                                                                                                                                                                                                • Opcode ID: b5b4652a5ef31081a9c567b7ca02ff403b9fe46021e5b50effcb7619e4a8e893
                                                                                                                                                                                                • Instruction ID: 270e0c44eaecfb4378800910b4ff70f92d84586663551845ad089dd89dc48f8b
                                                                                                                                                                                                • Opcode Fuzzy Hash: b5b4652a5ef31081a9c567b7ca02ff403b9fe46021e5b50effcb7619e4a8e893
                                                                                                                                                                                                • Instruction Fuzzy Hash: 7841B223B3865281EA50FB23A8845B9E3A1BF49BD0FC54832EE9C07785DE3CE5178310
                                                                                                                                                                                                Function 00007FF8A87841DD Relevance: 14.1, APIs: 6, Strings: 2, Instructions: 117networkCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ErrorLastsetsockopt
                                                                                                                                                                                                • String ID: ..\s\crypto\bio\b_sock2.c$o
                                                                                                                                                                                                • API String ID: 1729277954-1872632005
                                                                                                                                                                                                • Opcode ID: 0d2034ac39a1f015537a20df33351dbf74ae8a5fab91621d70cfd5eb938fd7c6
                                                                                                                                                                                                • Instruction ID: 5d994eef26f7ade1f27aa359838a2c992de37bbe759757a5b2970bce01a82f97
                                                                                                                                                                                                • Opcode Fuzzy Hash: 0d2034ac39a1f015537a20df33351dbf74ae8a5fab91621d70cfd5eb938fd7c6
                                                                                                                                                                                                • Instruction Fuzzy Hash: 8F51CF72B0A542A6F7209F61E8043AE7361FB84785F440135E65C4BB85DF3DE585CB68
                                                                                                                                                                                                Function 00007FF7774D2EC0 Relevance: 14.1, APIs: 4, Strings: 4, Instructions: 106windowCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetCurrentProcessId.KERNEL32(?,?,?,?,?,?,?,?,00007FF7774D3B96,?,00007FF7774D3CC2), ref: 00007FF7774D2F0E
                                                                                                                                                                                                • FormatMessageW.KERNEL32(?,?,?,?,?,?,?,?,00007FF7774D3B96,?,00007FF7774D3CC2), ref: 00007FF7774D2FD3
                                                                                                                                                                                                • OutputDebugStringW.KERNEL32(?,?,?,?,?,?,?,00007FF7774D3B96,?,00007FF7774D3CC2), ref: 00007FF7774D2FF4
                                                                                                                                                                                                • MessageBoxW.USER32 ref: 00007FF7774D3014
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Message$CurrentDebugFormatOutputProcessString
                                                                                                                                                                                                • String ID: %ls: $<FormatMessageW failed.>$Error$[PYI-%d:ERROR]
                                                                                                                                                                                                • API String ID: 3610484179-251083826
                                                                                                                                                                                                • Opcode ID: a15dfebf77b6f2c1d6f9f98feaf5857f40cdd7ba5719b96ab5fb3d0c8df69239
                                                                                                                                                                                                • Instruction ID: e33df9532d17adc601730c1093e9a73100e276c6c6b36bcbcf7f1b7440f46ec2
                                                                                                                                                                                                • Opcode Fuzzy Hash: a15dfebf77b6f2c1d6f9f98feaf5857f40cdd7ba5719b96ab5fb3d0c8df69239
                                                                                                                                                                                                • Instruction Fuzzy Hash: 9741D733728B4142E620B726A8542EAA695BF88798F810536EF8D93759DE3CD517C710
                                                                                                                                                                                                Function 00007FF8A8781D4D Relevance: 14.1, APIs: 4, Strings: 4, Instructions: 99libraryloaderCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: HandleModule$AddressProc
                                                                                                                                                                                                • String ID: OPENSSL_Applink$OPENSSL_Uplink(%p,%02X): $_ssl.pyd$_ssl_d.pyd
                                                                                                                                                                                                • API String ID: 1883125708-1130596517
                                                                                                                                                                                                • Opcode ID: 4ccc3ce23c4402700d34cdd1b44a20b3c7d878ed7d0ac8f9f23aaafae92de14e
                                                                                                                                                                                                • Instruction ID: aa61954d8afe47649b88f91e6c39e301265892d5103d47bdfa3b8de5604b6eea
                                                                                                                                                                                                • Opcode Fuzzy Hash: 4ccc3ce23c4402700d34cdd1b44a20b3c7d878ed7d0ac8f9f23aaafae92de14e
                                                                                                                                                                                                • Instruction Fuzzy Hash: 4E513F71D0BB42A6EA118F24A80527463A0FF597E5F045339DA6D026A6FF7CF581C329
                                                                                                                                                                                                Function 00007FF8A87823D8 Relevance: 14.1, APIs: 6, Strings: 2, Instructions: 94libraryloaderCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: InformationObjectUser$AddressErrorHandleLastModuleProcProcessStationWindow
                                                                                                                                                                                                • String ID: Service-0x$_OPENSSL_isservice
                                                                                                                                                                                                • API String ID: 1944374717-1672312481
                                                                                                                                                                                                • Opcode ID: d4d7f13fea52a3178e6bf5d964a5a64b36e3e8d5b416d224cb6cd8592f581902
                                                                                                                                                                                                • Instruction ID: 65748c14dbd1e021e76b22d929306c86c3545015241f67f8726a5b3af4ab0749
                                                                                                                                                                                                • Opcode Fuzzy Hash: d4d7f13fea52a3178e6bf5d964a5a64b36e3e8d5b416d224cb6cd8592f581902
                                                                                                                                                                                                • Instruction Fuzzy Hash: 31418022717B82AAEB509F24D8452A83390FF487F5F444735E67D46BE4EF2CE5508328
                                                                                                                                                                                                Function 00007FF8A87832B0 Relevance: 13.6, APIs: 3, Strings: 6, Instructions: 127COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: atoi
                                                                                                                                                                                                • String ID: ..\s\crypto\ts\ts_conf.c$accuracy$microsecs$millisecs$p$secs
                                                                                                                                                                                                • API String ID: 657269090-1596076588
                                                                                                                                                                                                • Opcode ID: 5a975bf53932d7b82c7c78e034f3009e6c832d57072af302546c196ded0eb7fd
                                                                                                                                                                                                • Instruction ID: 7b5741ebfae94c99df67b242074625fa14ed47df8dd91ab2c25686c0ef9e6ae2
                                                                                                                                                                                                • Opcode Fuzzy Hash: 5a975bf53932d7b82c7c78e034f3009e6c832d57072af302546c196ded0eb7fd
                                                                                                                                                                                                • Instruction Fuzzy Hash: A051C221A1BA47B6EA109B66A4056B93390FF44BC5F440431EE4E03791EF3CF446D728
                                                                                                                                                                                                Function 00007FF7774D9FA0 Relevance: 13.6, APIs: 1, Strings: 8, Instructions: 56sleepCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D2880: GetCurrentProcessId.KERNEL32(?,?,?,?,?,00007FF7774D3BC3,?,00007FF7774D3CC2), ref: 00007FF7774D28CE
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D2880: OutputDebugStringW.KERNEL32(?,?,?,?,?,00007FF7774D3BC3,?,00007FF7774D3CC2), ref: 00007FF7774D2938
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D90B0: GetCurrentProcess.KERNEL32(?,00000000,?,?,00007FF7774D9FC1), ref: 00007FF7774D90E2
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D90B0: K32EnumProcessModules.KERNEL32(?,?,00007FF7774D9FC1), ref: 00007FF7774D9139
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D90B0: K32GetModuleFileNameExW.KERNEL32(?,?,00007FF7774D9FC1), ref: 00007FF7774D91E2
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D90B0: K32GetModuleFileNameExW.KERNEL32(?,?,00007FF7774D9FC1), ref: 00007FF7774D9281
                                                                                                                                                                                                • Sleep.KERNEL32 ref: 00007FF7774DA019
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Process$CurrentFileModuleName$DebugEnumModulesOutputSleepString
                                                                                                                                                                                                • String ID: LOADER: given up after %d attempts!$LOADER: no bundled DLLs were unloaded from this process.$LOADER: removal failed!$LOADER: removal succeeded.$LOADER: trying to force-unload bundled DLLs from this process...$LOADER: trying to remove temporary directory (attempt %d / %d)...$LOADER: unloaded %d bundled DLL(s) from this process - trying to remove temporary directory again...$LOADER: waiting %d milliseconds before trying to remove temporary directory again...
                                                                                                                                                                                                • API String ID: 3020383390-2558405752
                                                                                                                                                                                                • Opcode ID: 4aee63548ec9a584ef875c9079c45dc744fd44d951aa9f503f8e38546b0d86d1
                                                                                                                                                                                                • Instruction ID: e8d9681c0ac48dc25e5d942af8b2a336caa5b33463d9e892eba893b8217a972e
                                                                                                                                                                                                • Opcode Fuzzy Hash: 4aee63548ec9a584ef875c9079c45dc744fd44d951aa9f503f8e38546b0d86d1
                                                                                                                                                                                                • Instruction Fuzzy Hash: 1321FC13F3854382E694BB72E9D11B9D250AF84380FC40531EE5E865D6FE2CE967C3A1
                                                                                                                                                                                                Function 00007FF7774DF898 Relevance: 12.6, APIs: 4, Strings: 3, Instructions: 310COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: BlockFrameHandler3::Unwind$CatchExecutionHandlerIs_bad_exception_allowedSearchStatestd::bad_alloc::bad_alloc
                                                                                                                                                                                                • String ID: csm$csm$csm
                                                                                                                                                                                                • API String ID: 849930591-393685449
                                                                                                                                                                                                • Opcode ID: 55a0ec1e8237ffe27285874e05f24c8b912bd44a785cf4b88703c9377fcf81ea
                                                                                                                                                                                                • Instruction ID: 4c3e7b82471b55237a1bb6a12a9d4ac26db66fba3685d5f5396080c465e2501c
                                                                                                                                                                                                • Opcode Fuzzy Hash: 55a0ec1e8237ffe27285874e05f24c8b912bd44a785cf4b88703c9377fcf81ea
                                                                                                                                                                                                • Instruction Fuzzy Hash: F9D1823393874186EBA0AB2694803ADB7E0FB45798F901535DF9D57B59CF38E162C710
                                                                                                                                                                                                Function 00007FF8A8661090 Relevance: 12.4, APIs: 6, Strings: 1, Instructions: 152COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408935570.00007FF8A8661000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF8A8660000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408899288.00007FF8A8660000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8666000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A86C4000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8713000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A876C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409279437.00007FF8A876F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409316182.00007FF8A8771000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8660000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: EqualUnicode_$Mem_$FreeMallocSubtypeType_
                                                                                                                                                                                                • String ID: invalid normalization form
                                                                                                                                                                                                • API String ID: 1153303739-2281882113
                                                                                                                                                                                                • Opcode ID: 22168d29278c1de6ef91495bca67e885d51d0b2cc5fea0c41de879cb010d5d17
                                                                                                                                                                                                • Instruction ID: cd2a6d92d24ca3ef87c7f10729e1da8126bdc472c10d9f61ee70a1883584a8c8
                                                                                                                                                                                                • Opcode Fuzzy Hash: 22168d29278c1de6ef91495bca67e885d51d0b2cc5fea0c41de879cb010d5d17
                                                                                                                                                                                                • Instruction Fuzzy Hash: F451A561B1E5D262FB688B16A919679E360EF45BC0F047031CE8F47B85CF2DE5058728
                                                                                                                                                                                                Function 00007FF8A86616A0 Relevance: 12.4, APIs: 4, Strings: 3, Instructions: 127COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408935570.00007FF8A8661000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF8A8660000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408899288.00007FF8A8660000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8666000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A86C4000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8713000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A876C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409279437.00007FF8A876F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409316182.00007FF8A8771000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8660000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Unicode_$Arg_ArgumentFromReadyStringSubtypeType_
                                                                                                                                                                                                • String ID: a unicode character$argument$category
                                                                                                                                                                                                • API String ID: 2803103377-2068800536
                                                                                                                                                                                                • Opcode ID: 8b9f8b491c2994b115a767135a291a96eb26d3dd982b4c81d2173ffc951e8bc0
                                                                                                                                                                                                • Instruction ID: 07108ed2b2b24e3e3295b0428e9cd04594b576ac849d0ff53a5e8677708f4283
                                                                                                                                                                                                • Opcode Fuzzy Hash: 8b9f8b491c2994b115a767135a291a96eb26d3dd982b4c81d2173ffc951e8bc0
                                                                                                                                                                                                • Instruction Fuzzy Hash: 7251FB71B0AAC6A2FB1C8B19D49827827A1EF44BD4F045139DB9F87790DF2DE845C368
                                                                                                                                                                                                Function 00007FF7774EFBA0 Relevance: 12.4, APIs: 5, Strings: 2, Instructions: 117libraryloaderCOMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • FreeLibrary.KERNEL32(?,?,?,00007FF7774EFF3A,?,?,-00000018,00007FF7774EBBE3,?,?,?,00007FF7774EBADA,?,?,?,00007FF7774E6DCE), ref: 00007FF7774EFD1C
                                                                                                                                                                                                • GetProcAddress.KERNEL32(?,?,?,00007FF7774EFF3A,?,?,-00000018,00007FF7774EBBE3,?,?,?,00007FF7774EBADA,?,?,?,00007FF7774E6DCE), ref: 00007FF7774EFD28
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: AddressFreeLibraryProc
                                                                                                                                                                                                • String ID: api-ms-$ext-ms-
                                                                                                                                                                                                • API String ID: 3013587201-537541572
                                                                                                                                                                                                • Opcode ID: 2cf8426f931154c99cb9ee01236de544aa4ff3b33c516dcf84111848d41d3d11
                                                                                                                                                                                                • Instruction ID: f069efc7c16c743608ea2ef6573bba0b6cae5b8a585c629aad198f4908f344c4
                                                                                                                                                                                                • Opcode Fuzzy Hash: 2cf8426f931154c99cb9ee01236de544aa4ff3b33c516dcf84111848d41d3d11
                                                                                                                                                                                                • Instruction Fuzzy Hash: 1C41C023B39A0281FB55EB27A8005B5A3D1BF45BA0FD94935DD1E87784EF7CE4478220
                                                                                                                                                                                                Function 00007FF8A8661550 Relevance: 12.4, APIs: 4, Strings: 3, Instructions: 110COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408935570.00007FF8A8661000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF8A8660000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408899288.00007FF8A8660000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8666000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A86C4000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8713000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A876C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409279437.00007FF8A876F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409316182.00007FF8A8771000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8660000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Unicode_$Arg_ArgumentFromReadyStringSubtypeType_
                                                                                                                                                                                                • String ID: a unicode character$argument$bidirectional
                                                                                                                                                                                                • API String ID: 2803103377-2110215792
                                                                                                                                                                                                • Opcode ID: 6f842c38fbf6266b6352dc09bd82e7f65808cd6bafd25b46999a778c18f9dfdf
                                                                                                                                                                                                • Instruction ID: ff819a1e63af9d0c8a27a134bdcf4444c17d9aeaaa14db311153889e6798200b
                                                                                                                                                                                                • Opcode Fuzzy Hash: 6f842c38fbf6266b6352dc09bd82e7f65808cd6bafd25b46999a778c18f9dfdf
                                                                                                                                                                                                • Instruction Fuzzy Hash: 8841E7A1B1A6C262FB5D8F15D4586B963A1EF44BC4F086139DA8F872D0DF2DE844C368
                                                                                                                                                                                                Function 00007FF8B8331180 Relevance: 12.4, APIs: 6, Strings: 1, Instructions: 102COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411114212.00007FF8B8331000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF8B8330000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411075132.00007FF8B8330000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411240037.00007FF8B83F7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411275256.00007FF8B83F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8330000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: DeallocStringmemmove$Bytes_Err_FromSize
                                                                                                                                                                                                • String ID: Unable to allocate output buffer.
                                                                                                                                                                                                • API String ID: 1583460924-2565006440
                                                                                                                                                                                                • Opcode ID: 302ccff948575bc5b6c0570f94851fca6a0315b5f66909de60de6dc7c0aacbcc
                                                                                                                                                                                                • Instruction ID: 005a5a5a432538f1246d0ac3b174ae85b0d73977d5b911231f711e7ea0bd3ef9
                                                                                                                                                                                                • Opcode Fuzzy Hash: 302ccff948575bc5b6c0570f94851fca6a0315b5f66909de60de6dc7c0aacbcc
                                                                                                                                                                                                • Instruction Fuzzy Hash: 2C415676A08B4582EB258F5AE4402ADB7A0FB88BE4F484436DF4D43765EF3CD486C304
                                                                                                                                                                                                Function 00007FF8A8664574 Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 87COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408935570.00007FF8A8661000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF8A8660000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408899288.00007FF8A8660000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8666000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A86C4000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8713000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A876C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409279437.00007FF8A876F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409316182.00007FF8A8771000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8660000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: FromStringUnicode_$S_snprintfSizeSubtypeType_memcpy
                                                                                                                                                                                                • String ID: $%04X
                                                                                                                                                                                                • API String ID: 762632776-4013080060
                                                                                                                                                                                                • Opcode ID: 8f010d78afd3c5818cfb4910701cc2a93885e9771a9bff0787413f6ee937c649
                                                                                                                                                                                                • Instruction ID: 08235ccc83b21495d7bf3948d9cf8a8b4183970a845749deaf00dc368fbdaaa0
                                                                                                                                                                                                • Opcode Fuzzy Hash: 8f010d78afd3c5818cfb4910701cc2a93885e9771a9bff0787413f6ee937c649
                                                                                                                                                                                                • Instruction Fuzzy Hash: 9331E5B2A099C161FB298B14E8183B96360FF45BE0F481335DA6F476C4DF3CD4558324
                                                                                                                                                                                                Function 00007FF8A878377E Relevance: 12.3, APIs: 2, Strings: 5, Instructions: 85stringCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: strncmpstrtoul
                                                                                                                                                                                                • String ID: MASK:$default$nombstr$pkix$utf8only
                                                                                                                                                                                                • API String ID: 3007069910-3483942737
                                                                                                                                                                                                • Opcode ID: 932e197565b87e33d4723a3e589863ca2d8ca3d862467106704a9ed93825c48c
                                                                                                                                                                                                • Instruction ID: fb217822a5ed5ac5e1c78291dca6917a2605fccd0b46f817bb6a435ec1cd8caf
                                                                                                                                                                                                • Opcode Fuzzy Hash: 932e197565b87e33d4723a3e589863ca2d8ca3d862467106704a9ed93825c48c
                                                                                                                                                                                                • Instruction Fuzzy Hash: 8F317B22F1E581A6EB914B28E8407B83790FF457D1F844172EB6E43691FF1CE491C728
                                                                                                                                                                                                Function 00007FF8A866413C Relevance: 12.3, APIs: 4, Strings: 3, Instructions: 78COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408935570.00007FF8A8661000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF8A8660000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408899288.00007FF8A8660000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8666000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A86C4000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8713000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A876C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409279437.00007FF8A876F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409316182.00007FF8A8771000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8660000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Arg_ArgumentErr_FromLongLong_OccurredReadyUnicode_
                                                                                                                                                                                                • String ID: a unicode character$argument$combining
                                                                                                                                                                                                • API String ID: 3097524968-4202047184
                                                                                                                                                                                                • Opcode ID: 0e3e88da4055aaeba4dce951f7ad24c458dac837fb036e1c1bb397ee2ac8be3b
                                                                                                                                                                                                • Instruction ID: 63b175e4e68ef8fc9804ecc361fa7030de3f08b1546a4b091ec33f9ff087bf51
                                                                                                                                                                                                • Opcode Fuzzy Hash: 0e3e88da4055aaeba4dce951f7ad24c458dac837fb036e1c1bb397ee2ac8be3b
                                                                                                                                                                                                • Instruction Fuzzy Hash: 2A31D160B0A68262FB5C4B25D89A3796291FF54BD8F146535CA0F873C0EF2DE8458368
                                                                                                                                                                                                Function 00007FF8A8664C10 Relevance: 12.3, APIs: 4, Strings: 3, Instructions: 78COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408935570.00007FF8A8661000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF8A8660000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408899288.00007FF8A8660000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8666000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A86C4000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8713000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A876C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409279437.00007FF8A876F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409316182.00007FF8A8771000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8660000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Arg_ArgumentErr_FromLongLong_OccurredReadyUnicode_
                                                                                                                                                                                                • String ID: a unicode character$argument$mirrored
                                                                                                                                                                                                • API String ID: 3097524968-4001128513
                                                                                                                                                                                                • Opcode ID: a778e76fe43f494d7f351cf3d9963943a965506800762402e56c89a3088c44b2
                                                                                                                                                                                                • Instruction ID: 0442979a67a8baa79e3b32dbfbf8a20ad073ac74a453dc27d4cacb69ee2defa4
                                                                                                                                                                                                • Opcode Fuzzy Hash: a778e76fe43f494d7f351cf3d9963943a965506800762402e56c89a3088c44b2
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6531DF60B0A682A6FB5C4B25D4A93792292FF84BD4F046535CE0F833C0EF2DE8458368
                                                                                                                                                                                                Function 00007FF8B8331070 Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 69COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411114212.00007FF8B8331000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF8B8330000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411075132.00007FF8B8330000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411240037.00007FF8B83F7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411275256.00007FF8B83F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8330000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: String$Err_$AppendBytes_DeallocFromList_Size
                                                                                                                                                                                                • String ID: Unable to allocate output buffer.
                                                                                                                                                                                                • API String ID: 2547554596-2565006440
                                                                                                                                                                                                • Opcode ID: 7e1e3b8c1928b2da807ddf7aa8ca177fec8d15fc26be477a22987a1ae2f2f214
                                                                                                                                                                                                • Instruction ID: 9c333218471ed368d2e993d4134c1b7c54b3bc01c4de5b424905c0681c0cb258
                                                                                                                                                                                                • Opcode Fuzzy Hash: 7e1e3b8c1928b2da807ddf7aa8ca177fec8d15fc26be477a22987a1ae2f2f214
                                                                                                                                                                                                • Instruction Fuzzy Hash: 9C313A21B19B4281EA10CB19E85017D73A4FB8CBE4F184A36EF6E437A5EF3DE4468304
                                                                                                                                                                                                Function 00007FF8B8331470 Relevance: 12.1, APIs: 8, Instructions: 101threadCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411114212.00007FF8B8331000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF8B8330000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411075132.00007FF8B8330000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411240037.00007FF8B83F7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411275256.00007FF8B83F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8330000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Eval_Thread$DeallocRestoreSave$Bytes_FromList_SizeString
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2275295419-0
                                                                                                                                                                                                • Opcode ID: 5933d949b30942274c393e5cfa0f89909fbd9161848d49aca86a962fd84fa288
                                                                                                                                                                                                • Instruction ID: f859f6c55589bcfe2428ed93f87631a290a5d25ac81c087aaaca23f1abcdf24f
                                                                                                                                                                                                • Opcode Fuzzy Hash: 5933d949b30942274c393e5cfa0f89909fbd9161848d49aca86a962fd84fa288
                                                                                                                                                                                                • Instruction Fuzzy Hash: 48417232A09B8686EB218F59E4043AEB3A4FB887D4F584139EB8D03759EF3CD546C744
                                                                                                                                                                                                Function 00007FF8A86611D0 Relevance: 10.8, APIs: 7, Instructions: 312COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408935570.00007FF8A8661000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF8A8660000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408899288.00007FF8A8660000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8666000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A86C4000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8713000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A876C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409279437.00007FF8A876F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409316182.00007FF8A8771000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8660000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Mem_$MallocSubtypeType_$DeallocErr_FreeMemory
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 4139299733-0
                                                                                                                                                                                                • Opcode ID: 5be55f5bbb3303c170d09a18b84e3569b3095b49e504f61c933743c06f8429b5
                                                                                                                                                                                                • Instruction ID: aa83774e4021316b5a48a4e43e0686d496dfcd655cc9d73b4844332f5327235f
                                                                                                                                                                                                • Opcode Fuzzy Hash: 5be55f5bbb3303c170d09a18b84e3569b3095b49e504f61c933743c06f8429b5
                                                                                                                                                                                                • Instruction Fuzzy Hash: E4D112B1A0E5E2A1FA788B15E11C57D67A5FB457D8F102135DA8F87780EF3CE8418728
                                                                                                                                                                                                Function 00007FF8A87860D2 Relevance: 10.7, APIs: 4, Strings: 2, Instructions: 227COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Fiber$Switch$CreateDelete
                                                                                                                                                                                                • String ID: *$..\s\crypto\async\async.c
                                                                                                                                                                                                • API String ID: 2050058302-1471988776
                                                                                                                                                                                                • Opcode ID: 55088492444ded4a03a761bd426acd33eaa3e7190ea33ded52e921ade5c25e5a
                                                                                                                                                                                                • Instruction ID: df819d593b66c6a3767d3f4db55f97d56f9feb49a94f191369fcc773af632372
                                                                                                                                                                                                • Opcode Fuzzy Hash: 55088492444ded4a03a761bd426acd33eaa3e7190ea33ded52e921ade5c25e5a
                                                                                                                                                                                                • Instruction Fuzzy Hash: 80A18B72B1AA02A6EB20DF26E444A7973A0FF54BC4F448031DA8D47795EF3CE495C728
                                                                                                                                                                                                Function 00007FF8B8378D30 Relevance: 10.7, APIs: 7, Instructions: 212COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411114212.00007FF8B8331000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF8B8330000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411075132.00007FF8B8330000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411240037.00007FF8B83F7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411275256.00007FF8B83F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8330000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: memmove$exit
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 987259897-0
                                                                                                                                                                                                • Opcode ID: 896fa3ff6dc6034e01015742b7d00b17e3cd593d516e5aaf0fa330e4b8c5e894
                                                                                                                                                                                                • Instruction ID: 5f00816ad553a16d8bd3c00bd557812db13fa4b399971fd581950762bde63e83
                                                                                                                                                                                                • Opcode Fuzzy Hash: 896fa3ff6dc6034e01015742b7d00b17e3cd593d516e5aaf0fa330e4b8c5e894
                                                                                                                                                                                                • Instruction Fuzzy Hash: AEB1277A305EC08AD741CF29C4947AE7BA1E749B89F088139CF894B759DF39D452CB21
                                                                                                                                                                                                Function 00007FF8A89839B0 Relevance: 10.7, APIs: 1, Strings: 6, Instructions: 190stringCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: strncpy
                                                                                                                                                                                                • String ID: , failure codes: $, status text: $..\s\crypto\ts\ts_rsp_verify.c$status code: $unknown code$unspecified
                                                                                                                                                                                                • API String ID: 3301158039-2553778726
                                                                                                                                                                                                • Opcode ID: c805b71a4aa34c90fbd52533e3bc8bd420f2026bcba19d26966df3eb4fe2c588
                                                                                                                                                                                                • Instruction ID: 2f2adf7c45e365b03de5c0c6f4b88ae6dd09c9a8b692fd32b5d43052a3c1ac7e
                                                                                                                                                                                                • Opcode Fuzzy Hash: c805b71a4aa34c90fbd52533e3bc8bd420f2026bcba19d26966df3eb4fe2c588
                                                                                                                                                                                                • Instruction Fuzzy Hash: 4781CF32A0FA87A6EB20DB21A8453B973A4FB85BC1F840035DA4D43795EF3CE445D728
                                                                                                                                                                                                Function 00007FF8A8782E4B Relevance: 10.6, APIs: 1, Strings: 5, Instructions: 91COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: EnvironmentVariable
                                                                                                                                                                                                • String ID: OPENSSL_ia32cap$~$~$~$~
                                                                                                                                                                                                • API String ID: 1431749950-1981414212
                                                                                                                                                                                                • Opcode ID: 9eacd33310160f1931e422656a7230303f5cc1d66217712b0478dcc86fde18b9
                                                                                                                                                                                                • Instruction ID: d0b6dbb5992adc385bcbc49ce382797bfadd209fc39ac7139a703dddf1b79e6c
                                                                                                                                                                                                • Opcode Fuzzy Hash: 9eacd33310160f1931e422656a7230303f5cc1d66217712b0478dcc86fde18b9
                                                                                                                                                                                                • Instruction Fuzzy Hash: 09417F24E0B693A6E710AB01E841178B2A0EF487C0F4441B5E95E47A95EF7CF495CB68
                                                                                                                                                                                                Function 00007FF8A8664F50 Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 91COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408935570.00007FF8A8661000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF8A8660000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408899288.00007FF8A8660000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8666000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A86C4000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8713000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A876C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409279437.00007FF8A876F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409316182.00007FF8A8771000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8660000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Arg_$ArgumentCheckPositionalReadyUnicode_
                                                                                                                                                                                                • String ID: a unicode character$argument 1$numeric
                                                                                                                                                                                                • API String ID: 3545102714-2385192657
                                                                                                                                                                                                • Opcode ID: 599f939e019d3ab0ab16c07c704c8a2d368a729848ff51ced41fc5b09ed2dbaf
                                                                                                                                                                                                • Instruction ID: 3d16313ae1a0bc8834d121f36cb39664b42b56c6baf6c8bf101b68c110770148
                                                                                                                                                                                                • Opcode Fuzzy Hash: 599f939e019d3ab0ab16c07c704c8a2d368a729848ff51ced41fc5b09ed2dbaf
                                                                                                                                                                                                • Instruction Fuzzy Hash: 87319031B1A786E2FB588B16D4493792361EB84BC4F58A031DA0E47794DF3EE942C368
                                                                                                                                                                                                Function 00007FF8A86642A8 Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 91COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408935570.00007FF8A8661000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF8A8660000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408899288.00007FF8A8660000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8666000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A86C4000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8713000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A876C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409279437.00007FF8A876F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409316182.00007FF8A8771000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8660000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Arg_$ArgumentCheckPositionalReadyUnicode_
                                                                                                                                                                                                • String ID: a unicode character$argument 1$decimal
                                                                                                                                                                                                • API String ID: 3545102714-2474051849
                                                                                                                                                                                                • Opcode ID: fb38ba14d3dffb49f2d9fefa403c46d6568df7bfe510786d921799ca9568ac64
                                                                                                                                                                                                • Instruction ID: af6fd969cfa2ac7a8fd5fc8749ea1231e09aa04784517fb94da2b5f12a9276c3
                                                                                                                                                                                                • Opcode Fuzzy Hash: fb38ba14d3dffb49f2d9fefa403c46d6568df7bfe510786d921799ca9568ac64
                                                                                                                                                                                                • Instruction Fuzzy Hash: 4F317331B0A697A1FB648B16D44437D2361FB84BC4F54A031DA4E57794EF3DE942C398
                                                                                                                                                                                                Function 00007FF8A8664D84 Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 91COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408935570.00007FF8A8661000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF8A8660000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408899288.00007FF8A8660000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8666000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A86C4000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8713000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A876C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409279437.00007FF8A876F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409316182.00007FF8A8771000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8660000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Arg_$ArgumentCheckPositionalReadyUnicode_
                                                                                                                                                                                                • String ID: a unicode character$argument 1$name
                                                                                                                                                                                                • API String ID: 3545102714-4190364640
                                                                                                                                                                                                • Opcode ID: 94e7ee99c4dc3aa2bb1b14e34242e024d645e709b94d4c586480ea63cd2f4719
                                                                                                                                                                                                • Instruction ID: 037a56bcd116cbc4cca778d12d5489969370f9740ae553e1ea5466def59877d1
                                                                                                                                                                                                • Opcode Fuzzy Hash: 94e7ee99c4dc3aa2bb1b14e34242e024d645e709b94d4c586480ea63cd2f4719
                                                                                                                                                                                                • Instruction Fuzzy Hash: D8318131F0A686A2FB588B55E4543792361FB84BC4F54A031CE0E47795EF3EE896C728
                                                                                                                                                                                                Function 00007FF7774DEB58 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 88libraryloaderCOMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • LoadLibraryExW.KERNEL32(?,?,?,00007FF7774DEE0A,?,?,?,00007FF7774DEAFC,?,?,?,00007FF7774DE6F9), ref: 00007FF7774DEBDD
                                                                                                                                                                                                • GetLastError.KERNEL32(?,?,?,00007FF7774DEE0A,?,?,?,00007FF7774DEAFC,?,?,?,00007FF7774DE6F9), ref: 00007FF7774DEBEB
                                                                                                                                                                                                • LoadLibraryExW.KERNEL32(?,?,?,00007FF7774DEE0A,?,?,?,00007FF7774DEAFC,?,?,?,00007FF7774DE6F9), ref: 00007FF7774DEC15
                                                                                                                                                                                                • FreeLibrary.KERNEL32(?,?,?,00007FF7774DEE0A,?,?,?,00007FF7774DEAFC,?,?,?,00007FF7774DE6F9), ref: 00007FF7774DEC83
                                                                                                                                                                                                • GetProcAddress.KERNEL32(?,?,?,00007FF7774DEE0A,?,?,?,00007FF7774DEAFC,?,?,?,00007FF7774DE6F9), ref: 00007FF7774DEC8F
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Library$Load$AddressErrorFreeLastProc
                                                                                                                                                                                                • String ID: api-ms-
                                                                                                                                                                                                • API String ID: 2559590344-2084034818
                                                                                                                                                                                                • Opcode ID: 40a510cebb62c697958816eb18758dfdc694259234190da95a043a57b17deadc
                                                                                                                                                                                                • Instruction ID: 5805506fad620ec8a419f21c54e67e4dbfe8e180eda8fc4702baffa9e30b2726
                                                                                                                                                                                                • Opcode Fuzzy Hash: 40a510cebb62c697958816eb18758dfdc694259234190da95a043a57b17deadc
                                                                                                                                                                                                • Instruction Fuzzy Hash: AE31C323B3AA1290EE6AEB13A480575A294FF44B64F894535DE5D07390EF3CE0568324
                                                                                                                                                                                                Function 00007FF8A87839BD Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 74fileCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _chmod_stat64i32fclosefwrite
                                                                                                                                                                                                • String ID: ..\s\crypto\rand\randfile.c$Filename=
                                                                                                                                                                                                • API String ID: 4260490851-2201148535
                                                                                                                                                                                                • Opcode ID: b92129e8508862641eed399a8e5179a0bb6c7147643e5021365d23c2bd3b3ffe
                                                                                                                                                                                                • Instruction ID: 52ae3675977602e1793ae223d14a34af36f3e8312e39e4038ce77146fee85458
                                                                                                                                                                                                • Opcode Fuzzy Hash: b92129e8508862641eed399a8e5179a0bb6c7147643e5021365d23c2bd3b3ffe
                                                                                                                                                                                                • Instruction Fuzzy Hash: 1A319C61A1B643B6F620DB51E8452A97360FF84BC4F444036EA5D07795EF3CF544CB29
                                                                                                                                                                                                Function 00007FF7774D9E70 Relevance: 10.6, APIs: 2, Strings: 5, Instructions: 67COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D9360: GetCurrentProcess.KERNEL32 ref: 00007FF7774D9380
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D9360: OpenProcessToken.ADVAPI32 ref: 00007FF7774D9393
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D9360: GetTokenInformation.ADVAPI32 ref: 00007FF7774D93B8
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D9360: GetLastError.KERNEL32 ref: 00007FF7774D93C2
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D9360: GetTokenInformation.ADVAPI32 ref: 00007FF7774D9402
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D9360: ConvertSidToStringSidW.ADVAPI32 ref: 00007FF7774D941E
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D9360: CloseHandle.KERNEL32 ref: 00007FF7774D9436
                                                                                                                                                                                                • LocalFree.KERNEL32(?,00007FF7774D41E6), ref: 00007FF7774D9EFC
                                                                                                                                                                                                • LocalFree.KERNEL32(?,00007FF7774D41E6), ref: 00007FF7774D9F05
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D2880: GetCurrentProcessId.KERNEL32(?,?,?,?,?,00007FF7774D3BC3,?,00007FF7774D3CC2), ref: 00007FF7774D28CE
                                                                                                                                                                                                  • Part of subcall function 00007FF7774D2880: OutputDebugStringW.KERNEL32(?,?,?,?,?,00007FF7774D3BC3,?,00007FF7774D3CC2), ref: 00007FF7774D2938
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ProcessToken$CurrentFreeInformationLocalString$CloseConvertDebugErrorHandleLastOpenOutput
                                                                                                                                                                                                • String ID: D:(A;;FA;;;%s)$D:(A;;FA;;;%s)(A;;FA;;;%s)$LOADER: initializing security descriptor from string: %ls$S-1-3-4$Security descriptor string length exceeds PYI_PATH_MAX!
                                                                                                                                                                                                • API String ID: 269996328-3724802649
                                                                                                                                                                                                • Opcode ID: 942c3b14874243cf1b78bbcc71b7a775e57f197bbe4712efdd36e09da04fe12c
                                                                                                                                                                                                • Instruction ID: 9a657bf134993b76c4fc2f93fc993b00a9361fa493b205ab0998afaf7f5b4e9a
                                                                                                                                                                                                • Opcode Fuzzy Hash: 942c3b14874243cf1b78bbcc71b7a775e57f197bbe4712efdd36e09da04fe12c
                                                                                                                                                                                                • Instruction Fuzzy Hash: 42314122A3864241EA90BB12E8512F9E261FF88780FC44436EE8D83796EF7CD516C760
                                                                                                                                                                                                Function 00007FF7774D2DB0 Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 67windowCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetCurrentProcessId.KERNEL32(?,00000000,00000000,?,00000000,00007FF7774D9F1F,?,00007FF7774D41E6), ref: 00007FF7774D2E00
                                                                                                                                                                                                • OutputDebugStringW.KERNEL32(?,00000000,00000000,?,00000000,00007FF7774D9F1F,?,00007FF7774D41E6), ref: 00007FF7774D2E75
                                                                                                                                                                                                • MessageBoxW.USER32 ref: 00007FF7774D2E95
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CurrentDebugMessageOutputProcessString
                                                                                                                                                                                                • String ID: WARNING$Warning$[PYI-%d:%ls]
                                                                                                                                                                                                • API String ID: 4028877780-3797743490
                                                                                                                                                                                                • Opcode ID: 56819f1be48c112748468f149acbceb8499576ef0579645d9bea89b52a9a0466
                                                                                                                                                                                                • Instruction ID: 7b2d993933fb6231bc0dee72fa296d97c51456f416fac28f585f06d73107ca93
                                                                                                                                                                                                • Opcode Fuzzy Hash: 56819f1be48c112748468f149acbceb8499576ef0579645d9bea89b52a9a0466
                                                                                                                                                                                                • Instruction Fuzzy Hash: 7B21A223738B4192E760EB55F8847AAB3A4FB88784F800536EE8D53655DF3CD21AC750
                                                                                                                                                                                                Function 00007FF7774D2A60 Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 67windowCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CurrentDebugMessageOutputProcessString
                                                                                                                                                                                                • String ID: ERROR$Error$[PYI-%d:%ls]
                                                                                                                                                                                                • API String ID: 4028877780-255084403
                                                                                                                                                                                                • Opcode ID: 1e1e697de07596296eec8ab673501bf26ab91b3c60915258754e5fb6025e7fb8
                                                                                                                                                                                                • Instruction ID: 5c82a18468766189a2066aabed0df6f5ed46aa831fa4845332f3c201ff2fb5cf
                                                                                                                                                                                                • Opcode Fuzzy Hash: 1e1e697de07596296eec8ab673501bf26ab91b3c60915258754e5fb6025e7fb8
                                                                                                                                                                                                • Instruction Fuzzy Hash: A9219123738B4192E760EB55F8847AAB3A4FB88784F804536EE8D53655DE3CD21AC750
                                                                                                                                                                                                Function 00007FF7774D2CB0 Relevance: 10.6, APIs: 1, Strings: 5, Instructions: 64COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetCurrentProcessId.KERNEL32(00000000,?,?,?,00000000,00007FF7774D37BA,?,?,00007FF7774D3991), ref: 00007FF7774D2D00
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CurrentProcess
                                                                                                                                                                                                • String ID: 0$WARNING$Warning$Warning [ANSI Fallback]$[PYI-%d:%s]
                                                                                                                                                                                                • API String ID: 2050909247-2900015858
                                                                                                                                                                                                • Opcode ID: 8a6a451d4e64bc3179bcbf3274428a6642e652168afc76095dbdae54d2b453ba
                                                                                                                                                                                                • Instruction ID: f7138cefa4b29641529e5225f1431838cffa3156c51e9098515ea99aa697a35c
                                                                                                                                                                                                • Opcode Fuzzy Hash: 8a6a451d4e64bc3179bcbf3274428a6642e652168afc76095dbdae54d2b453ba
                                                                                                                                                                                                • Instruction Fuzzy Hash: AB21863363878142E660EB51F8807DAA3A4FB88784F800136FE8D43759DF7CD5568750
                                                                                                                                                                                                Function 00007FF7774D9360 Relevance: 10.6, APIs: 7, Instructions: 63COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Token$InformationProcess$CloseConvertCurrentErrorHandleLastOpenString
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 995526605-0
                                                                                                                                                                                                • Opcode ID: 2767388b2d0f01d43440f2b3fc66fe7ee2ec20d50d7270aa6644754a273deb72
                                                                                                                                                                                                • Instruction ID: 057f725b35ed1d4509a14498c202a09824322ef00017228285fd207f0e9e36c8
                                                                                                                                                                                                • Opcode Fuzzy Hash: 2767388b2d0f01d43440f2b3fc66fe7ee2ec20d50d7270aa6644754a273deb72
                                                                                                                                                                                                • Instruction Fuzzy Hash: B8219523A2C74282EA50AB56B88413AE3B0FF817A0F940235DEAC87AD5DE6CD4568710
                                                                                                                                                                                                Function 00007FF7774EBFE0 Relevance: 10.6, APIs: 7, Instructions: 62COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Value$ErrorLast
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2506987500-0
                                                                                                                                                                                                • Opcode ID: eb8c7211a13784699b75be855520cfa384eef2f645739bf2dd6f5d31cf7ef3da
                                                                                                                                                                                                • Instruction ID: 5f83e990e4936ee985c2d9657c3fa6f675b33bd6b09cd532eb759010b91e5a3e
                                                                                                                                                                                                • Opcode Fuzzy Hash: eb8c7211a13784699b75be855520cfa384eef2f645739bf2dd6f5d31cf7ef3da
                                                                                                                                                                                                • Instruction Fuzzy Hash: 23214F23B3834281FA6877AB964157DE1919F457B0FD44B35DC3E47AD6DEADB4038220
                                                                                                                                                                                                Function 00007FF7774F8BFC Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 48fileCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ConsoleWrite$CloseCreateErrorFileHandleLast
                                                                                                                                                                                                • String ID: CONOUT$
                                                                                                                                                                                                • API String ID: 3230265001-3130406586
                                                                                                                                                                                                • Opcode ID: 5c6e57e550d3b47b38588f68e65aae1629f5c424c0371111055432e8af963ac1
                                                                                                                                                                                                • Instruction ID: 67818b6d8d64cedc8dba5ee80361f181a2045e6c474108ef6065577885e07eee
                                                                                                                                                                                                • Opcode Fuzzy Hash: 5c6e57e550d3b47b38588f68e65aae1629f5c424c0371111055432e8af963ac1
                                                                                                                                                                                                • Instruction Fuzzy Hash: 3911D022B38B4186E750AB57E854329A2A0FB88BE4F880234EE1D877A4DF3CD446C750
                                                                                                                                                                                                Function 00007FF8A878648D Relevance: 9.1, APIs: 3, Strings: 3, Instructions: 109stringCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: strncmp
                                                                                                                                                                                                • String ID: ASN1:$DER:$critical,
                                                                                                                                                                                                • API String ID: 1114863663-369496153
                                                                                                                                                                                                • Opcode ID: ae11fdbc24c79936ca1b4e77633981d5be724123b6f72bef28181d9e67e2a25a
                                                                                                                                                                                                • Instruction ID: 5e4bbf7652e82252a7e8228741e2141f24ef2fda3c41239b3222cca987ee00e7
                                                                                                                                                                                                • Opcode Fuzzy Hash: ae11fdbc24c79936ca1b4e77633981d5be724123b6f72bef28181d9e67e2a25a
                                                                                                                                                                                                • Instruction Fuzzy Hash: 8D410321B0E68629FB119B22AD4837A2A94FF04BD9F4C4034DD5E47BD5EF3CE44187A8
                                                                                                                                                                                                Function 00007FF8A8784DF9 Relevance: 9.1, APIs: 3, Strings: 3, Instructions: 108stringCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: strncmp
                                                                                                                                                                                                • String ID: ASN1:$DER:$critical,
                                                                                                                                                                                                • API String ID: 1114863663-369496153
                                                                                                                                                                                                • Opcode ID: 079d044b96f797de36bd5393d8ca46bd7bdc0801725f75768ff71a61f539266b
                                                                                                                                                                                                • Instruction ID: d96a6f387f169c65c99e4c6ca6b1d6b27560ffad4c56f668b50269e1cd397bfc
                                                                                                                                                                                                • Opcode Fuzzy Hash: 079d044b96f797de36bd5393d8ca46bd7bdc0801725f75768ff71a61f539266b
                                                                                                                                                                                                • Instruction Fuzzy Hash: DE412521B1AA866AFB509F26AC487B92790FB04FD5F485130DE5E07B95DF3CEC008768
                                                                                                                                                                                                Function 00007FF7774EC158 Relevance: 9.1, APIs: 6, Instructions: 57COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetLastError.KERNEL32(?,?,?,00007FF7774E5DA1,?,?,?,?,00007FF7774EB31A,?,?,?,?,00007FF7774E801F), ref: 00007FF7774EC167
                                                                                                                                                                                                • FlsSetValue.KERNEL32(?,?,?,00007FF7774E5DA1,?,?,?,?,00007FF7774EB31A,?,?,?,?,00007FF7774E801F), ref: 00007FF7774EC19D
                                                                                                                                                                                                • FlsSetValue.KERNEL32(?,?,?,00007FF7774E5DA1,?,?,?,?,00007FF7774EB31A,?,?,?,?,00007FF7774E801F), ref: 00007FF7774EC1CA
                                                                                                                                                                                                • FlsSetValue.KERNEL32(?,?,?,00007FF7774E5DA1,?,?,?,?,00007FF7774EB31A,?,?,?,?,00007FF7774E801F), ref: 00007FF7774EC1DB
                                                                                                                                                                                                • FlsSetValue.KERNEL32(?,?,?,00007FF7774E5DA1,?,?,?,?,00007FF7774EB31A,?,?,?,?,00007FF7774E801F), ref: 00007FF7774EC1EC
                                                                                                                                                                                                • SetLastError.KERNEL32(?,?,?,00007FF7774E5DA1,?,?,?,?,00007FF7774EB31A,?,?,?,?,00007FF7774E801F), ref: 00007FF7774EC207
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Value$ErrorLast
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2506987500-0
                                                                                                                                                                                                • Opcode ID: 0b48e0a9062185d657f0facd204359268508df703c18b0cd49304e7897864a2b
                                                                                                                                                                                                • Instruction ID: 7d1042d95b7389e2392936bcd06dca9a62c25077d2e560b9d179575be0d5047b
                                                                                                                                                                                                • Opcode Fuzzy Hash: 0b48e0a9062185d657f0facd204359268508df703c18b0cd49304e7897864a2b
                                                                                                                                                                                                • Instruction Fuzzy Hash: 73115123B3834242FA68776B554153DE1929F847B0FD44735DC3E46AD6DEACB4038620
                                                                                                                                                                                                Function 00007FF8A8783D05 Relevance: 8.9, APIs: 2, Strings: 3, Instructions: 112stringCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _stricmpstrncmp
                                                                                                                                                                                                • String ID: ..\s\crypto\store\store_lib.c$T$file
                                                                                                                                                                                                • API String ID: 3873111123-909561481
                                                                                                                                                                                                • Opcode ID: 639f529272d6129993ac40a5390ec2e5d89ba27ee21532da6bd7f8a7217ae271
                                                                                                                                                                                                • Instruction ID: 8f1841a33e37397bdf82876296387d649e31315fcc15bd539074e3c5a178043b
                                                                                                                                                                                                • Opcode Fuzzy Hash: 639f529272d6129993ac40a5390ec2e5d89ba27ee21532da6bd7f8a7217ae271
                                                                                                                                                                                                • Instruction Fuzzy Hash: 4C41AF32A0BB42AAEA11DF15E8456A973A0FF88BC5F444035DE4D07B55EF3CE546C728
                                                                                                                                                                                                Function 00007FF7774D2B70 Relevance: 8.8, APIs: 1, Strings: 4, Instructions: 86COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetCurrentProcessId.KERNEL32(?,?,?,?,?,00000000,00000000,00000000,00007FF7774D1BAA), ref: 00007FF7774D2BBE
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CurrentProcess
                                                                                                                                                                                                • String ID: %s: %s$Error$Error [ANSI Fallback]$[PYI-%d:ERROR]
                                                                                                                                                                                                • API String ID: 2050909247-2962405886
                                                                                                                                                                                                • Opcode ID: a44bae74d6bd855dbf44311f44d88be9ad0e758d3b31ec434b087b6dff6f749a
                                                                                                                                                                                                • Instruction ID: 6adf6b9f745984b7cd8d26ee2ed08cf84b33e5232bde473dbfa73db202784b43
                                                                                                                                                                                                • Opcode Fuzzy Hash: a44bae74d6bd855dbf44311f44d88be9ad0e758d3b31ec434b087b6dff6f749a
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6031F823B3878152E720BB62A8406EBA295BF847D4F814132FE8D83749DF7CD5578210
                                                                                                                                                                                                Function 00007FF8A8664840 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 70COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408935570.00007FF8A8661000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF8A8660000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408899288.00007FF8A8660000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8666000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A86C4000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8713000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A876C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409279437.00007FF8A876F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409316182.00007FF8A8771000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8660000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Arg_ArgumentReadyUnicode_
                                                                                                                                                                                                • String ID: a unicode character$argument$east_asian_width
                                                                                                                                                                                                • API String ID: 1875788646-3913127203
                                                                                                                                                                                                • Opcode ID: dbe43c5c28b2e864e9847442fb4680e199cdb81cdd8ff4271a4bb4a7558a351a
                                                                                                                                                                                                • Instruction ID: b13a2c90a46465a0c82b13c9e81d532baad15ac84755076101e58944ad0d8d05
                                                                                                                                                                                                • Opcode Fuzzy Hash: dbe43c5c28b2e864e9847442fb4680e199cdb81cdd8ff4271a4bb4a7558a351a
                                                                                                                                                                                                • Instruction Fuzzy Hash: 8D21BF60B0A6C6A2FB5C8B15D4693792391FF84BC4F446139CE4F4B2C4EF2CE8458368
                                                                                                                                                                                                Function 00007FF8A8664484 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 70COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408935570.00007FF8A8661000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF8A8660000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408899288.00007FF8A8660000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8666000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A86C4000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8713000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A876C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409279437.00007FF8A876F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409316182.00007FF8A8771000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8660000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Arg_ArgumentReadyUnicode_
                                                                                                                                                                                                • String ID: a unicode character$argument$decomposition
                                                                                                                                                                                                • API String ID: 1875788646-2471543666
                                                                                                                                                                                                • Opcode ID: d5f8e1d1838016190bef5668ce4da4a2cda0a1ddf47b54ab3442ce62d4983cc2
                                                                                                                                                                                                • Instruction ID: c4bb49655c03973ef7066b75f507a78a2c3197f0dc2ac4d2bba6b5a1465b22af
                                                                                                                                                                                                • Opcode Fuzzy Hash: d5f8e1d1838016190bef5668ce4da4a2cda0a1ddf47b54ab3442ce62d4983cc2
                                                                                                                                                                                                • Instruction Fuzzy Hash: 4821D161B0A68662FB6E8B15D4693792291FF84BD4F446035CA0F432C4EF2CE845C368
                                                                                                                                                                                                Function 00007FF7774D2960 Relevance: 8.8, APIs: 1, Strings: 4, Instructions: 64COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetCurrentProcessId.KERNEL32(?,?,00000000,00000000,00000000,00007FF7774D1BD9), ref: 00007FF7774D29B0
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CurrentProcess
                                                                                                                                                                                                • String ID: ERROR$Error$Error [ANSI Fallback]$[PYI-%d:%s]
                                                                                                                                                                                                • API String ID: 2050909247-1591803126
                                                                                                                                                                                                • Opcode ID: eb898bdf2d85b565f5f2957a308ee0a964734eed4196599ac48ac7272669ba57
                                                                                                                                                                                                • Instruction ID: 1179f2a33552bb8f1041db8bdf155306c506e4f3d095dbc5fc7895dd91c4f82b
                                                                                                                                                                                                • Opcode Fuzzy Hash: eb898bdf2d85b565f5f2957a308ee0a964734eed4196599ac48ac7272669ba57
                                                                                                                                                                                                • Instruction Fuzzy Hash: FA21713363878182E660EB62B8807EAA3A4FB88784F800136EECD43659DF7CD1568750
                                                                                                                                                                                                Function 00007FF8A8665094 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 48COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408935570.00007FF8A8661000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF8A8660000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408899288.00007FF8A8660000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8666000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A86C4000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8713000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A876C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409279437.00007FF8A876F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409316182.00007FF8A8771000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8660000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: DoubleErr_Float_FromNumericStringSubtypeType_Unicode_
                                                                                                                                                                                                • String ID: not a numeric character
                                                                                                                                                                                                • API String ID: 1034370217-2058156748
                                                                                                                                                                                                • Opcode ID: 4cb6f1b5efbfda6638c0cdfd582c8c8d1892565bd548cca9a3afd41c4d5c272b
                                                                                                                                                                                                • Instruction ID: 8ac4fe8def1c6169253051a1e36f91669040d79e869a8a802b3f45622efe991a
                                                                                                                                                                                                • Opcode Fuzzy Hash: 4cb6f1b5efbfda6638c0cdfd582c8c8d1892565bd548cca9a3afd41c4d5c272b
                                                                                                                                                                                                • Instruction Fuzzy Hash: F0118F21A0E9C2B1FB598B25E45D238A7A1EF44BC4F18A130C95F47655DF2CE8C6C768
                                                                                                                                                                                                Function 00007FF8A86643EC Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 45COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408935570.00007FF8A8661000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF8A8660000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408899288.00007FF8A8660000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8666000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A86C4000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8713000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A876C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409279437.00007FF8A876F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409316182.00007FF8A8771000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8660000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: DecimalDigitErr_FromLongLong_StringSubtypeType_Unicode_
                                                                                                                                                                                                • String ID: not a decimal
                                                                                                                                                                                                • API String ID: 3750391552-3590249192
                                                                                                                                                                                                • Opcode ID: 480c0e289b089f2dea03889a00adf552dacdf64e323fa503627025c33b286684
                                                                                                                                                                                                • Instruction ID: 3660e980bebc02fd7806868aac684a3b2f17255a08751bea93d6ec88d51d70ae
                                                                                                                                                                                                • Opcode Fuzzy Hash: 480c0e289b089f2dea03889a00adf552dacdf64e323fa503627025c33b286684
                                                                                                                                                                                                • Instruction Fuzzy Hash: 92117321B0AAD2A1FB598B16E45913867A5FF84FD4F486030CA4F47750EF2CE8858328
                                                                                                                                                                                                Function 00007FF8B83317B0 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 34COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411114212.00007FF8B8331000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF8B8330000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411075132.00007FF8B8330000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411240037.00007FF8B83F7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411275256.00007FF8B83F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8330000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Arg_Buffer_Err_ParseReleaseSizeStringTuple_
                                                                                                                                                                                                • String ID: BrotliEncoderCompressStream failed while processing the stream$y*:process
                                                                                                                                                                                                • API String ID: 2872489292-243030088
                                                                                                                                                                                                • Opcode ID: cb8378cd060a40f59fa4d56021550bc41c31a91fa3c041aef3c9e0e738a50166
                                                                                                                                                                                                • Instruction ID: 38e6214b0fa9fa29252d6615b1842b1de00c1e8e3c2d7779aed7bcd12b9e4dfd
                                                                                                                                                                                                • Opcode Fuzzy Hash: cb8378cd060a40f59fa4d56021550bc41c31a91fa3c041aef3c9e0e738a50166
                                                                                                                                                                                                • Instruction Fuzzy Hash: 00F08151B0974282EF109B69D8400B963A1BF8CFC5F4C4436DF5D07725EF6CE5468304
                                                                                                                                                                                                Function 00007FF8A86625A0 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 31COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408935570.00007FF8A8661000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF8A8660000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408899288.00007FF8A8660000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8666000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A86C4000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8713000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A876C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409279437.00007FF8A876F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409316182.00007FF8A8771000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8660000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Mem_$Capsule_Err_FreeMallocMemory
                                                                                                                                                                                                • String ID: unicodedata._ucnhash_CAPI
                                                                                                                                                                                                • API String ID: 3673501854-3989975041
                                                                                                                                                                                                • Opcode ID: 4f9c832924a9756495b7a5c9d469443539cf620dd58ed21d3cdd85e935500ac7
                                                                                                                                                                                                • Instruction ID: 1e692e33301ec4e1c61450381cf52426593a194d28e891b7d9ecd3deb19d4cb0
                                                                                                                                                                                                • Opcode Fuzzy Hash: 4f9c832924a9756495b7a5c9d469443539cf620dd58ed21d3cdd85e935500ac7
                                                                                                                                                                                                • Instruction Fuzzy Hash: 16F0F630A1BBC6A6FB098B55B918175A2A4FF487C1F442431C84F06364EF3CE044C368
                                                                                                                                                                                                Function 00007FF7774EA918 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 27libraryloaderCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: AddressFreeHandleLibraryModuleProc
                                                                                                                                                                                                • String ID: CorExitProcess$mscoree.dll
                                                                                                                                                                                                • API String ID: 4061214504-1276376045
                                                                                                                                                                                                • Opcode ID: 0445041011577c357e717ecaae105294981f0374ecf8f27c16854f9c2d48fabb
                                                                                                                                                                                                • Instruction ID: fe05e21305b70211c43a05b6217572a3037c573eaca0726e51d0e31de4ef3158
                                                                                                                                                                                                • Opcode Fuzzy Hash: 0445041011577c357e717ecaae105294981f0374ecf8f27c16854f9c2d48fabb
                                                                                                                                                                                                • Instruction Fuzzy Hash: 8AF06227B39B0281FB20AB25E8443799320EF457A5FD40A35DD6D461E4DF2CD446C720
                                                                                                                                                                                                Function 00007FF7774FA1F8 Relevance: 7.6, APIs: 5, Instructions: 56COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _set_statfp
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 1156100317-0
                                                                                                                                                                                                • Opcode ID: 2530144b45b37c08dad10d77fcc83a40a954e87303b189ab66742d0fc2e2be8e
                                                                                                                                                                                                • Instruction ID: 5db8efe9c925c28dd0fb887be08aee12b07e6f69d3e5a50c1cea3c105ac2ba16
                                                                                                                                                                                                • Opcode Fuzzy Hash: 2530144b45b37c08dad10d77fcc83a40a954e87303b189ab66742d0fc2e2be8e
                                                                                                                                                                                                • Instruction Fuzzy Hash: 61112B23F78A0201F694316AEC5637993406F5B364FCE6A35FD6E267D6CE3DA8438121
                                                                                                                                                                                                Function 00007FF7774EC220 Relevance: 7.6, APIs: 5, Instructions: 54COMMONLIBRARYCODE
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • FlsGetValue.KERNEL32(?,?,?,00007FF7774EB433,?,?,00000000,00007FF7774EB6CE,?,?,?,?,?,00007FF7774EB65A), ref: 00007FF7774EC23F
                                                                                                                                                                                                • FlsSetValue.KERNEL32(?,?,?,00007FF7774EB433,?,?,00000000,00007FF7774EB6CE,?,?,?,?,?,00007FF7774EB65A), ref: 00007FF7774EC25E
                                                                                                                                                                                                • FlsSetValue.KERNEL32(?,?,?,00007FF7774EB433,?,?,00000000,00007FF7774EB6CE,?,?,?,?,?,00007FF7774EB65A), ref: 00007FF7774EC286
                                                                                                                                                                                                • FlsSetValue.KERNEL32(?,?,?,00007FF7774EB433,?,?,00000000,00007FF7774EB6CE,?,?,?,?,?,00007FF7774EB65A), ref: 00007FF7774EC297
                                                                                                                                                                                                • FlsSetValue.KERNEL32(?,?,?,00007FF7774EB433,?,?,00000000,00007FF7774EB6CE,?,?,?,?,?,00007FF7774EB65A), ref: 00007FF7774EC2A8
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Value
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3702945584-0
                                                                                                                                                                                                • Opcode ID: 7963e83b4a975c40c6ddae819978d95b7e72e824560a7c0bb364d35fc4baf278
                                                                                                                                                                                                • Instruction ID: 35d662ac86e74a0b0120e0035b83df5548f5c48d9fac0260e2f9305de0232e4c
                                                                                                                                                                                                • Opcode Fuzzy Hash: 7963e83b4a975c40c6ddae819978d95b7e72e824560a7c0bb364d35fc4baf278
                                                                                                                                                                                                • Instruction Fuzzy Hash: 5A114F23F3874241FAA873AB9541679E2915F853B0FE44735EC3D46AD6DEBCB4438221
                                                                                                                                                                                                Function 00007FF7774EC0B4 Relevance: 7.6, APIs: 5, Instructions: 50COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Value
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3702945584-0
                                                                                                                                                                                                • Opcode ID: c864d99f39cf134c8d3230482605c3dc55c0427cbee362f76fbcc7ab5cb98e61
                                                                                                                                                                                                • Instruction ID: d4a53143b7fec9928c1eaf51d9c26621bce465ec5092b3372dc788ec51cfdb5d
                                                                                                                                                                                                • Opcode Fuzzy Hash: c864d99f39cf134c8d3230482605c3dc55c0427cbee362f76fbcc7ab5cb98e61
                                                                                                                                                                                                • Instruction Fuzzy Hash: A011C222A7820381FAA9776B585257DE1814F45370FE84B38DD3E4AAD2DDACB4438671
                                                                                                                                                                                                Function 00007FF7774F0A58 Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 219COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _invalid_parameter_noinfo
                                                                                                                                                                                                • String ID: UTF-16LEUNICODE$UTF-8$ccs
                                                                                                                                                                                                • API String ID: 3215553584-1196891531
                                                                                                                                                                                                • Opcode ID: cbd0801a0664652a437363c2176815b6ad829e29b9166d36b62ee28efe49830f
                                                                                                                                                                                                • Instruction ID: 0804d0333c21b9bc6a203612ca32063a69f232b783ca6386196f8d04cc39228f
                                                                                                                                                                                                • Opcode Fuzzy Hash: cbd0801a0664652a437363c2176815b6ad829e29b9166d36b62ee28efe49830f
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6981B433E3824285FB687F278158279A7A0EB91B48FDD9031DE09576A5DF2DF8439321
                                                                                                                                                                                                Function 00007FF7774DE4D8 Relevance: 7.2, APIs: 3, Strings: 1, Instructions: 154COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CurrentImageNonwritableUnwind__except_validate_context_record
                                                                                                                                                                                                • String ID: csm
                                                                                                                                                                                                • API String ID: 2395640692-1018135373
                                                                                                                                                                                                • Opcode ID: 6d06903a11e4eccf6ced7483e1ee2fbd0b2764b28c3e0d7fde6b90923ce0bdce
                                                                                                                                                                                                • Instruction ID: 66a67807410fdb17856f17b51da2e98620989c18a0448a0f09491104cd24833e
                                                                                                                                                                                                • Opcode Fuzzy Hash: 6d06903a11e4eccf6ced7483e1ee2fbd0b2764b28c3e0d7fde6b90923ce0bdce
                                                                                                                                                                                                • Instruction Fuzzy Hash: BE519333B396128ADB98AF56D084A38B791EB44B84F914131DF8943784EF78E862C714
                                                                                                                                                                                                Function 00007FF7774DFD68 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 146COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CallEncodePointerTranslator
                                                                                                                                                                                                • String ID: MOC$RCC
                                                                                                                                                                                                • API String ID: 3544855599-2084237596
                                                                                                                                                                                                • Opcode ID: 4be1b3a6162807ade533e9a562a8ba477cdc1b9b8f7b7f7e0e02e5968d613ed2
                                                                                                                                                                                                • Instruction ID: 2251909d6f1bebbd4d896c4073ce4430712106fd43fdced796d098d0c925aee7
                                                                                                                                                                                                • Opcode Fuzzy Hash: 4be1b3a6162807ade533e9a562a8ba477cdc1b9b8f7b7f7e0e02e5968d613ed2
                                                                                                                                                                                                • Instruction Fuzzy Hash: 88614D33928B8585DBB09B16E4803AAB7A0FB85794F444625EFDC03B99DF7CD1A1CB10
                                                                                                                                                                                                Function 00007FF7774E0118 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 146COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Frame$EmptyHandler3::StateUnwind__except_validate_context_record
                                                                                                                                                                                                • String ID: csm$csm
                                                                                                                                                                                                • API String ID: 3896166516-3733052814
                                                                                                                                                                                                • Opcode ID: 43da3ea47f9807e60bb22aa6e51170387ab3b87be5e84f223723752f32086958
                                                                                                                                                                                                • Instruction ID: 6281da02fe30cc5dbbdd2af5017b036af62cb75d7f8d082ee6ad570ce1390981
                                                                                                                                                                                                • Opcode Fuzzy Hash: 43da3ea47f9807e60bb22aa6e51170387ab3b87be5e84f223723752f32086958
                                                                                                                                                                                                • Instruction Fuzzy Hash: 1651D3339382428AEB74AB13914836CB7D0EB55BA4FA44136DEAC47BA5CF7CE452C711
                                                                                                                                                                                                Function 00007FF8A8782838 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 137COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID: ..\s\crypto\async\async.c$T
                                                                                                                                                                                                • API String ID: 0-2182492907
                                                                                                                                                                                                • Opcode ID: 6849fb9aa0f02c3633eacc8741e1d722758c88bf97efa87eb6a792be0a96a09b
                                                                                                                                                                                                • Instruction ID: 8c0951087de218264e6b1d619b8dc39d97c916df71ff7e7a87ce4b3a32b3fca5
                                                                                                                                                                                                • Opcode Fuzzy Hash: 6849fb9aa0f02c3633eacc8741e1d722758c88bf97efa87eb6a792be0a96a09b
                                                                                                                                                                                                • Instruction Fuzzy Hash: 26519032B1A643A6E720DF21E8045B977A1FF847C4F844035EA4D47B96EF3DE5488B28
                                                                                                                                                                                                Function 00007FF8A8846E10 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 129networkCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: getnameinfohtons
                                                                                                                                                                                                • String ID: $..\s\crypto\bio\b_addr.c
                                                                                                                                                                                                • API String ID: 1503050688-1606403076
                                                                                                                                                                                                • Opcode ID: 44289d07dd1e137be4e9217e8a3beea75e43ac25c06f1af9d509b38f1c7a644f
                                                                                                                                                                                                • Instruction ID: 416580bd3a0af0caf8c3f1e5d63e147dee2d7e006fe631dbe803821b73e00aa9
                                                                                                                                                                                                • Opcode Fuzzy Hash: 44289d07dd1e137be4e9217e8a3beea75e43ac25c06f1af9d509b38f1c7a644f
                                                                                                                                                                                                • Instruction Fuzzy Hash: 3751E672B1A643A5FB209F25E4006B973A0FF407C5F444036EB8D47A96EF3DE9858768
                                                                                                                                                                                                Function 00007FF8A8784E9E Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 85COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID: BIO[%p]: $bio callback - unknown type (%d)
                                                                                                                                                                                                • API String ID: 0-3830480438
                                                                                                                                                                                                • Opcode ID: 6f1ff04d6e4287baae76c3bcbd7f4eb6efa59816428f3f1b8dd31fd1c250f253
                                                                                                                                                                                                • Instruction ID: 9505b1278d5a0c03398d2b8f382925f7f67297bf324edcf7e390d2e1da8a0bb5
                                                                                                                                                                                                • Opcode Fuzzy Hash: 6f1ff04d6e4287baae76c3bcbd7f4eb6efa59816428f3f1b8dd31fd1c250f253
                                                                                                                                                                                                • Instruction Fuzzy Hash: 00313563B0AA81A6F7118B66EC807BA6751FF897C4F404032EE4E43395EF3CE4858714
                                                                                                                                                                                                Function 00007FF8A8783846 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 82COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID: ..\s\crypto\bio\b_sock.c$J$host=
                                                                                                                                                                                                • API String ID: 0-1729655730
                                                                                                                                                                                                • Opcode ID: fb7855fcd371f05ee0f8c06c4a9d3ff59d339786e254bf31641fa772ec444ff7
                                                                                                                                                                                                • Instruction ID: f96d4c236e5e5fe351a2d95704af90e72ed28b8fcf8f885c9c932d4af78b5e14
                                                                                                                                                                                                • Opcode Fuzzy Hash: fb7855fcd371f05ee0f8c06c4a9d3ff59d339786e254bf31641fa772ec444ff7
                                                                                                                                                                                                • Instruction Fuzzy Hash: 4431BE72B09652A2EB20DB65F4412AEA360FB847C4F540035EF8C47B9ADF7DE585CB18
                                                                                                                                                                                                Function 00007FF7774D8780 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 81COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • CreateDirectoryW.KERNEL32(00000000,?,00007FF7774D37CC,?,?,00007FF7774D3991), ref: 00007FF7774D8892
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CreateDirectory
                                                                                                                                                                                                • String ID: %.*s$%s%c$\
                                                                                                                                                                                                • API String ID: 4241100979-1685191245
                                                                                                                                                                                                • Opcode ID: f1cad8b64af19b31ed6db525a43790991c3f38777672dfa1776de8ee5b4a1fb8
                                                                                                                                                                                                • Instruction ID: 22eddb7fada8948d5ecc7769cd4c89e81b3b3b820f83a60c5af26e57a784a81c
                                                                                                                                                                                                • Opcode Fuzzy Hash: f1cad8b64af19b31ed6db525a43790991c3f38777672dfa1776de8ee5b4a1fb8
                                                                                                                                                                                                • Instruction Fuzzy Hash: D331B822A39AC145FA61AB22E4507BAA359EF84BE0F840631EF9D437C5DF2CD6568710
                                                                                                                                                                                                Function 00007FF8A8661EC0 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 42COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • PyErr_SetString.PYTHON310(?,?,?,?,?,00007FF8A8661EAC), ref: 00007FF8A8663B59
                                                                                                                                                                                                  • Part of subcall function 00007FF8A8661FA0: strncmp.API-MS-WIN-CRT-STRING-L1-1-0 ref: 00007FF8A8661FD8
                                                                                                                                                                                                  • Part of subcall function 00007FF8A8661FA0: strncmp.API-MS-WIN-CRT-STRING-L1-1-0 ref: 00007FF8A8661FF6
                                                                                                                                                                                                • PyErr_Format.PYTHON310 ref: 00007FF8A8661F23
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408935570.00007FF8A8661000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF8A8660000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408899288.00007FF8A8660000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8666000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A86C4000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8713000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A876C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409279437.00007FF8A876F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409316182.00007FF8A8771000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8660000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Err_strncmp$FormatString
                                                                                                                                                                                                • String ID: name too long$undefined character name '%s'
                                                                                                                                                                                                • API String ID: 3882229318-4056717002
                                                                                                                                                                                                • Opcode ID: 16bc881f184cb8364390d1ecc0752210c1df55cf4409d1ac5f55d1ad321c9066
                                                                                                                                                                                                • Instruction ID: ff43f551106ae112156b45e84fe4d5f97f27b3d88a2537846f76618ef0819701
                                                                                                                                                                                                • Opcode Fuzzy Hash: 16bc881f184cb8364390d1ecc0752210c1df55cf4409d1ac5f55d1ad321c9066
                                                                                                                                                                                                • Instruction Fuzzy Hash: 85118671E1A987F2FB448B18E4982B473A4FB887C9F801431CA0E47261EF7DD14AC768
                                                                                                                                                                                                Function 00007FF8A878139D Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 38networkCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ErrorLastsocket
                                                                                                                                                                                                • String ID: ..\s\crypto\bio\b_sock2.c$2
                                                                                                                                                                                                • API String ID: 1120909799-2051290508
                                                                                                                                                                                                • Opcode ID: e6e0678db33773633ffedb91ac649e33e06e4e0a3b3b72e71866550694f6694c
                                                                                                                                                                                                • Instruction ID: 73ffad06d25e5373c97b1af726e442d6e929b843f222a7cb6d58daaec5206361
                                                                                                                                                                                                • Opcode Fuzzy Hash: e6e0678db33773633ffedb91ac649e33e06e4e0a3b3b72e71866550694f6694c
                                                                                                                                                                                                • Instruction Fuzzy Hash: 36012E32B0A552A3F3108B21E4001AE7220FB447D4F604235E36C4BBE5CF3CE9818BAC
                                                                                                                                                                                                Function 00007FF8B8331410 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 27COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411114212.00007FF8B8331000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF8B8330000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411075132.00007FF8B8330000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411240037.00007FF8B83F7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411275256.00007FF8B83F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8330000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Err_LongLong_String
                                                                                                                                                                                                • String ID: Invalid lgblock$Invalid lgblock. Can be 0 or in range 16 to 24.
                                                                                                                                                                                                • API String ID: 568964304-2070589380
                                                                                                                                                                                                • Opcode ID: 98ac89e9ae3e119ae39c4b923ceb1be476487f23198bc6fec9af8334a5baf927
                                                                                                                                                                                                • Instruction ID: f9c5d1c4f846ff911b0ca4448a862a396177d5f2ebbea292ef06f01d244ae48e
                                                                                                                                                                                                • Opcode Fuzzy Hash: 98ac89e9ae3e119ae39c4b923ceb1be476487f23198bc6fec9af8334a5baf927
                                                                                                                                                                                                • Instruction Fuzzy Hash: 65F05EA1E48643C2FB144B2DE44427C22A0AF4C7C1FDC5435E61C852A5EF9CE8D78308
                                                                                                                                                                                                Function 00007FF8B83313B0 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 24COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411114212.00007FF8B8331000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF8B8330000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411075132.00007FF8B8330000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411240037.00007FF8B83F7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411275256.00007FF8B83F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8330000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Err_LongLong_String
                                                                                                                                                                                                • String ID: Invalid lgwin$Invalid lgwin. Range is 10 to 24.
                                                                                                                                                                                                • API String ID: 568964304-1865904581
                                                                                                                                                                                                • Opcode ID: 7bd72e1ab808d5623974b6b25a33f8bd190c734804e523a2af81955fbb258cdb
                                                                                                                                                                                                • Instruction ID: fd3c91bb40d85c358c3fe61d2c056c9f4e4550d659226d1506faf58640f9196f
                                                                                                                                                                                                • Opcode Fuzzy Hash: 7bd72e1ab808d5623974b6b25a33f8bd190c734804e523a2af81955fbb258cdb
                                                                                                                                                                                                • Instruction Fuzzy Hash: BDF01CA1E0864686EF158B5DD48427C23A0EF4CBE1F9C5034D75D46261EF6DD8DBC708
                                                                                                                                                                                                Function 00007FF8B8331350 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 23COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411114212.00007FF8B8331000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF8B8330000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411075132.00007FF8B8330000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411240037.00007FF8B83F7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411275256.00007FF8B83F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8330000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Err_LongLong_String
                                                                                                                                                                                                • String ID: Invalid quality$Invalid quality. Range is 0 to 11.
                                                                                                                                                                                                • API String ID: 568964304-3078312006
                                                                                                                                                                                                • Opcode ID: bf0f2c2d88753ce6f75839a482aaea8b1615882223bf6accab7f266c8a4c0845
                                                                                                                                                                                                • Instruction ID: e8fbbcbd97a4f0bfcd2f9364a6b30b43d115002ed051f7cd4f9bdf3434b7f1dc
                                                                                                                                                                                                • Opcode Fuzzy Hash: bf0f2c2d88753ce6f75839a482aaea8b1615882223bf6accab7f266c8a4c0845
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6EF039A1E08642C6EB558B1DD48427C23A0EF4CBE1F9C5030EA0C86261EF6DD8D7C708
                                                                                                                                                                                                Function 00007FF8B8360510 Relevance: 6.3, APIs: 4, Instructions: 321COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411114212.00007FF8B8331000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF8B8330000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411075132.00007FF8B8330000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411240037.00007FF8B83F7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411275256.00007FF8B83F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8330000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: memmove$exit
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 987259897-0
                                                                                                                                                                                                • Opcode ID: 79d9dcba4dee088979e62e56151a7632dd868efc27c5ebe9eaf823a5f0b8b74d
                                                                                                                                                                                                • Instruction ID: 2c688359ce1527c257e2b3500ec72b378ff7f3decdb443fa18afbdd92bc41a24
                                                                                                                                                                                                • Opcode Fuzzy Hash: 79d9dcba4dee088979e62e56151a7632dd868efc27c5ebe9eaf823a5f0b8b74d
                                                                                                                                                                                                • Instruction Fuzzy Hash: A1D17F76709B8182DA24CB1AE55436AF3A5FB88BD4F088436CF9E17B58DF3CE0558708
                                                                                                                                                                                                Function 00007FF8B8361D60 Relevance: 6.3, APIs: 4, Instructions: 318COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411114212.00007FF8B8331000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF8B8330000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411075132.00007FF8B8330000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411240037.00007FF8B83F7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411275256.00007FF8B83F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8330000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: memmove$exit
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 987259897-0
                                                                                                                                                                                                • Opcode ID: 59702072734e8ad1273f19b6d99c79a4969c51d14cc5c672e670c6c0901996cd
                                                                                                                                                                                                • Instruction ID: 4bc66ca6f32e14813d0c928aad21f29b49691f5bdc8d088383b1c9460f9df39c
                                                                                                                                                                                                • Opcode Fuzzy Hash: 59702072734e8ad1273f19b6d99c79a4969c51d14cc5c672e670c6c0901996cd
                                                                                                                                                                                                • Instruction Fuzzy Hash: CFD13A62609B8182DA258B1AE55876EF3A5FB98BD0F088536DF8E07B58DF3CD051C318
                                                                                                                                                                                                Function 00007FF8B83635B0 Relevance: 6.3, APIs: 4, Instructions: 318COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411114212.00007FF8B8331000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF8B8330000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411075132.00007FF8B8330000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411240037.00007FF8B83F7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411275256.00007FF8B83F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8330000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: memmove$exit
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 987259897-0
                                                                                                                                                                                                • Opcode ID: 640fcf2c863d9de54116d5ac512887b9e22b6727d00535a97327216d7780aaef
                                                                                                                                                                                                • Instruction ID: d53e101da4fdb754eeb54e7853433066bc4fa20183ddd11fd42cb00fb9109ad0
                                                                                                                                                                                                • Opcode Fuzzy Hash: 640fcf2c863d9de54116d5ac512887b9e22b6727d00535a97327216d7780aaef
                                                                                                                                                                                                • Instruction Fuzzy Hash: C4D15D76709B8182DA259B1AE55836AF3A5FB88BD0F088436DF8E07B54DF3CE055C714
                                                                                                                                                                                                Function 00007FF7774ED430 Relevance: 6.3, APIs: 4, Instructions: 299fileCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: FileWrite$ConsoleErrorLastOutput
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2718003287-0
                                                                                                                                                                                                • Opcode ID: 66024a8efee63ca507785ae5bdcff78a5678cf43b823743de2dc90b43ef89417
                                                                                                                                                                                                • Instruction ID: f40970e6b6a3b90245a549fc22c82a9af3ab2fc3b9b3d0f337d8f369519c7343
                                                                                                                                                                                                • Opcode Fuzzy Hash: 66024a8efee63ca507785ae5bdcff78a5678cf43b823743de2dc90b43ef89417
                                                                                                                                                                                                • Instruction Fuzzy Hash: D7D10473B28A4189EB10DF76D4402AC77B1FB457A8B884235CE5E97B99DE78E027C710
                                                                                                                                                                                                Function 00007FF8A8781064 Relevance: 6.3, APIs: 1, Strings: 3, Instructions: 275stringCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: strncpy
                                                                                                                                                                                                • String ID: ..\s\crypto\x509\x509_obj.c$0123456789ABCDEF$NO X509_NAME
                                                                                                                                                                                                • API String ID: 3301158039-3422593365
                                                                                                                                                                                                • Opcode ID: bafdc490852c8d29e8079f326ecab6f945ad2984d2fe10162971db03f6da0e87
                                                                                                                                                                                                • Instruction ID: 2e2883b5319a2fa6f2b1a605d3ffd9a07c8ac7dfaa6b9a231d5a6ec4c4b735f9
                                                                                                                                                                                                • Opcode Fuzzy Hash: bafdc490852c8d29e8079f326ecab6f945ad2984d2fe10162971db03f6da0e87
                                                                                                                                                                                                • Instruction Fuzzy Hash: B7B14532A0EA8692EB108F95E44837AB7A0FB84BC9F084035DE5E477D5DF7CE4458724
                                                                                                                                                                                                Function 00007FF8B8369140 Relevance: 6.2, APIs: 4, Instructions: 227COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • log2.API-MS-WIN-CRT-MATH-L1-1-0(00000000,?,?,00007FF8B836988A), ref: 00007FF8B836920A
                                                                                                                                                                                                • log2.API-MS-WIN-CRT-MATH-L1-1-0(00000000,?,?,00007FF8B836988A), ref: 00007FF8B836924F
                                                                                                                                                                                                • log2.API-MS-WIN-CRT-MATH-L1-1-0(00000000,?,?,00007FF8B836988A), ref: 00007FF8B8369294
                                                                                                                                                                                                • memmove.VCRUNTIME140(00000000,?,?,00007FF8B836988A), ref: 00007FF8B8369355
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411114212.00007FF8B8331000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF8B8330000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411075132.00007FF8B8330000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411240037.00007FF8B83F7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411275256.00007FF8B83F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8330000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: log2$memmove
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3336697533-0
                                                                                                                                                                                                • Opcode ID: 1680cdc6a483d2b4af0fd29261cfd8d16fc7ddb78b32cb5b10661259ba284ebb
                                                                                                                                                                                                • Instruction ID: 45450fd5429b8ebb648bc31ceadb088d1d79435805c9661a97b280387fd589e2
                                                                                                                                                                                                • Opcode Fuzzy Hash: 1680cdc6a483d2b4af0fd29261cfd8d16fc7ddb78b32cb5b10661259ba284ebb
                                                                                                                                                                                                • Instruction Fuzzy Hash: BEB18422A18F8586E612CF3C91513B9F764FF997C4F189732DB8E26651DF38E5928304
                                                                                                                                                                                                Function 00007FF8B8368880 Relevance: 6.2, APIs: 4, Instructions: 227COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • log2.API-MS-WIN-CRT-MATH-L1-1-0(00000000,?,?,00007FF8B8368FCA), ref: 00007FF8B836894A
                                                                                                                                                                                                • log2.API-MS-WIN-CRT-MATH-L1-1-0(00000000,?,?,00007FF8B8368FCA), ref: 00007FF8B836898F
                                                                                                                                                                                                • log2.API-MS-WIN-CRT-MATH-L1-1-0(00000000,?,?,00007FF8B8368FCA), ref: 00007FF8B83689D4
                                                                                                                                                                                                • memmove.VCRUNTIME140(00000000,?,?,00007FF8B8368FCA), ref: 00007FF8B8368A95
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411114212.00007FF8B8331000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF8B8330000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411075132.00007FF8B8330000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411240037.00007FF8B83F7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411275256.00007FF8B83F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8330000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: log2$memmove
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 3336697533-0
                                                                                                                                                                                                • Opcode ID: 37c08e7e4291ae7c0fd9f5e7d1ae2ed9a98bb0acaa0912484a1cbda665e6c135
                                                                                                                                                                                                • Instruction ID: a96eaf9b0a599df52c25e58c9ac73d30b3bef09c42830c17810f4de3c585b510
                                                                                                                                                                                                • Opcode Fuzzy Hash: 37c08e7e4291ae7c0fd9f5e7d1ae2ed9a98bb0acaa0912484a1cbda665e6c135
                                                                                                                                                                                                • Instruction Fuzzy Hash: 72B19322A19F8586E6128F3C91413BAF364FF9D7C4F189732DB8A26651DF78A592C304
                                                                                                                                                                                                Function 00007FF7774EDDF0 Relevance: 6.2, APIs: 4, Instructions: 218COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • GetConsoleMode.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00007FF7774EDDDB), ref: 00007FF7774EDF0C
                                                                                                                                                                                                • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00007FF7774EDDDB), ref: 00007FF7774EDF97
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ConsoleErrorLastMode
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 953036326-0
                                                                                                                                                                                                • Opcode ID: 166a3c9b3234785f47c0885528a8716e8cc121542d06da8e3a63f31bbb850efd
                                                                                                                                                                                                • Instruction ID: 13623d64bac76bf6f740bbb3f2425ebd9cc698a769da48ce53e3b7589efb6fd6
                                                                                                                                                                                                • Opcode Fuzzy Hash: 166a3c9b3234785f47c0885528a8716e8cc121542d06da8e3a63f31bbb850efd
                                                                                                                                                                                                • Instruction Fuzzy Hash: 4391D723F3866285FB54EF6684402BDABA0BB44BA8F984135DE4E57A94CF7CD453C720
                                                                                                                                                                                                Function 00007FF8A8782DF1 Relevance: 6.2, APIs: 2, Strings: 2, Instructions: 173COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ErrorLast
                                                                                                                                                                                                • String ID: Operation not permitted$unknown
                                                                                                                                                                                                • API String ID: 1452528299-31098287
                                                                                                                                                                                                • Opcode ID: 4f38512cd59b4e9079a15f4968c6b5057c5ac8c27ef1edf97390e5a951f79121
                                                                                                                                                                                                • Instruction ID: c2dbc22ef1379e2ffd793f4168c253e5e6942681286a366864cfee15998852da
                                                                                                                                                                                                • Opcode Fuzzy Hash: 4f38512cd59b4e9079a15f4968c6b5057c5ac8c27ef1edf97390e5a951f79121
                                                                                                                                                                                                • Instruction Fuzzy Hash: BD815721A5B647A6EB209B21E8413BDA3A0FF80BC4F444475D94E47A99EF7CF850C329
                                                                                                                                                                                                Function 00007FF8A8661FA0 Relevance: 6.2, APIs: 2, Strings: 2, Instructions: 173stringCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408935570.00007FF8A8661000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF8A8660000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408899288.00007FF8A8660000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8666000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A86C4000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8713000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A876C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409279437.00007FF8A876F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409316182.00007FF8A8771000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8660000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: strncmp
                                                                                                                                                                                                • String ID: CJK UNIFIED IDEOGRAPH-$HANGUL SYLLABLE
                                                                                                                                                                                                • API String ID: 1114863663-87138338
                                                                                                                                                                                                • Opcode ID: c98c5b1ab0b2a8d827254fbc7c4625d595eb4019985d1d621710d4bb056f2700
                                                                                                                                                                                                • Instruction ID: 6cb2043f9f22bc1d1bf7e418d78f18082b4f244968ede0dd99bcd9051370d71d
                                                                                                                                                                                                • Opcode Fuzzy Hash: c98c5b1ab0b2a8d827254fbc7c4625d595eb4019985d1d621710d4bb056f2700
                                                                                                                                                                                                • Instruction Fuzzy Hash: 46612732B1A28266F7688A19A50867AB252FF80BD0F146235EA5F47BC9DF3CE401C714
                                                                                                                                                                                                Function 00007FF8B8380740 Relevance: 6.2, APIs: 4, Instructions: 163COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411114212.00007FF8B8331000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF8B8330000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411075132.00007FF8B8330000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411240037.00007FF8B83F7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411275256.00007FF8B83F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8330000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: memmove$exitmemset
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2725257846-0
                                                                                                                                                                                                • Opcode ID: 7667acfe8cd979c61ef8322217f9533025dc7a57991cc5d72a4afbdb4d25e19c
                                                                                                                                                                                                • Instruction ID: ca00152eecb6b9c10c05a71154e0322ec9e6bba0f187ea6d5667e1447133d53c
                                                                                                                                                                                                • Opcode Fuzzy Hash: 7667acfe8cd979c61ef8322217f9533025dc7a57991cc5d72a4afbdb4d25e19c
                                                                                                                                                                                                • Instruction Fuzzy Hash: FB614872608B9182EA65CF1AE5543AAB3A4FB48BC4F484439DF8E47B55EF3CE491C344
                                                                                                                                                                                                Function 00007FF7774F081C Relevance: 6.2, APIs: 4, Instructions: 162COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _get_daylight$_isindst
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 4170891091-0
                                                                                                                                                                                                • Opcode ID: 82d75ea4ed38acbe1bdd5a9cb20d7e9acbad6c88499b96c74728dc6f26a76436
                                                                                                                                                                                                • Instruction ID: ab38c7630c171fd87886d9c7bc2006bf155a0da2b10ca76572e6d0e4bf5930fc
                                                                                                                                                                                                • Opcode Fuzzy Hash: 82d75ea4ed38acbe1bdd5a9cb20d7e9acbad6c88499b96c74728dc6f26a76436
                                                                                                                                                                                                • Instruction Fuzzy Hash: 80516873F352168AFB14EF2588496BCA7A1BB50358F980135DE1E52AE0DF38A443C720
                                                                                                                                                                                                Function 00007FF8A8833690 Relevance: 6.2, APIs: 3, Strings: 1, Instructions: 155stringCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: strncmp
                                                                                                                                                                                                • String ID: content-type
                                                                                                                                                                                                • API String ID: 1114863663-3266185539
                                                                                                                                                                                                • Opcode ID: 353771e46bd95834c8d992adfd6c0224b14d6e0ae68003dcc01e02663e36320e
                                                                                                                                                                                                • Instruction ID: be03a46bde1496ae728aa4084cdd7132a2ace21da5f452b86e56e2d38c074ff1
                                                                                                                                                                                                • Opcode Fuzzy Hash: 353771e46bd95834c8d992adfd6c0224b14d6e0ae68003dcc01e02663e36320e
                                                                                                                                                                                                • Instruction Fuzzy Hash: E1513662B0FA4361FA709726B54037A6290FF48BE8F446270DE5D47BC5EF2CE5428328
                                                                                                                                                                                                Function 00007FF8B8366C30 Relevance: 6.2, APIs: 4, Instructions: 154COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411114212.00007FF8B8331000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF8B8330000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411075132.00007FF8B8330000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411240037.00007FF8B83F7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411275256.00007FF8B83F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8330000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: memset$exit
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2160831268-0
                                                                                                                                                                                                • Opcode ID: ff7542eb6b03d18410631e71f5cf1605c2db0e3aae92597e952d8736e1c6e287
                                                                                                                                                                                                • Instruction ID: 3c03f8c978927362e6c25f34f8ae36159fa48356e5cda97b0c767284825df4e8
                                                                                                                                                                                                • Opcode Fuzzy Hash: ff7542eb6b03d18410631e71f5cf1605c2db0e3aae92597e952d8736e1c6e287
                                                                                                                                                                                                • Instruction Fuzzy Hash: DB71E136608BC486D660CF16F88079AB7A4F789B84F588126EFCD43B59DF38C196CB44
                                                                                                                                                                                                Function 00007FF8B837F1E0 Relevance: 6.1, APIs: 4, Instructions: 135COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411114212.00007FF8B8331000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF8B8330000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411075132.00007FF8B8330000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411240037.00007FF8B83F7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411275256.00007FF8B83F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8330000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: memmove$exitmemset
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2725257846-0
                                                                                                                                                                                                • Opcode ID: 493e27849c4cb9e9b95d7c30d5e6413da0b50b6e21a947d19d361f36feff194b
                                                                                                                                                                                                • Instruction ID: ebb7967809dfaeb06850f344a9b7a52ec4e708f0253e3b928402725ae8c999b7
                                                                                                                                                                                                • Opcode Fuzzy Hash: 493e27849c4cb9e9b95d7c30d5e6413da0b50b6e21a947d19d361f36feff194b
                                                                                                                                                                                                • Instruction Fuzzy Hash: 7A514876609B8182EB248F16F9407AAB7A4FB48BC8F484535EF8E47B54DF39D091C344
                                                                                                                                                                                                Function 00007FF8B837E640 Relevance: 6.1, APIs: 4, Instructions: 135COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411114212.00007FF8B8331000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF8B8330000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411075132.00007FF8B8330000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411240037.00007FF8B83F7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411275256.00007FF8B83F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8330000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: memmove$exitmemset
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2725257846-0
                                                                                                                                                                                                • Opcode ID: d9c9cb1ef6c5c71233e29e4e1958d91413e7428d0f52581b9b1aba8afdf679da
                                                                                                                                                                                                • Instruction ID: 264147a1b0e7daaf1c022a716d4dd44245a531d4dfa24e4f44e391fe2aedeb73
                                                                                                                                                                                                • Opcode Fuzzy Hash: d9c9cb1ef6c5c71233e29e4e1958d91413e7428d0f52581b9b1aba8afdf679da
                                                                                                                                                                                                • Instruction Fuzzy Hash: CB515C76604B8182EB259F16E9407AAB7A4FB48BC8F484535DF8E4BB54EF3CE091C344
                                                                                                                                                                                                Function 00007FF8B837FC90 Relevance: 6.1, APIs: 4, Instructions: 135COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411114212.00007FF8B8331000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF8B8330000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411075132.00007FF8B8330000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411240037.00007FF8B83F7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411275256.00007FF8B83F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8330000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: memmove$exitmemset
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2725257846-0
                                                                                                                                                                                                • Opcode ID: 23cfdeea8cd9a323e5b039c749b7dda14dfd5c35ac79cae9b21fed405305592a
                                                                                                                                                                                                • Instruction ID: 4495d50cba5623d5a74c3d3b46f907cc13fe43a4d90e232419f0ddbe90250402
                                                                                                                                                                                                • Opcode Fuzzy Hash: 23cfdeea8cd9a323e5b039c749b7dda14dfd5c35ac79cae9b21fed405305592a
                                                                                                                                                                                                • Instruction Fuzzy Hash: C4515976608B8182DB248F16E9447AAB7A4FB4CBC4F484435EF9E4BB59EF78D091C344
                                                                                                                                                                                                Function 00007FF7774E660C Relevance: 6.1, APIs: 4, Instructions: 119pipeCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: File$ErrorHandleInformationLastNamedPeekPipeType
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2780335769-0
                                                                                                                                                                                                • Opcode ID: 4ccfc96ddbfee78b4fd39776d8ebd43501299f8ad26c04ff2c64eaa07cfe321b
                                                                                                                                                                                                • Instruction ID: 1d732cd146ab927b9afff7298ba7c1fc069d80d12d059bfb73a7871c3859dda0
                                                                                                                                                                                                • Opcode Fuzzy Hash: 4ccfc96ddbfee78b4fd39776d8ebd43501299f8ad26c04ff2c64eaa07cfe321b
                                                                                                                                                                                                • Instruction Fuzzy Hash: 8351AF23E346419AFB10EF72D4403BDA3B1AB48BACF948535DE1D47688DF78D4528721
                                                                                                                                                                                                Function 00007FF8B8369CA0 Relevance: 6.1, APIs: 4, Instructions: 115COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411114212.00007FF8B8331000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF8B8330000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411075132.00007FF8B8330000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411240037.00007FF8B83F7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411275256.00007FF8B83F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8330000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: memmove$exitmemset
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2725257846-0
                                                                                                                                                                                                • Opcode ID: a32b4bb5653312606587a6e74c96ac44aa3f345004107e7812205a3e2226a543
                                                                                                                                                                                                • Instruction ID: c1f8b178b05207814637bf4da1275ae6f63a0cb50fb9312682514e63a095ed50
                                                                                                                                                                                                • Opcode Fuzzy Hash: a32b4bb5653312606587a6e74c96ac44aa3f345004107e7812205a3e2226a543
                                                                                                                                                                                                • Instruction Fuzzy Hash: 0741FC72B08B4182DA148A0EE45862AF355FB89BE0F4D8235DFAD47799EF7CE442C704
                                                                                                                                                                                                Function 00007FF7774D2660 Relevance: 6.0, APIs: 4, Instructions: 44windowCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: DebugMessageOutputString$ByteCharMultiWide
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2053247551-0
                                                                                                                                                                                                • Opcode ID: 5017166035da83f72ec5c6f0ebe3249bdfa21e400b60e2840d32238a23ff38f5
                                                                                                                                                                                                • Instruction ID: a64ff5528dc0aabec4bf14f692c88b328958f1bd09cd7d465772f4a561ce1960
                                                                                                                                                                                                • Opcode Fuzzy Hash: 5017166035da83f72ec5c6f0ebe3249bdfa21e400b60e2840d32238a23ff38f5
                                                                                                                                                                                                • Instruction Fuzzy Hash: FB01C463B38B8685EA30BB52F8442A9A321FF48BC4F844131EE8D47795DF2CE55AC710
                                                                                                                                                                                                Function 00007FF7774DDEA0 Relevance: 6.0, APIs: 4, Instructions: 39timethreadCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CurrentTime$CounterFilePerformanceProcessQuerySystemThread
                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                • API String ID: 2933794660-0
                                                                                                                                                                                                • Opcode ID: 014d93effff5caf25bf47e118e036704a97445821d38eae0d866a55af4ca8f31
                                                                                                                                                                                                • Instruction ID: 4803d1cdc4778122e429a8d276f5dbb9c46d5ab3b4fb725bf7be1a93f5c8a699
                                                                                                                                                                                                • Opcode Fuzzy Hash: 014d93effff5caf25bf47e118e036704a97445821d38eae0d866a55af4ca8f31
                                                                                                                                                                                                • Instruction Fuzzy Hash: DF112A22B24F068AEB00DF61E8542B973A4FB19758F840E35DE6D86BA4DF78D165C350
                                                                                                                                                                                                Function 00007FF8A8786A23 Relevance: 5.6, APIs: 1, Strings: 2, Instructions: 330COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                • String ID: ..\s\crypto\engine\eng_ctrl.c$b
                                                                                                                                                                                                • API String ID: 0-1836817417
                                                                                                                                                                                                • Opcode ID: 81578ff1b17706f1e3e9fb800d66550516f8ba6bbcffc65290ac54bc7c0ad89f
                                                                                                                                                                                                • Instruction ID: 9033bfd79fd012895cb892f1158c9102f9a32d32d3d83a8a5bf75ee410b201ba
                                                                                                                                                                                                • Opcode Fuzzy Hash: 81578ff1b17706f1e3e9fb800d66550516f8ba6bbcffc65290ac54bc7c0ad89f
                                                                                                                                                                                                • Instruction Fuzzy Hash: B1E1AC32B0A642A3F7648B11D4017BA26A1FF807C4F544175EA8D03A96EF7DF985C729
                                                                                                                                                                                                Function 00007FF8B8368460 Relevance: 5.5, APIs: 2, Strings: 1, Instructions: 252COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411114212.00007FF8B8331000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF8B8330000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411075132.00007FF8B8330000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411240037.00007FF8B83F7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411275256.00007FF8B83F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8330000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: exitmemmove
                                                                                                                                                                                                • String ID: @
                                                                                                                                                                                                • API String ID: 1790971451-2766056989
                                                                                                                                                                                                • Opcode ID: fb4b732d7ba2ad41e51b609ce057e87b5d2821d6290d3fdf268689399a755141
                                                                                                                                                                                                • Instruction ID: 1384896217d172c7ae18046fe17770b985f004835bb1a6553c3f38dfc8d9b37f
                                                                                                                                                                                                • Opcode Fuzzy Hash: fb4b732d7ba2ad41e51b609ce057e87b5d2821d6290d3fdf268689399a755141
                                                                                                                                                                                                • Instruction Fuzzy Hash: 9CB15B26A09BC582DA21CF19E5483AAA364FB8DFC4F189626DF8D17B49DF3CD185C704
                                                                                                                                                                                                Function 00007FF7774F69AC Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 121COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _get_daylight$_invalid_parameter_noinfo
                                                                                                                                                                                                • String ID: ?
                                                                                                                                                                                                • API String ID: 1286766494-1684325040
                                                                                                                                                                                                • Opcode ID: 1f4d18330ddf8ab85e4e8910917b7e57ed6c5fadf770207633ba2592aebb394f
                                                                                                                                                                                                • Instruction ID: e3823b6f258885082333d2f4682d05316d85e020db38f3e8d2c5b66a6f5a45ce
                                                                                                                                                                                                • Opcode Fuzzy Hash: 1f4d18330ddf8ab85e4e8910917b7e57ed6c5fadf770207633ba2592aebb394f
                                                                                                                                                                                                • Instruction Fuzzy Hash: FE411B13A3868255F720BB27D40177AD650EB817A8F984235EF5D06AD9DF3CD443C711
                                                                                                                                                                                                Function 00007FF8A8782748 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 118COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _time64
                                                                                                                                                                                                • String ID: %02d%02d%02d%02d%02d%02dZ$%04d%02d%02d%02d%02d%02dZ
                                                                                                                                                                                                • API String ID: 1670930206-2648760357
                                                                                                                                                                                                • Opcode ID: 44843c6316de3de0d0998b74d2a3bbc3a6269f6be012f31292ad9ddc303ef141
                                                                                                                                                                                                • Instruction ID: cfd823e08e984a156c26c9260a8da7b7183cf084c3edfa6f3e978323adb5a1eb
                                                                                                                                                                                                • Opcode Fuzzy Hash: 44843c6316de3de0d0998b74d2a3bbc3a6269f6be012f31292ad9ddc303ef141
                                                                                                                                                                                                • Instruction Fuzzy Hash: 87515072B197819AE760CF29E44026AB7A0FB88790F444136EA8D87B59EF3CE4408B14
                                                                                                                                                                                                Function 00007FF8A8781613 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 116COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: getaddrinfo
                                                                                                                                                                                                • String ID: ..\s\crypto\bio\b_addr.c
                                                                                                                                                                                                • API String ID: 300660673-2547254400
                                                                                                                                                                                                • Opcode ID: ff362b2e146a9955ea5a374bf5228206e2dd813b74c8d22398f2e98f30882444
                                                                                                                                                                                                • Instruction ID: 6a9b47216243ef7c7e334dbfbb9be0281fa04c8c271d34ecec8eeac748e37c2f
                                                                                                                                                                                                • Opcode Fuzzy Hash: ff362b2e146a9955ea5a374bf5228206e2dd813b74c8d22398f2e98f30882444
                                                                                                                                                                                                • Instruction Fuzzy Hash: AE41D173B1978297F760CF26A8446BA7790FB84780F004135EB8943B85DF7CE8458B58
                                                                                                                                                                                                Function 00007FF7774E9EA4 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 111COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • _invalid_parameter_noinfo.LIBCMT ref: 00007FF7774E9ED6
                                                                                                                                                                                                  • Part of subcall function 00007FF7774EB7D8: RtlFreeHeap.NTDLL(?,?,?,00007FF7774F3BB2,?,?,?,00007FF7774F3BEF,?,?,00000000,00007FF7774F40B5,?,?,?,00007FF7774F3FE7), ref: 00007FF7774EB7EE
                                                                                                                                                                                                  • Part of subcall function 00007FF7774EB7D8: GetLastError.KERNEL32(?,?,?,00007FF7774F3BB2,?,?,?,00007FF7774F3BEF,?,?,00000000,00007FF7774F40B5,?,?,?,00007FF7774F3FE7), ref: 00007FF7774EB7F8
                                                                                                                                                                                                • GetModuleFileNameW.KERNEL32(?,?,?,?,?,00007FF7774DDA35), ref: 00007FF7774E9EF4
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ErrorFileFreeHeapLastModuleName_invalid_parameter_noinfo
                                                                                                                                                                                                • String ID: C:\Users\user\Desktop\HmP9fn8NM9.exe
                                                                                                                                                                                                • API String ID: 3580290477-677433768
                                                                                                                                                                                                • Opcode ID: 17c1e4c141086a11aa2f6cb50b195dbec35bb56674ee08ecaa406aa3e703ae8f
                                                                                                                                                                                                • Instruction ID: 046a6e0b4d905ed4708c9b894bc78ff753902b62025c5aace68e1e773525bb5f
                                                                                                                                                                                                • Opcode Fuzzy Hash: 17c1e4c141086a11aa2f6cb50b195dbec35bb56674ee08ecaa406aa3e703ae8f
                                                                                                                                                                                                • Instruction Fuzzy Hash: D2416D37A38B1285EB15FF2698400BDA7A4EF457E4B954136EE4E43B85DE7CE482C321
                                                                                                                                                                                                Function 00007FF8B835A300 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 101COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411114212.00007FF8B8331000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF8B8330000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411075132.00007FF8B8330000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411240037.00007FF8B83F7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411275256.00007FF8B83F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8330000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: log2
                                                                                                                                                                                                • String ID: Tg]@
                                                                                                                                                                                                • API String ID: 4048861018-1367013573
                                                                                                                                                                                                • Opcode ID: 314978e01d248754fc8a1f8367cd94a51ede3c6cab710bddc8371ba00d0dbb51
                                                                                                                                                                                                • Instruction ID: db9ac284ff00aeaa230c38a8b776f43c0851bed89d94271158613ba65ea78852
                                                                                                                                                                                                • Opcode Fuzzy Hash: 314978e01d248754fc8a1f8367cd94a51ede3c6cab710bddc8371ba00d0dbb51
                                                                                                                                                                                                • Instruction Fuzzy Hash: B341D631A15B898ADA118B7AD0006E9B651FF49BC8F188332EB4A27754DB39F593D704
                                                                                                                                                                                                Function 00007FF7774EDAC8 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 100fileCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ErrorFileLastWrite
                                                                                                                                                                                                • String ID: U
                                                                                                                                                                                                • API String ID: 442123175-4171548499
                                                                                                                                                                                                • Opcode ID: f9c316fb67ba2be537d208413cf1220e477e2a5b4c7a1811549ade85e5129248
                                                                                                                                                                                                • Instruction ID: 3a8ea10d3cc23d6cdc4bceb1c377381442f977942b229badcff0c5068e059c7b
                                                                                                                                                                                                • Opcode Fuzzy Hash: f9c316fb67ba2be537d208413cf1220e477e2a5b4c7a1811549ade85e5129248
                                                                                                                                                                                                • Instruction Fuzzy Hash: 4341B323A38A4196DB20AF26E4443B9A761FB847D4F844131EE8D87794EF7CD452CB50
                                                                                                                                                                                                Function 00007FF7774F0448 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 66COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: CurrentDirectory
                                                                                                                                                                                                • String ID: :
                                                                                                                                                                                                • API String ID: 1611563598-336475711
                                                                                                                                                                                                • Opcode ID: 58476c6494dc7044b722e802b60c3f8ff28d50d4b8885ca84afca0485fb1af3e
                                                                                                                                                                                                • Instruction ID: 6bbe3f379d3bd967adbd815038f30fb4e98b8f7794f2f8567e07c0ffd645ccb3
                                                                                                                                                                                                • Opcode Fuzzy Hash: 58476c6494dc7044b722e802b60c3f8ff28d50d4b8885ca84afca0485fb1af3e
                                                                                                                                                                                                • Instruction Fuzzy Hash: 6221A563B3864681EB20EB16D44826DA3B1FBC4B44FC94135DE8D43695DFBCE946C760
                                                                                                                                                                                                Function 00007FF8A878338C Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 61networkCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ErrorLastgetsockname
                                                                                                                                                                                                • String ID: ..\s\crypto\bio\b_sock.c
                                                                                                                                                                                                • API String ID: 566540725-540685895
                                                                                                                                                                                                • Opcode ID: 5eba5f4fb37063eb421bd785aab33e1d3d53f176506f7daf47244a11d094d287
                                                                                                                                                                                                • Instruction ID: 71179dca14654147dabaeb6e91ac27a1d9ab5bc50293cd8a3a4f4dcf6fdcac21
                                                                                                                                                                                                • Opcode Fuzzy Hash: 5eba5f4fb37063eb421bd785aab33e1d3d53f176506f7daf47244a11d094d287
                                                                                                                                                                                                • Instruction Fuzzy Hash: E521CFB6B4A102A6E720CB60E8046EE7360FF80385F940171E65C42AE1DF7DE5C5CB68
                                                                                                                                                                                                Function 00007FF7774E0BD8 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 44COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ExceptionFileHeaderRaise
                                                                                                                                                                                                • String ID: csm
                                                                                                                                                                                                • API String ID: 2573137834-1018135373
                                                                                                                                                                                                • Opcode ID: f7ca8b4ebdc19bd2a8daca7b92626e44264ed40d37d4c7e07f6c53dbae7fecdd
                                                                                                                                                                                                • Instruction ID: 529757834f431a268cb3c6a80328f9dcfca076671802485500bc589b91feef85
                                                                                                                                                                                                • Opcode Fuzzy Hash: f7ca8b4ebdc19bd2a8daca7b92626e44264ed40d37d4c7e07f6c53dbae7fecdd
                                                                                                                                                                                                • Instruction Fuzzy Hash: 19115E33628B8082EB249B16F404269B7E0FB88B94F984234DF8D07768DF3CC592C710
                                                                                                                                                                                                Function 00007FF7774F15CC Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 36COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408693535.00007FF7774D1000.00000020.00000001.01000000.00000003.sdmp, Offset: 00007FF7774D0000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408660799.00007FF7774D0000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408744733.00007FF7774FC000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777512000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408790381.00007FF777515000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2408859685.00007FF777518000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff7774d0000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: DriveType_invalid_parameter_noinfo
                                                                                                                                                                                                • String ID: :
                                                                                                                                                                                                • API String ID: 2595371189-336475711
                                                                                                                                                                                                • Opcode ID: ea2191d5d0cf109ba06c2fb9ac991aec13a9c9b56c21ad2cfb2546a21836219d
                                                                                                                                                                                                • Instruction ID: 37648d80cac53d52a561ce7092fa59ae001c314ddba6a139d00434c2a953f536
                                                                                                                                                                                                • Opcode Fuzzy Hash: ea2191d5d0cf109ba06c2fb9ac991aec13a9c9b56c21ad2cfb2546a21836219d
                                                                                                                                                                                                • Instruction Fuzzy Hash: E2018B23A3C60386FB60BF62946127EA3A0EF44745FC80936DE5D82691DF6CE5168A24
                                                                                                                                                                                                Function 00007FF8A87815AF Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 31COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: _time64
                                                                                                                                                                                                • String ID: !$..\s\crypto\ct\ct_policy.c
                                                                                                                                                                                                • API String ID: 1670930206-3401457818
                                                                                                                                                                                                • Opcode ID: c165142880d70116bb13c1ff82c911416593e2477c0091b18450a469e25eed02
                                                                                                                                                                                                • Instruction ID: a9cdaa1a9b3bcb07f4d306ac3d238ed9462dc515665040369c563b7927e04f90
                                                                                                                                                                                                • Opcode Fuzzy Hash: c165142880d70116bb13c1ff82c911416593e2477c0091b18450a469e25eed02
                                                                                                                                                                                                • Instruction Fuzzy Hash: CFF0A931B5BA02A2EB109B64D4063AD3290FF80785F840035DA5D027D1EF3CBA95C668
                                                                                                                                                                                                Function 00007FF8A8664EC8 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 31COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408935570.00007FF8A8661000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF8A8660000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408899288.00007FF8A8660000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8666000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A86C4000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8713000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A876C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409279437.00007FF8A876F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409316182.00007FF8A8771000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8660000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: String$Err_FromUnicode_
                                                                                                                                                                                                • String ID: no such name
                                                                                                                                                                                                • API String ID: 3678473424-4211486178
                                                                                                                                                                                                • Opcode ID: 395a9204b06d10842d27ff1401529a2fab2db4c300028d58aebe2a064ec5b4ca
                                                                                                                                                                                                • Instruction ID: fb2bf81fc05c31cf4a232f828110baa8ac6cf4d2f8f90dcb0e4c03db037b2f2e
                                                                                                                                                                                                • Opcode Fuzzy Hash: 395a9204b06d10842d27ff1401529a2fab2db4c300028d58aebe2a064ec5b4ca
                                                                                                                                                                                                • Instruction Fuzzy Hash: CE016D31A2EAC6A1FB258B11E8183B5A3A0FFD8BC5F402031DA4F46750EF3CE1058728
                                                                                                                                                                                                Function 00007FF8B83312F0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 23COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2411114212.00007FF8B8331000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00007FF8B8330000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2411075132.00007FF8B8330000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411170165.00007FF8B8385000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411240037.00007FF8B83F7000.00000004.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2411275256.00007FF8B83F8000.00000002.00000001.01000000.0000000C.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8b8330000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Err_LongLong_String
                                                                                                                                                                                                • String ID: Invalid mode
                                                                                                                                                                                                • API String ID: 568964304-431149109
                                                                                                                                                                                                • Opcode ID: 2e3b143024fffb948b6d36cb644d747681586ed00adecaaa304b2e3236bd7830
                                                                                                                                                                                                • Instruction ID: 35ef412398f2b96f9696088e12c03fb090521b136c4ff88407f172d73d2b3462
                                                                                                                                                                                                • Opcode Fuzzy Hash: 2e3b143024fffb948b6d36cb644d747681586ed00adecaaa304b2e3236bd7830
                                                                                                                                                                                                • Instruction Fuzzy Hash: 21F039A1A0464682FB156B2DE48527C6290EF4CBE2F9C5470D60C866A0EF2DD8D78308
                                                                                                                                                                                                Function 00007FF8A8786BEA Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 21networkCOMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2409468289.00007FF8A8781000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00007FF8A8780000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2409430141.00007FF8A8780000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A878D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87E5000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A87F9000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A8809000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A881D000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409468289.00007FF8A89CE000.00000020.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89D0000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A89FB000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A2D000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409867830.00007FF8A8A52000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410047657.00007FF8A8AA0000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410084697.00007FF8A8AA6000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AA8000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2410117459.00007FF8A8AC9000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8780000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: ErrorLastioctlsocket
                                                                                                                                                                                                • String ID: ..\s\crypto\bio\b_sock.c
                                                                                                                                                                                                • API String ID: 1021210092-540685895
                                                                                                                                                                                                • Opcode ID: 874f4edec6eb816a1ff5eb4e5d2cc5ac46c60ec8e5f89df9828d11ec1872b5a1
                                                                                                                                                                                                • Instruction ID: f11ac7d8e22db6d21dfc91bb4f8aee11609b47a9aefd910087485ddfa7fc830c
                                                                                                                                                                                                • Opcode Fuzzy Hash: 874f4edec6eb816a1ff5eb4e5d2cc5ac46c60ec8e5f89df9828d11ec1872b5a1
                                                                                                                                                                                                • Instruction Fuzzy Hash: 90E09AA1F5B503ABF3105BA0980577A2210FF08387F400130EA1E86B91EF2DB2888A79
                                                                                                                                                                                                Function 00007FF8A8662610 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 19COMMON
                                                                                                                                                                                                Download Yara Rule
                                                                                                                                                                                                APIs
                                                                                                                                                                                                • _PyObject_GC_New.PYTHON310(?,?,00000000,00007FF8A8662523), ref: 00007FF8A8662616
                                                                                                                                                                                                • PyObject_GC_Track.PYTHON310(?,?,00000000,00007FF8A8662523), ref: 00007FF8A8662648
                                                                                                                                                                                                Strings
                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                • Source File: 00000003.00000002.2408935570.00007FF8A8661000.00000020.00000001.01000000.00000013.sdmp, Offset: 00007FF8A8660000, based on PE: true
                                                                                                                                                                                                • Associated: 00000003.00000002.2408899288.00007FF8A8660000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8666000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A86C4000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A8713000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409006238.00007FF8A876C000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409279437.00007FF8A876F000.00000004.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                • Associated: 00000003.00000002.2409316182.00007FF8A8771000.00000002.00000001.01000000.00000013.sdmpDownload File
                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                • Snapshot File: hcaresult_3_2_7ff8a8660000_HmP9fn8NM9.jbxd
                                                                                                                                                                                                Similarity
                                                                                                                                                                                                • API ID: Object_$Track
                                                                                                                                                                                                • String ID: 3.2.0
                                                                                                                                                                                                • API String ID: 16854473-1786766648
                                                                                                                                                                                                • Opcode ID: 130b53709363e2619516061a5c988ffa53525eb8ea4b72339361dea2d0428f1f
                                                                                                                                                                                                • Instruction ID: 1c64f9d9fea16c573736b41e5c4540cce73f5bba4d4bcfa07766812fb34e2bc7
                                                                                                                                                                                                • Opcode Fuzzy Hash: 130b53709363e2619516061a5c988ffa53525eb8ea4b72339361dea2d0428f1f
                                                                                                                                                                                                • Instruction Fuzzy Hash: EAE07535A1BB82B2FB198F65E84806462A4FF08B95F542135CD4E52361EF3CE5A5C368