Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
GalacticShooter (3).exe

Overview

General Information

Sample Name:GalacticShooter (3).exe
Analysis ID:847587
MD5:83024ea067ab552d39ffdb6e12a30817
SHA1:23d6b96f806e1ca8a10dfa16e7f35b3f2801a489
SHA256:f96f3a4f4cdab5176a055736464d979f7cbd902298c910cbbdb08e955695bf73
Infos:

Detection

Score:48
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Tries to harvest and steal browser information (history, passwords, etc)
May check the online IP address of the machine
Uses 32bit PE files
Drops files with a non-matching file extension (content does not match file extension)
Queries the volume information (name, serial number etc) of a device
Drops PE files
Uses a known web browser user agent for HTTP communication
Very long cmdline option found, this is very uncommon (may be encrypted or packed)
PE file contains sections with non-standard names
Binary contains a suspicious time stamp
Queries keyboard layouts
Enables security privileges
PE file contains more sections than normal
Found dropped PE file which has not been started or loaded
Creates a process in suspended mode (likely to inject code)
IP address seen in connection with other malware
Searches for user specific document files

Classification

Process Tree

  • System is w10x64
  • GalacticShooter (3).exe (PID: 7152 cmdline: C:\Users\user\Desktop\GalacticShooter (3).exe MD5: 83024EA067AB552D39FFDB6E12A30817)
    • GalacticShooter.exe (PID: 648 cmdline: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe MD5: 93BD0AE322D0293B5AFF20C25B1F71A2)
      • GalacticShooter.exe (PID: 5020 cmdline: "C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe" --type=gpu-process --user-data-dir="C:\Users\user\AppData\Roaming\GalacticShooter" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1688 --field-trial-handle=1808,i,15278089115020680940,8688177150396165339,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2 MD5: 93BD0AE322D0293B5AFF20C25B1F71A2)
      • GalacticShooter.exe (PID: 6760 cmdline: "C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\user\AppData\Roaming\GalacticShooter" --mojo-platform-channel-handle=2012 --field-trial-handle=1808,i,15278089115020680940,8688177150396165339,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8 MD5: 93BD0AE322D0293B5AFF20C25B1F71A2)
      • GalacticShooter.exe (PID: 4852 cmdline: "C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe" --type=renderer --user-data-dir="C:\Users\user\AppData\Roaming\GalacticShooter" --app-path="C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\resources\app.asar" --enable-sandbox --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --launch-time-ticks=6097977297 --mojo-platform-channel-handle=2372 --field-trial-handle=1808,i,15278089115020680940,8688177150396165339,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1 MD5: 93BD0AE322D0293B5AFF20C25B1F71A2)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results
Source: GalacticShooter (3).exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
Source: C:\Users\user\Desktop\GalacticShooter (3).exeFile created: C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\LICENSE.electron.txtJump to behavior
Source: C:\Users\user\Desktop\GalacticShooter (3).exeFile created: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\LICENSE.electron.txtJump to behavior
Source: GalacticShooter (3).exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeFile opened: C:\Users\userJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeFile opened: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCyJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeFile opened: C:\Users\user\AppDataJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeFile opened: C:\Users\user\AppData\Local\TempJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeFile opened: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\resourcesJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeFile opened: C:\Users\user\AppData\LocalJump to behavior

Networking

barindex
May check the online IP address of the machine
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeDNS query: name: ipinfo.io
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeDNS query: name: ipinfo.io
Source: global trafficHTTP traffic detected: GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1Host: ajax.googleapis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) GalacticShooter/1.0.0 Chrome/100.0.4896.143 Electron/18.2.3 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US
Source: Joe Sandbox ViewIP Address: 162.159.130.233 162.159.130.233
Source: Joe Sandbox ViewIP Address: 162.159.130.233 162.159.130.233
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49700
Source: unknownNetwork traffic detected: HTTP traffic on port 49708 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49699 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49706 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49702 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49704 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49701 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49698 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49699
Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49698
Source: unknownNetwork traffic detected: HTTP traffic on port 49707 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49705 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49700 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49707
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49706
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49705
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49704
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49702
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49701
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.184.106
Source: da.pak.0.drString found in binary or memory: http://eksempel.dk
Source: GalacticShooter (3).exeString found in binary or memory: http://nsis.sf.net/NSIS_ErrorError
Source: da.pak.0.drString found in binary or memory: https://eksempel.dk.Brug
Source: ro.pak.0.dr, da.pak.0.dr, fr.pak0.0.drString found in binary or memory: https://support.google.com/chrome/answer/6098869
Source: es.pak.0.drString found in binary or memory: https://support.google.com/chrome/answer/6098869?hl=es
Source: unknownDNS traffic detected: queries for: rentry.co
Source: global trafficHTTP traffic detected: GET /dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/1.1Host: dns.googleConnection: keep-aliveAccept: application/dns-messageAccept-Language: *User-Agent: ChromeAccept-Encoding: identity
Source: global trafficHTTP traffic detected: GET /dns-query?dns=AAABAAABAAAAAAABBGFqYXgKZ29vZ2xlYXBpcwNjb20AAAEAAQAAKRAAAAAAAABQAAwATAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/1.1Host: dns.googleConnection: keep-aliveAccept: application/dns-messageAccept-Language: *User-Agent: ChromeAccept-Encoding: identity
Source: global trafficHTTP traffic detected: GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1Host: ajax.googleapis.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) GalacticShooter/1.0.0 Chrome/100.0.4896.143 Electron/18.2.3 Safari/537.36Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US
Source: GalacticShooter (3).exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
Source: C:\Users\user\Desktop\GalacticShooter (3).exeProcess token adjusted: SecurityJump to behavior
Source: GalacticShooter.exe.0.drStatic PE information: Number of sections : 13 > 10
Source: GalacticShooter.exe0.0.drStatic PE information: Number of sections : 13 > 10
Source: C:\Users\user\Desktop\GalacticShooter (3).exeFile read: C:\Users\user\Desktop\GalacticShooter (3).exeJump to behavior
Source: GalacticShooter (3).exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: C:\Users\user\Desktop\GalacticShooter (3).exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
Source: unknownProcess created: C:\Users\user\Desktop\GalacticShooter (3).exe C:\Users\user\Desktop\GalacticShooter (3).exe
Source: C:\Users\user\Desktop\GalacticShooter (3).exeProcess created: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess created: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe "C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe" --type=gpu-process --user-data-dir="C:\Users\user\AppData\Roaming\GalacticShooter" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1688 --field-trial-handle=1808,i,15278089115020680940,8688177150396165339,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess created: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe "C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\user\AppData\Roaming\GalacticShooter" --mojo-platform-channel-handle=2012 --field-trial-handle=1808,i,15278089115020680940,8688177150396165339,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess created: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe "C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe" --type=renderer --user-data-dir="C:\Users\user\AppData\Roaming\GalacticShooter" --app-path="C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\resources\app.asar" --enable-sandbox --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --launch-time-ticks=6097977297 --mojo-platform-channel-handle=2372 --field-trial-handle=1808,i,15278089115020680940,8688177150396165339,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
Source: C:\Users\user\Desktop\GalacticShooter (3).exeProcess created: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess created: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe "C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe" --type=gpu-process --user-data-dir="C:\Users\user\AppData\Roaming\GalacticShooter" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1688 --field-trial-handle=1808,i,15278089115020680940,8688177150396165339,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess created: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe "C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\user\AppData\Roaming\GalacticShooter" --mojo-platform-channel-handle=2012 --field-trial-handle=1808,i,15278089115020680940,8688177150396165339,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess created: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe "C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe" --type=renderer --user-data-dir="C:\Users\user\AppData\Roaming\GalacticShooter" --app-path="C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\resources\app.asar" --enable-sandbox --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --launch-time-ticks=6097977297 --mojo-platform-channel-handle=2372 --field-trial-handle=1808,i,15278089115020680940,8688177150396165339,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1Jump to behavior
Source: C:\Users\user\Desktop\GalacticShooter (3).exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1f486a52-3cb1-48fd-8f50-b8dc300d9f9d}\InProcServer32Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeFile created: C:\Users\user\AppData\Roaming\GalacticShooterJump to behavior
Source: C:\Users\user\Desktop\GalacticShooter (3).exeFile created: C:\Users\user\AppData\Local\Temp\nst54AD.tmpJump to behavior
Source: classification engineClassification label: mal48.troj.spyw.winEXE@9/186@9/8
Source: C:\Users\user\Desktop\GalacticShooter (3).exeFile read: C:\Users\desktop.iniJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: GalacticShooter (3).exeStatic file information: File size 64791841 > 1048576
Source: GalacticShooter (3).exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
Source: vk_swiftshader.dll.0.drStatic PE information: section name: .00cfg
Source: vk_swiftshader.dll.0.drStatic PE information: section name: _RDATA
Source: vulkan-1.dll.0.drStatic PE information: section name: .00cfg
Source: vulkan-1.dll.0.drStatic PE information: section name: _RDATA
Source: ffmpeg.dll.0.drStatic PE information: section name: .00cfg
Source: ffmpeg.dll.0.drStatic PE information: section name: _RDATA
Source: GalacticShooter.exe.0.drStatic PE information: section name: .00cfg
Source: GalacticShooter.exe.0.drStatic PE information: section name: .retplne
Source: GalacticShooter.exe.0.drStatic PE information: section name: .rodata
Source: GalacticShooter.exe.0.drStatic PE information: section name: CPADinfo
Source: GalacticShooter.exe.0.drStatic PE information: section name: _RDATA
Source: GalacticShooter.exe.0.drStatic PE information: section name: malloc_h
Source: libEGL.dll.0.drStatic PE information: section name: .00cfg
Source: libEGL.dll.0.drStatic PE information: section name: _RDATA
Source: libGLESv2.dll.0.drStatic PE information: section name: .00cfg
Source: libGLESv2.dll.0.drStatic PE information: section name: _RDATA
Source: libEGL.dll0.0.drStatic PE information: section name: .00cfg
Source: libEGL.dll0.0.drStatic PE information: section name: _RDATA
Source: libGLESv2.dll0.0.drStatic PE information: section name: .00cfg
Source: libGLESv2.dll0.0.drStatic PE information: section name: _RDATA
Source: vk_swiftshader.dll0.0.drStatic PE information: section name: .00cfg
Source: vk_swiftshader.dll0.0.drStatic PE information: section name: _RDATA
Source: vulkan-1.dll0.0.drStatic PE information: section name: .00cfg
Source: vulkan-1.dll0.0.drStatic PE information: section name: _RDATA
Source: ffmpeg.dll0.0.drStatic PE information: section name: .00cfg
Source: ffmpeg.dll0.0.drStatic PE information: section name: _RDATA
Source: GalacticShooter.exe0.0.drStatic PE information: section name: .00cfg
Source: GalacticShooter.exe0.0.drStatic PE information: section name: .retplne
Source: GalacticShooter.exe0.0.drStatic PE information: section name: .rodata
Source: GalacticShooter.exe0.0.drStatic PE information: section name: CPADinfo
Source: GalacticShooter.exe0.0.drStatic PE information: section name: _RDATA
Source: GalacticShooter.exe0.0.drStatic PE information: section name: malloc_h
Source: libEGL.dll1.0.drStatic PE information: section name: .00cfg
Source: libEGL.dll1.0.drStatic PE information: section name: _RDATA
Source: libGLESv2.dll1.0.drStatic PE information: section name: .00cfg
Source: libGLESv2.dll1.0.drStatic PE information: section name: _RDATA
Source: a29c34ab-b943-477c-ac6f-48afff1de174.tmp.node.10.drStatic PE information: section name: .didat
Source: a29c34ab-b943-477c-ac6f-48afff1de174.tmp.node.10.drStatic PE information: section name: .00cfg
Source: a29c34ab-b943-477c-ac6f-48afff1de174.tmp.node.10.drStatic PE information: section name: _RDATA
Source: 00569f07-e2e7-4e9a-a29a-45eaa7608008.tmp.node.10.drStatic PE information: section name: .didat
Source: 00569f07-e2e7-4e9a-a29a-45eaa7608008.tmp.node.10.drStatic PE information: section name: .00cfg
Source: 00569f07-e2e7-4e9a-a29a-45eaa7608008.tmp.node.10.drStatic PE information: section name: _RDATA
Source: d3dcompiler_47.dll.0.drStatic PE information: 0xF3329C94 [Sat Apr 18 07:26:12 2099 UTC]
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeFile created: C:\Users\user\AppData\Local\Temp\a29c34ab-b943-477c-ac6f-48afff1de174.tmp.nodeJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeFile created: C:\Users\user\AppData\Local\Temp\00569f07-e2e7-4e9a-a29a-45eaa7608008.tmp.nodeJump to dropped file
Source: C:\Users\user\Desktop\GalacticShooter (3).exeFile created: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\vk_swiftshader.dllJump to dropped file
Source: C:\Users\user\Desktop\GalacticShooter (3).exeFile created: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\vulkan-1.dllJump to dropped file
Source: C:\Users\user\Desktop\GalacticShooter (3).exeFile created: C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\ffmpeg.dllJump to dropped file
Source: C:\Users\user\Desktop\GalacticShooter (3).exeFile created: C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\libEGL.dllJump to dropped file
Source: C:\Users\user\Desktop\GalacticShooter (3).exeFile created: C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\libGLESv2.dllJump to dropped file
Source: C:\Users\user\Desktop\GalacticShooter (3).exeFile created: C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\resources\elevate.exeJump to dropped file
Source: C:\Users\user\Desktop\GalacticShooter (3).exeFile created: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\ffmpeg.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeFile created: C:\Users\user\AppData\Local\Temp\00569f07-e2e7-4e9a-a29a-45eaa7608008.tmp.nodeJump to dropped file
Source: C:\Users\user\Desktop\GalacticShooter (3).exeFile created: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\libEGL.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeFile created: C:\Users\user\AppData\Local\Temp\a29c34ab-b943-477c-ac6f-48afff1de174.tmp.nodeJump to dropped file
Source: C:\Users\user\Desktop\GalacticShooter (3).exeFile created: C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\GalacticShooter.exeJump to dropped file
Source: C:\Users\user\Desktop\GalacticShooter (3).exeFile created: C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\vulkan-1.dllJump to dropped file
Source: C:\Users\user\Desktop\GalacticShooter (3).exeFile created: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\libGLESv2.dllJump to dropped file
Source: C:\Users\user\Desktop\GalacticShooter (3).exeFile created: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeJump to dropped file
Source: C:\Users\user\Desktop\GalacticShooter (3).exeFile created: C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\d3dcompiler_47.dllJump to dropped file
Source: C:\Users\user\Desktop\GalacticShooter (3).exeFile created: C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\swiftshader\libEGL.dllJump to dropped file
Source: C:\Users\user\Desktop\GalacticShooter (3).exeFile created: C:\Users\user\AppData\Local\Temp\nso54DD.tmp\System.dllJump to dropped file
Source: C:\Users\user\Desktop\GalacticShooter (3).exeFile created: C:\Users\user\AppData\Local\Temp\nso54DD.tmp\nsis7z.dllJump to dropped file
Source: C:\Users\user\Desktop\GalacticShooter (3).exeFile created: C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\vk_swiftshader.dllJump to dropped file
Source: C:\Users\user\Desktop\GalacticShooter (3).exeFile created: C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\swiftshader\libGLESv2.dllJump to dropped file
Source: C:\Users\user\Desktop\GalacticShooter (3).exeFile created: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\d3dcompiler_47.dllJump to dropped file
Source: C:\Users\user\Desktop\GalacticShooter (3).exeFile created: C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\LICENSE.electron.txtJump to behavior
Source: C:\Users\user\Desktop\GalacticShooter (3).exeFile created: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\LICENSE.electron.txtJump to behavior
Source: C:\Users\user\Desktop\GalacticShooter (3).exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\GalacticShooter (3).exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\GalacticShooter (3).exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeKey opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\00000409Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeKey opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\00000409Jump to behavior
Source: C:\Users\user\Desktop\GalacticShooter (3).exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\resources\elevate.exeJump to dropped file
Source: C:\Users\user\Desktop\GalacticShooter (3).exeFile Volume queried: C:\ FullSizeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeFile Volume queried: C:\Users\user\AppData\Roaming\GalacticShooter\Code Cache\wasm FullSizeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeFile Volume queried: C:\Users\user\AppData\Roaming\GalacticShooter\Code Cache\js FullSizeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeFile Volume queried: C:\Users\user\AppData\Roaming\GalacticShooter\blob_storage\76d81e7a-d76e-4351-923b-d3acb571a189 FullSizeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeFile Volume queried: C:\Users\user\AppData\Roaming\GalacticShooter\Cache\Cache_Data FullSizeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeFile opened: C:\Users\userJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeFile opened: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCyJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeFile opened: C:\Users\user\AppDataJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeFile opened: C:\Users\user\AppData\Local\TempJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeFile opened: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\resourcesJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeFile opened: C:\Users\user\AppData\LocalJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess created: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe "c:\users\user\appdata\local\temp\2onwrci5gz6rem4ajlgk3s9hvcy\galacticshooter.exe" --type=gpu-process --user-data-dir="c:\users\user\appdata\roaming\galacticshooter" --gpu-preferences=uaaaaaaaaadgaaayaaaaaaaaaaaaaaaaaabgaaaaaaawaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaegaaaaaaaaasaaaaaaaaaayaaaaagaaabaaaaaaaaaagaaaaaaaaaaqaaaaaaaaaaaaaaaoaaaaeaaaaaaaaaabaaaadgaaaagaaaaaaaaacaaaaaaaaaa= --mojo-platform-channel-handle=1688 --field-trial-handle=1808,i,15278089115020680940,8688177150396165339,131072 --disable-features=sparerendererforsiteperprocess,winretrievesuggestionsonlyondemand /prefetch:2
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess created: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe "c:\users\user\appdata\local\temp\2onwrci5gz6rem4ajlgk3s9hvcy\galacticshooter.exe" --type=utility --utility-sub-type=network.mojom.networkservice --lang=en-us --service-sandbox-type=none --user-data-dir="c:\users\user\appdata\roaming\galacticshooter" --mojo-platform-channel-handle=2012 --field-trial-handle=1808,i,15278089115020680940,8688177150396165339,131072 --disable-features=sparerendererforsiteperprocess,winretrievesuggestionsonlyondemand /prefetch:8
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess created: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe "c:\users\user\appdata\local\temp\2onwrci5gz6rem4ajlgk3s9hvcy\galacticshooter.exe" --type=renderer --user-data-dir="c:\users\user\appdata\roaming\galacticshooter" --app-path="c:\users\user\appdata\local\temp\2onwrci5gz6rem4ajlgk3s9hvcy\resources\app.asar" --enable-sandbox --lang=en-us --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --launch-time-ticks=6097977297 --mojo-platform-channel-handle=2372 --field-trial-handle=1808,i,15278089115020680940,8688177150396165339,131072 --disable-features=sparerendererforsiteperprocess,winretrievesuggestionsonlyondemand /prefetch:1
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess created: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe "c:\users\user\appdata\local\temp\2onwrci5gz6rem4ajlgk3s9hvcy\galacticshooter.exe" --type=gpu-process --user-data-dir="c:\users\user\appdata\roaming\galacticshooter" --gpu-preferences=uaaaaaaaaadgaaayaaaaaaaaaaaaaaaaaabgaaaaaaawaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaegaaaaaaaaasaaaaaaaaaayaaaaagaaabaaaaaaaaaagaaaaaaaaaaqaaaaaaaaaaaaaaaoaaaaeaaaaaaaaaabaaaadgaaaagaaaaaaaaacaaaaaaaaaa= --mojo-platform-channel-handle=1688 --field-trial-handle=1808,i,15278089115020680940,8688177150396165339,131072 --disable-features=sparerendererforsiteperprocess,winretrievesuggestionsonlyondemand /prefetch:2Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess created: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe "c:\users\user\appdata\local\temp\2onwrci5gz6rem4ajlgk3s9hvcy\galacticshooter.exe" --type=utility --utility-sub-type=network.mojom.networkservice --lang=en-us --service-sandbox-type=none --user-data-dir="c:\users\user\appdata\roaming\galacticshooter" --mojo-platform-channel-handle=2012 --field-trial-handle=1808,i,15278089115020680940,8688177150396165339,131072 --disable-features=sparerendererforsiteperprocess,winretrievesuggestionsonlyondemand /prefetch:8Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess created: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe "c:\users\user\appdata\local\temp\2onwrci5gz6rem4ajlgk3s9hvcy\galacticshooter.exe" --type=renderer --user-data-dir="c:\users\user\appdata\roaming\galacticshooter" --app-path="c:\users\user\appdata\local\temp\2onwrci5gz6rem4ajlgk3s9hvcy\resources\app.asar" --enable-sandbox --lang=en-us --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --launch-time-ticks=6097977297 --mojo-platform-channel-handle=2372 --field-trial-handle=1808,i,15278089115020680940,8688177150396165339,131072 --disable-features=sparerendererforsiteperprocess,winretrievesuggestionsonlyondemand /prefetch:1Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess created: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe "C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe" --type=gpu-process --user-data-dir="C:\Users\user\AppData\Roaming\GalacticShooter" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1688 --field-trial-handle=1808,i,15278089115020680940,8688177150396165339,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess created: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe "C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\user\AppData\Roaming\GalacticShooter" --mojo-platform-channel-handle=2012 --field-trial-handle=1808,i,15278089115020680940,8688177150396165339,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeProcess created: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe "C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe" --type=renderer --user-data-dir="C:\Users\user\AppData\Roaming\GalacticShooter" --app-path="C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\resources\app.asar" --enable-sandbox --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --launch-time-ticks=6097977297 --mojo-platform-channel-handle=2372 --field-trial-handle=1808,i,15278089115020680940,8688177150396165339,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Temp VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\resources VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\resources\app.asar VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Windows\System32\spool\drivers\color\sRGB Color Space Profile.icm VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Google\Chrome\User Data VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Temp VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Google\Chrome\User Data VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Temp VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Google\Chrome\User Data VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Temp VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Temp\epsilon-user\Cookies VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Temp\epsilon-user VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Temp\epsilon-user\Autofill Data.txt VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Temp\epsilon-user\Autofill Data.txt VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Temp\epsilon-user\Cookies VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Temp\epsilon-user\Cookies\Chrome_Default.txt VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Temp\epsilon-user\Cookies\Chrome_Default.txt VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Temp\epsilon-user\Credit Cards.txt VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Temp\epsilon-user\Credit Cards.txt VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Temp\epsilon-user\Passwords.txt VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Temp\epsilon-user\Passwords.txt VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Temp\epsilon-user VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Temp\epsilon-user VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Temp\epsilon-user\Autofill Data.txt VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Temp\epsilon-user\Autofill Data.txt VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Temp\epsilon-user\Cookies VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Temp\epsilon-user\Cookies\Chrome_Default.txt VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Temp\epsilon-user\Cookies\Chrome_Default.txt VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Temp\epsilon-user\Credit Cards.txt VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Temp\epsilon-user\Credit Cards.txt VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Temp\epsilon-user\Passwords.txt VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Temp\epsilon-user\Passwords.txt VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Users\user\AppData\Local\Temp\epsilon-user.zip VolumeInformationJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformationJump to behavior

Stealing of Sensitive Information

barindex
Tries to harvest and steal browser information (history, passwords, etc)
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web DataJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\Local Storage\leveldbJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login DataJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldbJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\CookiesJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.logJump to behavior
Source: C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exeDirectory queried: C:\Users\user\DocumentsJump to behavior

Mitre Att&ck Matrix

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
Valid Accounts1
Command and Scripting Interpreter		Path Interception11
Process Injection		11
Masquerading		1
OS Credential Dumping		1
Remote System Discovery		Remote Services11
Data from Local System		Exfiltration Over Other Network Medium1
Encrypted Channel		Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization Scripts11
Process Injection		LSASS Memory1
System Network Configuration Discovery		Remote Desktop ProtocolData from Removable MediaExfiltration Over Bluetooth1
Ingress Tool Transfer		Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)1
Timestomp		Security Account Manager12
File and Directory Discovery		SMB/Windows Admin SharesData from Network Shared DriveAutomated Exfiltration2
Non-Application Layer Protocol		Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)Binary PaddingNTDS22
System Information Discovery		Distributed Component Object ModelInput CaptureScheduled Transfer13
Application Layer Protocol		SIM Card SwapCarrier Billing Fraud

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
GalacticShooter (3).exe6%ReversingLabs
GalacticShooter (3).exe3%VirustotalBrowse

Dropped Files

SourceDetectionScannerLabelLink
C:\Users\user\AppData\Local\Temp\00569f07-e2e7-4e9a-a29a-45eaa7608008.tmp.node0%ReversingLabs
C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe0%ReversingLabs
C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\d3dcompiler_47.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\ffmpeg.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\libEGL.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\libGLESv2.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\vk_swiftshader.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\vulkan-1.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\a29c34ab-b943-477c-ac6f-48afff1de174.tmp.node0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\GalacticShooter.exe0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\d3dcompiler_47.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\ffmpeg.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\libEGL.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\libGLESv2.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\resources\elevate.exe0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\swiftshader\libEGL.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\swiftshader\libGLESv2.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\vk_swiftshader.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\vulkan-1.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nso54DD.tmp\System.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nso54DD.tmp\nsis7z.dll0%ReversingLabs

Unpacked PE Files

No Antivirus matches

Domains

SourceDetectionScannerLabelLink
discord.com0%VirustotalBrowse
dns.google1%VirustotalBrowse
rentry.co1%VirustotalBrowse
canary.discord.com0%VirustotalBrowse

URLs

SourceDetectionScannerLabelLink
http://eksempel.dk0%URL Reputationsafe
https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0%URL Reputationsafe
https://dns.google/dns-query?dns=AAABAAABAAAAAAABBGFqYXgKZ29vZ2xlYXBpcwNjb20AAAEAAQAAKRAAAAAAAABQAAwATAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0%Avira URL Cloudsafe
https://eksempel.dk.Brug0%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
discord.com
162.159.138.232
truefalseunknown
ipinfo.io
34.117.59.81
truefalse
    		high
    rentry.co
    		198.251.88.130
    		truefalseunknown
    cdn.discordapp.com
    		162.159.130.233
    		truefalse
      		high
      canary.discord.com
      		162.159.128.233
      		truefalseunknown
      dns.google
      		8.8.8.8
      		truefalseunknown

      Contacted URLs

      NameMaliciousAntivirus DetectionReputation
      https://dns.google/dns-query?dns=AAABAAABAAAAAAABBGFqYXgKZ29vZ2xlYXBpcwNjb20AAAEAAQAAKRAAAAAAAABQAAwATAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfalse
      • Avira URL Cloud: safe
      		unknown
      https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfalse
      • URL Reputation: safe
      		unknown

      URLs from Memory and Binaries

      NameSourceMaliciousAntivirus DetectionReputation
      https://eksempel.dk.Brugda.pak.0.drfalse
      • Avira URL Cloud: safe
      		unknown
      http://eksempel.dkda.pak.0.drfalse
      • URL Reputation: safe
      		unknown
      http://nsis.sf.net/NSIS_ErrorErrorGalacticShooter (3).exefalse
        		high
        https://support.google.com/chrome/answer/6098869?hl=eses.pak.0.drfalse
          		high
          https://support.google.com/chrome/answer/6098869ro.pak.0.dr, da.pak.0.dr, fr.pak0.0.drfalse
            		high

            World Map of Contacted IPs

            • No. of IPs < 25%
            • 25% < No. of IPs < 50%
            • 50% < No. of IPs < 75%
            • 75% < No. of IPs

            Public IPs

            IPDomainCountryFlagASNASN NameMalicious
            162.159.130.233
            		cdn.discordapp.comUnited States
            		13335CLOUDFLARENETUSfalse
            162.159.138.232
            		discord.comUnited States
            		13335CLOUDFLARENETUSfalse
            198.251.88.130
            		rentry.coUnited States
            		53667PONYNETUSfalse
            34.117.59.81
            		ipinfo.ioUnited States
            		139070GOOGLE-AS-APGoogleAsiaPacificPteLtdSGfalse
            162.159.128.233
            		canary.discord.comUnited States
            		13335CLOUDFLARENETUSfalse
            8.8.4.4
            		unknownUnited States
            		15169GOOGLEUSfalse
            142.250.184.106
            		unknownUnited States
            		15169GOOGLEUSfalse

            Private

            IP
            192.168.2.1

            General Information

            Joe Sandbox Version:37.0.0 Beryl
            Analysis ID:847587
            Start date and time:2023-04-16 15:04:14 +02:00
            Joe Sandbox Product:CloudBasic
            Overall analysis duration:0h 8m 56s
            Hypervisor based Inspection enabled:false
            Report type:full
            Cookbook file name:default.jbs
            Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 104, IE 11, Adobe Reader DC 19, Java 8 Update 211
            Number of analysed new started processes analysed:16
            Number of new started drivers analysed:0
            Number of existing processes analysed:0
            Number of existing drivers analysed:0
            Number of injected processes analysed:0
            Technologies:
            • HCA enabled
            • EGA enabled
            • HDC enabled
            • AMSI enabled
            Analysis Mode:default
            Analysis stop reason:Timeout
            Sample file name:GalacticShooter (3).exe
            Detection:MAL
            Classification:mal48.troj.spyw.winEXE@9/186@9/8
            EGA Information:Failed
            HDC Information:Failed
            HCA Information:
            • Successful, ratio: 100%
            • Number of executed functions: 0
            • Number of non-executed functions: 0
            Cookbook Comments:
            • Found application associated with file extension: .exe

            Warnings

            • Exclude process from analysis (whitelisted): MpCmdRun.exe, SgrmBroker.exe, conhost.exe, svchost.exe
            • Excluded domains from analysis (whitelisted): www.bing.com, fs.microsoft.com, ctldl.windowsupdate.com
            • Not all processes where analyzed, report is missing behavior information
            • Report size getting too big, too many NtAllocateVirtualMemory calls found.
            • Report size getting too big, too many NtOpenKeyEx calls found.
            • Report size getting too big, too many NtProtectVirtualMemory calls found.
            • Report size getting too big, too many NtQueryAttributesFile calls found.
            • Report size getting too big, too many NtQueryValueKey calls found.
            • Report size getting too big, too many NtQueryVolumeInformationFile calls found.

            Simulations

            Behavior and APIs

            No simulations

            Joe Sandbox View / Context

            IPs

            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
            162.159.130.233PO Details.exeGet hashmaliciousAgentTesla, GuLoaderBrowse
            • cdn.discordapp.com/attachments/956928735397965906/1011525020427763732/KqRRf17.jpb
            quote.exeGet hashmaliciousAgentTesla, GuLoaderBrowse
            • cdn.discordapp.com/attachments/956928735397965906/1011024921868116099/ljkfuP193.ttf
            MSQNZmmg2F.exeGet hashmaliciousVidarBrowse
            • cdn.discordapp.com/attachments/898638713985302540/898905970657345626/al.exe
            b7cwlpwH6S.exeGet hashmaliciousAmadey RedLine SmokeLoaderBrowse
            • cdn.discordapp.com/attachments/878382243242983437/878684457245220884/mrmoms.exe
            order-confirmation.doc__.rtfGet hashmaliciousAgentTeslaBrowse
            • cdn.discordapp.com/attachments/843685789120331799/847476783744811018/OtI.exe
            Order Confirmation.docGet hashmaliciousAgentTeslaBrowse
            • cdn.discordapp.com/attachments/843685789120331799/847476783744811018/OtI.exe
            cfe14e87_by_Libranalysis.rtfGet hashmaliciousUnknownBrowse
            • cdn.discordapp.com/attachments/520353354304585730/839557970173100102/ew.exe
            SkKcQaHEB8.exeGet hashmaliciousUnknownBrowse
            • cdn.discordapp.com/attachments/808882061918076978/836771636082376724/VMtEguRH.exe
            P20200107.DOCGet hashmaliciousAzorult VidarBrowse
            • cdn.discordapp.com/attachments/808882061918076978/836771636082376724/VMtEguRH.exe
            FBRO ORDER SHEET - YATSAL SUMMER 2021.exeGet hashmaliciousAzorult VidarBrowse
            • cdn.discordapp.com/attachments/832005460982235229/836405556838924308/usd.exe
            SKM_C258 Up21042213080.exeGet hashmaliciousAzorult VidarBrowse
            • cdn.discordapp.com/attachments/832005460982235229/834717762281930792/12345.exe
            SKM_C258 Up21042213080.exeGet hashmaliciousAzorult VidarBrowse
            • cdn.discordapp.com/attachments/832005460982235229/834717762281930792/12345.exe
            G019 & G022 SPEC SHEET.exeGet hashmaliciousAzorult VidarBrowse
            • cdn.discordapp.com/attachments/832005460982235229/834598381472448573/23456.exe
            Marking Machine 30W Specification.exeGet hashmaliciousAzorult VidarBrowse
            • cdn.discordapp.com/attachments/832005460982235229/834598381472448573/23456.exe
            2021 RFQ Products Required.docGet hashmaliciousRemcosBrowse
            • cdn.discordapp.com/attachments/821511904769998921/821511945881911306/panam.exe
            Company Reference1.docGet hashmaliciousSnake KeyloggerBrowse
            • cdn.discordapp.com/attachments/819949436054536222/820935251337281546/nbalax.exe
            PAY SLIP.docGet hashmaliciousUnknownBrowse
            • cdn.discordapp.com/attachments/788946375533789214/788947376849027092/atlasx.scr
            SecuriteInfo.com.Exploit.Rtf.Obfuscated.16.25071.rtfGet hashmaliciousUnknownBrowse
            • cdn.discordapp.com/attachments/785423761461477416/785424240047947786/angelrawfile.exe
            part1.rtfGet hashmaliciousAgentTeslaBrowse
            • cdn.discordapp.com/attachments/783666652440428545/783667553490698250/kdot.exe

            Domains

            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
            discord.comPDA.PDF.jsGet hashmaliciousVector StealerBrowse
            • 162.159.137.232
            choo.bin.exeGet hashmaliciousVector StealerBrowse
            • 162.159.128.233
            RFQ.PDF.jsGet hashmaliciousVector StealerBrowse
            • 162.159.136.232
            obfuscated.jsGet hashmaliciousVector StealerBrowse
            • 162.159.137.232
            Creal.exeGet hashmaliciousCreal StealerBrowse
            • 162.159.137.232
            aHESmFfQeP.exeGet hashmaliciousDCRatBrowse
            • 162.159.128.233
            Znci6Yzgb2.exeGet hashmaliciousDCRatBrowse
            • 162.159.138.232
            YcI9sKzcid.exeGet hashmaliciousBabadedaBrowse
            • 162.159.128.233
            SecuriteInfo.com.Trojan.NSISX.Spy.Gen.24.7747.12321.exeGet hashmaliciousAgentTeslaBrowse
            • 162.159.135.232
            Scan-Docs-ord09334rn-pdf.jsGet hashmaliciousAgentTeslaBrowse
            • 162.159.128.233
            v3NesZhLpp.exeGet hashmaliciousDiscord Token StealerBrowse
            • 162.159.136.232
            Dekont-c,pdf.exeGet hashmaliciousAgentTesla, zgRATBrowse
            • 162.159.137.232
            ffdh07v2cv.exeGet hashmaliciousAgentTeslaBrowse
            • 162.159.136.232
            plM3DwAY4v.exeGet hashmaliciousStealeriumBrowse
            • 162.159.138.232
            hDgR1Ix672.exeGet hashmaliciousStealeriumBrowse
            • 162.159.128.233
            DiscordUpdater.exeGet hashmaliciousClipboard Hijacker, StealeriumBrowse
            • 162.159.128.233
            SecuriteInfo.com.Win64.PWSX-gen.29890.2280.exeGet hashmaliciousVector StealerBrowse
            • 162.159.136.232
            SecuriteInfo.com.Win64.PWSX-gen.3187.26224.exeGet hashmaliciousVector StealerBrowse
            • 162.159.138.232
            r4Q6Ejjl24Get hashmaliciousUnknownBrowse
            • 162.159.128.233
            masked_fixxxx.exeGet hashmaliciousDiscord Token StealerBrowse
            • 162.159.128.233
            ipinfo.iofile.exeGet hashmaliciousClipboard Hijacker, PrivateLoaderBrowse
            • 34.117.59.81
            Tria Health.htmlGet hashmaliciousHTMLPhisherBrowse
            • 34.117.59.81
            PDA.PDF.jsGet hashmaliciousVector StealerBrowse
            • 34.117.59.81
            choo.bin.exeGet hashmaliciousVector StealerBrowse
            • 34.117.59.81
            Aging Balance_FULLDATE2_KM_C454e Hhtm.htmlGet hashmaliciousHTMLPhisherBrowse
            • 34.117.59.81
            Aging Balance_FULLDATE2_KM_C454e Hhtm.htmlGet hashmaliciousHTMLPhisherBrowse
            • 34.117.59.81
            Visual Persuasion LLC.htmlGet hashmaliciousHTMLPhisherBrowse
            • 34.117.59.81
            INV118231.INVEFTQT0313.HTM_Get hashmaliciousUnknownBrowse
            • 34.117.59.81
            Notice_12_apr_1483230.jsGet hashmaliciousNetSupport RATBrowse
            • 34.117.59.81
            Remittance File 0394038 038748.htmlGet hashmaliciousHTMLPhisherBrowse
            • 34.117.59.81
            https://newamerica31.com/vor6bGet hashmaliciousNetSupport RAT, PhisherBrowse
            • 34.117.59.81
            RFQ.PDF.jsGet hashmaliciousVector StealerBrowse
            • 34.117.59.81
            file.exeGet hashmaliciousPrivateLoaderBrowse
            • 34.117.59.81
            file.exeGet hashmaliciousPrivateLoaderBrowse
            • 34.117.59.81
            ATT98089 .HTMGet hashmaliciousHTMLPhisherBrowse
            • 34.117.59.81
            Kindly View (2).htmlGet hashmaliciousHTMLPhisherBrowse
            • 34.117.59.81
            Direct_Deposit.htmGet hashmaliciousHTMLPhisherBrowse
            • 34.117.59.81
            PaymentReceipt#U00ae3142026.htmGet hashmaliciousHTMLPhisherBrowse
            • 34.117.59.81
            obfuscated.jsGet hashmaliciousVector StealerBrowse
            • 34.117.59.81
            http://fixedunitedfree.z13.web.core.windows.netGet hashmaliciousHTMLPhisherBrowse
            • 34.117.59.81

            ASNs

            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
            CLOUDFLARENETUShttps://verfmogz.ffm.to/removeatGet hashmaliciousUnknownBrowse
            • 104.18.24.196
            ci2E8Tsgjx.elfGet hashmaliciousMiraiBrowse
            • 104.30.121.84
            Orden_de_compra_(P.O-4220986)_Diesel_OMT.exeGet hashmaliciousLokibotBrowse
            • 104.21.14.55
            LRXUsX7M4x.elfGet hashmaliciousMiraiBrowse
            • 8.47.233.200
            PO_UYTTFCFGV.xlsx.exeGet hashmaliciousFormBookBrowse
            • 188.114.96.7
            file.exeGet hashmaliciousAmadey, Djvu, Fabookie, Laplas Clipper, SmokeLoaderBrowse
            • 188.114.96.7
            file.exeGet hashmaliciousAmadey, Djvu, Fabookie, Laplas Clipper, SmokeLoaderBrowse
            • 188.114.96.7
            setup.exeGet hashmaliciousAmadey, CryptOne, DanaBot, Djvu, SmokeLoader, VidarBrowse
            • 188.114.96.7
            setup.exeGet hashmaliciousAmadey, Djvu, Fabookie, SmokeLoader, VidarBrowse
            • 188.114.97.7
            setup.exeGet hashmaliciousAmadey, Djvu, Fabookie, Laplas Clipper, SmokeLoaderBrowse
            • 188.114.96.7
            setup.exeGet hashmaliciousXmrigBrowse
            • 104.20.67.143
            file.exeGet hashmaliciousAmadey, Djvu, SmokeLoaderBrowse
            • 188.114.96.7
            txSu22RMwo.exeGet hashmaliciousRedLineBrowse
            • 172.67.34.170
            m9yVBGQjG1.xlsxGet hashmaliciousHidden Macro 4.0, EmotetBrowse
            • 104.21.29.205
            AgmQcxN8Lf.exeGet hashmaliciousSnake KeyloggerBrowse
            • 188.114.96.7
            https://email.mail1.onesignal.os.tc/c/eJwUzz2uozAQAODT4G6Qf8ZmXFBsCqq9w2o89iwoJCDiSC-3f0r_NR-f57-tziicStUKZG0BnKhBieogBCyFIqtHNHVOGHNV02aXyEWXnCezzlONVFkDsyuc1frmi7ZIiVpLafJmmyefS8rWgToqgBwEMlOEkrIKi0ryadxb71cb0O6H8L4er272ee39fA3hz-CXwS_y7n3cP4Nffqa_9XZbzPPom27CfTue34kE9o1KBRsnBaScgIIKOB-tuiLJEppz50-7vtzaUF2KETK6CZCQIFcJwIRFIlanQc01v94Xf8Y7rxc_-Dmgrdv_rb-v-yjHY-zXbwAAAP__0aBhnAGet hashmaliciousUnknownBrowse
            • 172.67.8.238
            file.exeGet hashmaliciousClipboard Hijacker, PrivateLoaderBrowse
            • 188.114.96.7
            vH2hK89wai.exeGet hashmaliciousMinerDownloader, Laplas Clipper, RedLine, XmrigBrowse
            • 104.20.67.143
            file.exeGet hashmaliciousRedLine, XmrigBrowse
            • 172.67.34.170
            file.exeGet hashmaliciousAmadey, Babuk, Clipboard Hijacker, Djvu, Fabookie, SmokeLoaderBrowse
            • 188.114.96.7
            CLOUDFLARENETUShttps://verfmogz.ffm.to/removeatGet hashmaliciousUnknownBrowse
            • 104.18.24.196
            ci2E8Tsgjx.elfGet hashmaliciousMiraiBrowse
            • 104.30.121.84
            Orden_de_compra_(P.O-4220986)_Diesel_OMT.exeGet hashmaliciousLokibotBrowse
            • 104.21.14.55
            LRXUsX7M4x.elfGet hashmaliciousMiraiBrowse
            • 8.47.233.200
            PO_UYTTFCFGV.xlsx.exeGet hashmaliciousFormBookBrowse
            • 188.114.96.7
            file.exeGet hashmaliciousAmadey, Djvu, Fabookie, Laplas Clipper, SmokeLoaderBrowse
            • 188.114.96.7
            file.exeGet hashmaliciousAmadey, Djvu, Fabookie, Laplas Clipper, SmokeLoaderBrowse
            • 188.114.96.7
            setup.exeGet hashmaliciousAmadey, CryptOne, DanaBot, Djvu, SmokeLoader, VidarBrowse
            • 188.114.96.7
            setup.exeGet hashmaliciousAmadey, Djvu, Fabookie, SmokeLoader, VidarBrowse
            • 188.114.97.7
            setup.exeGet hashmaliciousAmadey, Djvu, Fabookie, Laplas Clipper, SmokeLoaderBrowse
            • 188.114.96.7
            setup.exeGet hashmaliciousXmrigBrowse
            • 104.20.67.143
            file.exeGet hashmaliciousAmadey, Djvu, SmokeLoaderBrowse
            • 188.114.96.7
            txSu22RMwo.exeGet hashmaliciousRedLineBrowse
            • 172.67.34.170
            m9yVBGQjG1.xlsxGet hashmaliciousHidden Macro 4.0, EmotetBrowse
            • 104.21.29.205
            AgmQcxN8Lf.exeGet hashmaliciousSnake KeyloggerBrowse
            • 188.114.96.7
            https://email.mail1.onesignal.os.tc/c/eJwUzz2uozAQAODT4G6Qf8ZmXFBsCqq9w2o89iwoJCDiSC-3f0r_NR-f57-tziicStUKZG0BnKhBieogBCyFIqtHNHVOGHNV02aXyEWXnCezzlONVFkDsyuc1frmi7ZIiVpLafJmmyefS8rWgToqgBwEMlOEkrIKi0ryadxb71cb0O6H8L4er272ee39fA3hz-CXwS_y7n3cP4Nffqa_9XZbzPPom27CfTue34kE9o1KBRsnBaScgIIKOB-tuiLJEppz50-7vtzaUF2KETK6CZCQIFcJwIRFIlanQc01v94Xf8Y7rxc_-Dmgrdv_rb-v-yjHY-zXbwAAAP__0aBhnAGet hashmaliciousUnknownBrowse
            • 172.67.8.238
            file.exeGet hashmaliciousClipboard Hijacker, PrivateLoaderBrowse
            • 188.114.96.7
            vH2hK89wai.exeGet hashmaliciousMinerDownloader, Laplas Clipper, RedLine, XmrigBrowse
            • 104.20.67.143
            file.exeGet hashmaliciousRedLine, XmrigBrowse
            • 172.67.34.170
            file.exeGet hashmaliciousAmadey, Babuk, Clipboard Hijacker, Djvu, Fabookie, SmokeLoaderBrowse
            • 188.114.96.7

            JA3 Fingerprints

            No context

            Dropped Files

            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
            C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\d3dcompiler_47.dllOctoparse Setup 8.5.8.exeGet hashmaliciousUnknownBrowse
              https://api-functions.prod.a.symless.com/download-log?synergyVersion=3.0.66.22-beta&operatingSystem=Windows&architecture=64-bit&downloadUrl=https%3A%2F%2Frc.symless.com%2Fsynergy3%2Fv3.0.66.22-beta%2Fsynergy-win_x64-v3.0.66.22-beta.msi&userId=886628Get hashmaliciousUnknownBrowse
                https://www.getsnotes.com/en/app/download.php?file=downloadGet hashmaliciousUnknownBrowse
                  https://vtsamples.commondatastorage.googleapis.com/c33d082a5604c2e121a44099ba5498ebe49b7843b2a382c07acee4edd9922475?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1664993535&Signature=pEKeGux02siJiTNE6GLSntdWKmh8ukBimtrwuhFdWhAeiSarfyVtszkBGIe%2BI6ii0OJ2%2BNio4or1%0A%2Ffror2J2OQ49bmq3adiJ1zYFBCPeNg%2FqaxMl%2FBHmkqX4cnFNhL76l99BL7%2F9gUwF2waZzVQbtfMk%0AwQ7E%2BykBvboedImzqE6b9bvkTiHrMeW62Ur5ppb7%2B9OjoQq7iYHZiZAEpyqFuV94bfoz%2Fl4GZzMP%0Av%2F2cH5w9UohSYcLgt9c4ho6XZltXyUJl9DzxyED2hM4%2BcFP%2BUmb5Sksp9hx0UL2WaNATnCB2rBdR%0AtyYcr7tpnB%2BqALJEDajkcVsO8srOrb%2F%2B5lM5xw%3D%3D&response-content-disposition=attachment%3B%20filename%3D%22c33d082a5604c2e121a44099ba5498ebe49b7843b2a382c07acee4edd9922475%22&response-content-type=application%2Foctet-stream;Get hashmaliciousUnknownBrowse
                    https://vtsamples.commondatastorage.googleapis.com/c33d082a5604c2e121a44099ba5498ebe49b7843b2a382c07acee4edd9922475?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1664993535&Signature=pEKeGux02siJiTNE6GLSntdWKmh8ukBimtrwuhFdWhAeiSarfyVtszkBGIe%2BI6ii0OJ2%2BNio4or1%0A%2Ffror2J2OQ49bmq3adiJ1zYFBCPeNg%2FqaxMl%2FBHmkqX4cnFNhL76l99BL7%2F9gUwF2waZzVQbtfMk%0AwQ7E%2BykBvboedImzqE6b9bvkTiHrMeW62Ur5ppb7%2B9OjoQq7iYHZiZAEpyqFuV94bfoz%2Fl4GZzMP%0Av%2F2cH5w9UohSYcLgt9c4ho6XZltXyUJl9DzxyED2hM4%2BcFP%2BUmb5Sksp9hx0UL2WaNATnCB2rBdR%0AtyYcr7tpnB%2BqALJEDajkcVsO8srOrb%2F%2B5lM5xw%3D%3D&response-content-disposition=attachment%3B%20filename%3D%22c33d082a5604c2e121a44099ba5498ebe49b7843b2a382c07acee4edd9922475%22&response-content-type=application%2Foctet-stream;Get hashmaliciousUnknownBrowse
                      Setup.exeGet hashmaliciousUnknownBrowse
                        GalacticFever.exeGet hashmaliciousUnknownBrowse
                          Bloom.7zGet hashmaliciousUnknownBrowse
                            AsanaSetup.exeGet hashmaliciousUnknownBrowse
                              6DNTEUx66h.exeGet hashmaliciousRedLine Socelars onlyLoggerBrowse
                                SecuriteInfo.com.Trojan.MulDropNET.43.26999.exeGet hashmaliciousRedLineBrowse
                                  InstallSlack.exeGet hashmaliciousUnknownBrowse
                                    YouTube To Mp4 Converter.exeGet hashmaliciousUnknownBrowse
                                      YouTube To Mp4 Converter.exeGet hashmaliciousUnknownBrowse
                                        Dante.7z.exeGet hashmaliciousUnknownBrowse
                                          winpro.exeGet hashmaliciousUnknownBrowse
                                            C:\Users\user\AppData\Local\Temp\00569f07-e2e7-4e9a-a29a-45eaa7608008.tmp.nodeGalacticFever.exeGet hashmaliciousUnknownBrowse

                                              Created / dropped Files

                                              C:\Users\user\AppData\Local\Temp\00569f07-e2e7-4e9a-a29a-45eaa7608008.tmp.node

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                              Category:dropped
                                              Size (bytes):2745856
                                              Entropy (8bit):5.933546564676984
                                              Encrypted:false
                                              SSDEEP:24576:UVP1YhemMGeD/VZf9hxD7hPr9F1WxTfJqLTgAU5zXu+FVDqZ3Pi9ewOeVklKJw6:UVP1HC6/VZ17hj9uJYXgLQ+FxZPOll
                                              MD5:10549F42263E31E1A335CDF5824BE847
                                              SHA1:B4E736AADC5F66D7A67255C719773721D55B3D52
                                              SHA-256:487CEC14EEA6646BE0266A5767B53ED67B49B429036521EE13D0656365FCCA20
                                              SHA-512:018ED34EDFD60DE37A73191206ACE75521A6AC9C588AC6A05DCCC576F41CB5233C3C800E14C303D5F0D7BCD707F556D24151FE86C4B163C09B2F3CC5AAC930CF
                                              Malicious:false
                                              Antivirus:
                                              • Antivirus: ReversingLabs, Detection: 0%
                                              Joe Sandbox View:
                                              • Filename: GalacticFever.exe, Detection: malicious, Browse
                                              Reputation:low
                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...........[.l.[.l.[.l...o.O.l...i..l...h.{.l...h.U.l...o.R.l...h.Z.l...i.r.l...m.X.l.[.m...l...i.Y.l...l.Z.l....Z.l...n.Z.l.Rich[.l.................PE..d....m.b.........." .....n"..................................................`*...........`...........................................'.......).(.....*.<....P(../........... *.x....@%.8...........................`?%.8.............).......).@....................text....m"......n"................. ..`.rdata..N.....".. ...r".............@..@.data.........'.......'.............@....pdata...O...P(..P....(.............@..@.idata........)......h).............@..@.didat..d!....).."....).............@....00cfg..Q.....).......).............@..@_RDATA..".....*.......).............@..@.rsrc...<.....*.......).............@..@.reloc...6... *..8....).............@..B................................................................

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                              Category:dropped
                                              Size (bytes):146870272
                                              Entropy (8bit):6.7183719212678445
                                              Encrypted:false
                                              SSDEEP:1572864:CFPFqg/QDqnOeMvLq82U/pmmKKmB7Bg2N:EQfhbbmBL
                                              MD5:93BD0AE322D0293B5AFF20C25B1F71A2
                                              SHA1:6F9C06ED0F5A43826BA928EE1C818A69A52C2C7A
                                              SHA-256:38C81E9D17174F56BF3C22E5994D341AD041254ADA2743160B69D893B8D51EDA
                                              SHA-512:B844328E8BD38B21EA94D1B501CA6E6D6B19E731A6097226F09A71466485F5717082F20BA87B3CAAE7457F43F97EBBE33CC96B59B312EBABA1B7D623E24A8F59
                                              Malicious:true
                                              Antivirus:
                                              • Antivirus: ReversingLabs, Detection: 0%
                                              Reputation:low
                                              Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d.....{b..........".......... .......#.........@..........................................`...........................................c.jC..r.f.h...............q:..........p.......VZ.....................`QZ.(...P...0...........8.f.X...HGc.`....................text...H........................... ..`.rdata....M.......M.................@..@.data....HB...j......dj.............@....pdata...q:.....r:..Vr.............@..@.00cfg..(....P.....................@..@.retplne`....`..........................rodata......p..................... ..`.tls....a..........................@...CPADinfo8..........................@..._RDATA.............................@..@malloc_h........................... ..`.rsrc..............................@..@.reloc.......p......................@..B................................................................................................

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\LICENSE.electron.txt

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:ASCII text
                                              Category:dropped
                                              Size (bytes):1096
                                              Entropy (8bit):5.13006727705212
                                              Encrypted:false
                                              SSDEEP:24:36DiJHxRHuyPP3GtIHw1Gg9QH+sUW8Ok4F+d1o36qjFD:36DiJzfPvGt7ICQH+sfIte36AFD
                                              MD5:4D42118D35941E0F664DDDBD83F633C5
                                              SHA1:2B21EC5F20FE961D15F2B58EFB1368E66D202E5C
                                              SHA-256:5154E165BD6C2CC0CFBCD8916498C7ABAB0497923BAFCD5CB07673FE8480087D
                                              SHA-512:3FFBBA2E4CD689F362378F6B0F6060571F57E228D3755BDD308283BE6CBBEF8C2E84BEB5FCF73E0C3C81CD944D01EE3FCF141733C4D8B3B0162E543E0B9F3E63
                                              Malicious:false
                                              Reputation:moderate, very likely benign file
                                              Preview:Copyright (c) Electron contributors.Copyright (c) 2013-2020 GitHub Inc...Permission is hereby granted, free of charge, to any person obtaining.a copy of this software and associated documentation files (the."Software"), to deal in the Software without restriction, including.without limitation the rights to use, copy, modify, merge, publish,.distribute, sublicense, and/or sell copies of the Software, and to.permit persons to whom the Software is furnished to do so, subject to.the following conditions:..The above copyright notice and this permission notice shall be.included in all copies or substantial portions of the Software...THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,.EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF.MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND.NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE.LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION.OF CONTRACT, TORT OR OTHERWISE, ARISIN

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\LICENSES.chromium.html

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:HTML document, ASCII text, with CRLF, LF line terminators
                                              Category:dropped
                                              Size (bytes):5557692
                                              Entropy (8bit):4.82586139211392
                                              Encrypted:false
                                              SSDEEP:12288:FetnJnVncnJnknE9RBvjYJEi400/Q599b769B9UOE6MwMGucMEbHDuX04nNWQFna:WbXZ5IoWSL9bcwVR8mf+/cHBBaRp1
                                              MD5:DFA12F4EDCCB902D7D3B07FAE219F176
                                              SHA1:C2073440A5ADD265B4143DE05E6864FED2C3B840
                                              SHA-256:501F0B7EBF0BE7ED8702D317332A0F8820AF837C0A2A1D7645BA04352270E2B8
                                              SHA-512:EEE3A8E0EEAE139DDD9369D0869C29C91007BF6C5B0D7982918D5A013214A9E80B9233E7C1CCB43124152F684F0B782831B0A6B3D126558261DD161230004E50
                                              Malicious:false
                                              Reputation:moderate, very likely benign file
                                              Preview: Generated by licenses.py; do not edit. --><!doctype html>.<html>.<head>.<meta charset="utf-8">.<meta name="viewport" content="width=device-width">.<meta name="color-scheme" content="light dark">.<title>Credits</title>.<link rel="stylesheet" href="chrome://resources/css/text_defaults.css">.<link rel="stylesheet" href="chrome://credits/credits.css">.</head>.<body>.<span class="page-title" style="float:left;">Credits</span>.<a id="print-link" href="#" style="float:right;" hidden>Print</a>.<div style="clear:both; overflow:auto;"> Chromium <3s the following projects -->.<div class="product">.<span class="title">2-dim General Purpose FFT (Fast Fourier/Cosine/Sine Transform) Package</span>.<span class="homepage"><a href="http://www.kurims.kyoto-u.ac.jp/~ooura/fft.html">homepage</a></span>.<input type="checkbox" hidden id="0">.<label class="show" for="0" tabindex="0"></label>.<div class="licence">.<pre>Copyright(C) 1997,2001 Takuya OOURA (email: ooura@kurims.kyoto-u.ac.jp)..You may us

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\chrome_100_percent.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):148598
                                              Entropy (8bit):7.923683311160288
                                              Encrypted:false
                                              SSDEEP:3072:GtsKzwI/bp2N3/nXCWZQCPxBVO2o418Gb0+VRLf0ld0GY3cQ3F2DExm/KLQ2I:GuKzwI/kNPyCtoK18Gb0OV8ld0GecQ3s
                                              MD5:237CA1BE894F5E09FD1CCB934229C33B
                                              SHA1:F0DFCF6DB1481315054EFB690DF282FFE53E9FA1
                                              SHA-256:F14362449E2A7C940C095EDA9C41AAD5F1E0B1A1B21D1DC911558291C0C36DD2
                                              SHA-512:1E52782DB4A397E27CE92412192E4DE6D7398EFFAF8C7ACABC9C06A317C2F69EE5C35DA1070EB94020ED89779344B957EDB6B40F871B8A15F969EF787FBB2BCA
                                              Malicious:false
                                              Preview:..................#.Z...:......k.....k.....k ....k.....k=....k.....k.....k.....l.....l.....l;....l."...l2....l.9...l.;...l.<...l.>...l'?...l.H...l.P...l.R...l{S..NziT..Oz.U..PzJW..Qz2Z..Rz+]..Sz^`..Tzod..Uz9h..Vz.k...z.o...z.p...zmr...z.s...z.t...zWu...z.u...zA....z......p.....s.....................................................=...........{.....9............"....1,....Q/.....7.....;....-E....eO.....S....3U.....]....|f....dg.....h.....j.....m.....n.....q.....s....Wu.....w.....y....2z.....{....D}................;..............................................l....N........H.............|....K....0...."...................B....0.......................Y........................o....6..............{....4....F....".........f..........L........t....>.......................:.......................:.....q.....g.....\.....T".....'....z'.....'....'(.....(.....).....*.....+....Z+.....+....+...=,...Q2...;6....6...;7....7...H8....8...a9....9

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\chrome_200_percent.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):219575
                                              Entropy (8bit):7.950067097420845
                                              Encrypted:false
                                              SSDEEP:6144:qDQYaRyd+9bNNPyCt9gx5GMRejnbdZnVE6Yopym74:vf53PV6edhVELo374
                                              MD5:7059AF03603F93898F66981FEB737064
                                              SHA1:668E41A728D2295A455E5E0F0A8D2FEE1781C538
                                              SHA-256:04D699CFC36565FA9C06206BA1C0C51474612C8FE481C6FD1807197DC70661E6
                                              SHA-512:435329D58B56607A2097D82644BE932C60727BE4AE95BC2BCF10B747B7658918073319DFA1386B514D84090304A95FCF19D56827C4B196E4D348745565441544
                                              Malicious:false
                                              Preview:..................#.[...:......k.....k.....ky....k>....k|....kw....k5&...kq+...l.....l.5...l.:...l.B...l.X...l\o...l.q...lBs...l.v...l<w...l.....l....l.....l...Nz....Oz...Pz....Qz....Rz....SzS...Tzp...UzF...Vz.....z.....z.....z.....z.....z.....z|....z.....zf....z.'.....*....3/....u8....~:.....=.....B.....N.....O.....X.....^....id.....i.....p.....r....#w.....{...............4.....%................\................\...../.....O.....\.....q.................q.................o.....m.....Z.....{.....l.............................d..........=....>....C....H....I....K....L...%N....N...OP....Q...BS....T....V....Y....]....b....j....r....s...Du....v....w...^y....z...}~...._.........y........8....W.............E.......................H...............U..............6.....Z.....{.....o.....e...................................I............(.....8.....9....l9.....9....y:.....;.....<.....<....==.....=....=...D>...dD...ZH....H...rI....J....J

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\d3dcompiler_47.dll

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                              Category:dropped
                                              Size (bytes):4524696
                                              Entropy (8bit):6.367051782021837
                                              Encrypted:false
                                              SSDEEP:49152:aYlc/220PPiMLKam+VMrLi21f4i3jn5ZO3XUDmOZQwVd2uQpN3WsGVUWd55i/jrs:a6KD2Mrdaix4NQnLt
                                              MD5:7641E39B7DA4077084D2AFE7C31032E0
                                              SHA1:2256644F69435FF2FEE76DEB04D918083960D1EB
                                              SHA-256:44422E6936DC72B7AC5ED16BB8BCAE164B7554513E52EFB66A3E942CEC328A47
                                              SHA-512:8010E1CB17FA18BBF72D8344E1D63DED7CEF7BE6E7C13434FA6D8E22CE1D58A4D426959BDCB031502D4B145E29CB111AF929FCBC66001111FBC6D7A19E8800A5
                                              Malicious:false
                                              Antivirus:
                                              • Antivirus: ReversingLabs, Detection: 0%
                                              Joe Sandbox View:
                                              • Filename: Octoparse Setup 8.5.8.exe, Detection: malicious, Browse
                                              • Filename: , Detection: malicious, Browse
                                              • Filename: , Detection: malicious, Browse
                                              • Filename: , Detection: malicious, Browse
                                              • Filename: , Detection: malicious, Browse
                                              • Filename: Setup.exe, Detection: malicious, Browse
                                              • Filename: GalacticFever.exe, Detection: malicious, Browse
                                              • Filename: Bloom.7z, Detection: malicious, Browse
                                              • Filename: AsanaSetup.exe, Detection: malicious, Browse
                                              • Filename: 6DNTEUx66h.exe, Detection: malicious, Browse
                                              • Filename: SecuriteInfo.com.Trojan.MulDropNET.43.26999.exe, Detection: malicious, Browse
                                              • Filename: InstallSlack.exe, Detection: malicious, Browse
                                              • Filename: YouTube To Mp4 Converter.exe, Detection: malicious, Browse
                                              • Filename: YouTube To Mp4 Converter.exe, Detection: malicious, Browse
                                              • Filename: Dante.7z.exe, Detection: malicious, Browse
                                              • Filename: winpro.exe, Detection: malicious, Browse
                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......S........................................a.............................................................................Rich....................PE..d.....2..........." ......3.........0.&.......................................E.....VTE...`A..........................................A.x.....A...... E.@.....B..!....D.."...0E....P.>.T....................{7.(...pz7..............{7..............................text...D.3.......3................. ..`.rdata........3.......3.............@..@.data....#....A.......A.............@....pdata...!....B.."...>B.............@..@.rsrc...@.... E......`D.............@..@.reloc......0E......fD.............@..B................................................................................................................................................................................................................................

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\ffmpeg.dll

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                              Category:dropped
                                              Size (bytes):2714112
                                              Entropy (8bit):6.6777628855193685
                                              Encrypted:false
                                              SSDEEP:49152:tJTlgrbjpHr7KxPTiqdU9YRDQ2K7Fz68ZxxJ0JoC3MCfuTEM+:bOx39YRikMiu4
                                              MD5:21647425561F9DFA567139D2C505F585
                                              SHA1:EFD5B3D6A21886C6467D28C73D20BE0ACB4591E9
                                              SHA-256:B827172262CEA032BE8303AAE69A947A8D867006269BB8B2BC7E77619333C1B6
                                              SHA-512:C5316A6B2D77CF2C2949698F9CBA92FE1EC57B2AC82D55FBBEFFE71B4834EC06E83728A176F5089C91CC9544DEDA0667F39338F1E9D1A37DB69BD8BAD4AF915A
                                              Malicious:false
                                              Antivirus:
                                              • Antivirus: ReversingLabs, Detection: 0%
                                              Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d.....{b.........." .....(!..>................................................?...........`A........................................X.'.....r.'.(............p>..............P?../....'.......................'.(...`e!.0.............'.0............................text....'!......(!................. ..`.rdata...9...@!..:...,!.............@..@.data.........(.."...f(.............@....pdata.......p>.......(.............@..@.00cfg..(.... ?......4).............@..@.tls.........0?......6).............@..._RDATA.......@?......8).............@..@.reloc.../...P?..0...:).............@..B........................................................................................................................................................................................................................................................................................................

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\icudtl.dat

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):10284336
                                              Entropy (8bit):6.285840716785654
                                              Encrypted:false
                                              SSDEEP:196608:KWzwSv9AAQlCy4liXUxCGZHa93Whlw6Zi88EIb:KnKlQlz4liXUxCGZHa93Whlw6Zf8EIb
                                              MD5:D866D68E4A3EAE8CDBFD5FC7A9967D20
                                              SHA1:42A5033597E4BE36CCFA16D19890049BA0E25A56
                                              SHA-256:C61704CC9CF5797BF32301A2B3312158AF3FE86EADC913D937031CF594760C2D
                                              SHA-512:4CC04E708B9C3D854147B097E44FF795F956B8A714AB61DDD5434119ADE768EB4DA4B28938A9477E4CB0D63106CCE09FD1EC86F33AF1C864F4EA599F8D999B97
                                              Malicious:false
                                              Preview:...'........CmnD........ Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html .0....A..p....A.......A..`....A.......A.......A..P....A.. &...B..p&...B...&.. B...n..4B...n..GB...o..ZB.. p..mB...p...B..0r...B...r...B...r...B..Ps...B...t...B..`u...B...v...C..Pw...C...w..+C...y..>C...y..QC...{..dC..p}..wC...}...C.......C..p....C..P....C.......C.. ....C.......C.......D.. ..."D.....5D..0...FD......ZD.....jD.. ...}D.......D.......D.......D..`....D.......D.......D..P....E.......E...../E..P...BE......YE......iE..p...|E.......E.......E..`....E.......E.......E...2...F....&..F..`.&.6F....&.MF....&.gF..@.&.~F....&..F..p.&..F.. .&..F..P.&..F..pY(..F...%)..G....).7G....).YG...K*.yG...*..G..0.+..G.. .+..G....+..G..`.+..H....+..H...e+.6H....+.TH..`.-.mH....-..H....-..H....-..H..`.-..H....-..H..P....H.......I.......I..@...-I...I..@I...J..SI..`J..fI...J..yI...K...I..`K...I...K...I...M...I...p...I...q...I..`....J.......J......4J...$/.IJ..

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\libEGL.dll

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                              Category:dropped
                                              Size (bytes):447488
                                              Entropy (8bit):6.309802860311442
                                              Encrypted:false
                                              SSDEEP:6144:CMgpxyZ5V8fTykwI08pCYixK53Ypm8I/yaNrm44tnePe/FkUCd:C1pxy+TyRd80YYDIn4NQvU
                                              MD5:91F11A9181583F75E2B29FCD9050C7F5
                                              SHA1:FD90ABC3048F3347435DFBD1075B8051AC6FFABC
                                              SHA-256:43A549FF51CE4EE20074999527B19FBF280A8CAA7DB0BDE957704033B6F5B330
                                              SHA-512:925AC2A87E436219E22A924F615669CB166E8183D6E4DD0F00ED68C16FAA3FFA10AB410106A7F81320F10205415BFF9D10976F1DC0BB695B9293B80101E4CE8A
                                              Malicious:false
                                              Antivirus:
                                              • Antivirus: ReversingLabs, Detection: 0%
                                              Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d.....{b.........." ................0........................................`............`A............................................a...I...(....@..x........=...........P..................................(.......0...........X................................text............................... ..`.rdata..D...........................@..@.data...|L....... ...\..............@....pdata...=.......>...|..............@..@.00cfg..(...........................@..@.tls....!.... ......................@..._RDATA.......0......................@..@.rsrc...x....@......................@..@.reloc.......P......................@..B................................................................................................................................................................................................................................................................

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\libGLESv2.dll

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                              Category:dropped
                                              Size (bytes):7040512
                                              Entropy (8bit):6.411129914957704
                                              Encrypted:false
                                              SSDEEP:49152:UYwyKtMlbopeVIFTp22asNOy4vvzlqaip5QAW3JsGVi2W2/pU/vIx4LwlcwsSV/r:seVIFN2pnypWPFQq0yTdhVOrH7O5pm
                                              MD5:16DEB84C2DD1D55ED938A112B6CE92D4
                                              SHA1:15ED353F418030E2A3D94C2C77D45605EA9CB3C2
                                              SHA-256:B49922F98946952E96C03C468A4812E0B1E7A090F4E1F96489F48ACC07EBA1F8
                                              SHA-512:BB9EA90E01AC7E633D3E27054206C6070B352CCE196B7B70B989AF2B718DEC3506D3AAF62E3074FDC93E7E23839ED15CCB8A508305170E7BA38920CA21F4047B
                                              Malicious:false
                                              Antivirus:
                                              • Antivirus: ReversingLabs, Detection: 0%
                                              Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d.....{b.........." .....VQ...........F......................................Pl...........`A..........................................b. ...-.c.d....Pk.......i.,............`k......jb......................ib.(... .Q.0........... .c.....0.b.@....................text...UUQ......VQ................. ..`.rdata..|....pQ......ZQ.............@..@.data........pd......Vd.............@....pdata..,.....i......`h.............@..@.00cfg..(.... k......rj.............@..@.tls....1....0k......tj.............@..._RDATA.......@k......vj.............@..@.rsrc........Pk......xj.............@..@.reloc.......`k......~j.............@..B................................................................................................................................................................................................................................................................

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\am.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):192492
                                              Entropy (8bit):5.056947701287817
                                              Encrypted:false
                                              SSDEEP:3072:wPa9g6JOjV/E92t7Rq4rgEkDvuh7gb8oeyHXkiqpVGMqyZJjhEb2WAbTMb0kew9C:wu0gSZtutQPOx30jH8+D
                                              MD5:C0490D3C4FF1EE8614225043654AAF0C
                                              SHA1:B044484CED372B5817285B67EBA59F0AF40CB639
                                              SHA-256:E98F3437F6D451FB9FEC33473ABC9F07ABF0794CD45D02AE1DE48CCB9FC5C8B6
                                              SHA-512:3D66B9A2AA4B08B19C635D350342A162879042E926FA41E059E3C62FC68BDD73A91D6A9A41E409EEEE7338DAF0A931F178E9D151B4B9EE9EF6545F8957CCEFB4
                                              Malicious:false
                                              Preview:..........6.j.`F..k.oF..l.zF..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..F..w..F..y..F..z..F..|..G..}..G.....G.....G....'G..../G....7G....>G....EG....LG....MG....NG....zG.....G.....G.....G.....G.....G.....H.....H.....H....8H....jH.....H.....H.....H.....H.....H.....H.....H.....H.....I.....I....%I....<I....HI....UI.....I.....I..*..I..+..I..,..I../..J..0."J..1.~J..2..J..3..J..4..J..5..K..6.|K..7..K..>..K..?..K..N..L..g..L..i..L..j..L..k..L..l.$L...])L...]}L...].L...].M...].M...].M...].M...].N...]hN...]~N...]FP...]hP...]qP...]zP...^.P...^.P...^.P...^"Q...^.Q...^>R...^GR...^.R...^.R...^.R...^.R...^.S...^@S...^_S...^.S...^.S...^.T..%^.T..&^)T..'^BT..)^.T..*^.T..+^.U..,^&U..-^8U...^dU../^.U..0^{V..2^,W..3^FW..4^.W..5^.W..8^.W..9^.X..:^.Y..;^.Y..<^.Y..>^gZ..?^%[..@^.\..A^.\..B^H\..C^|\..D^.^..E^._..F^.`..G^.a..I^Ha..K^Qa..L^pa..M^.a..N^.a..O^.a..T^nb..U^.b..V^fc..W^.c..X^.c..Y^.c..Z^id..[^.d..\^We..]^.e..b^Lf..d^[f..e^af..f^jf..g^.f..h^.f..i^.f..j^.f..k^.g..l^.g..o^8g..p^gg..q^.g..r^.h..s^6h

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\ar.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):198772
                                              Entropy (8bit):5.130198020742576
                                              Encrypted:false
                                              SSDEEP:3072:eVsHgKH2KNRpqhXdJcFxu3PzGF+hF2MMCS2xHMuZtE9P6NsV0ejKK1U/e1asMgSf:eVsHg+NRu3PzjiHMgSENnuI1LCx3
                                              MD5:9B610C0107724603B19893C4CCC551A0
                                              SHA1:37D987196C640861B336628D67E22EF283115E7D
                                              SHA-256:F9D96AF7D5EF9E0B4F4EF133A98A64B4398C7AEF04E20688B523E6EA27C61F15
                                              SHA-512:E99C07E474278990027E560D0F0464ED0D59C485226B56C8318470C41B5976602B1D52659996EBEECECC3D59927577202AB6312E07F40F71EB39972AE5296BC6
                                              Malicious:false
                                              Preview:..........>.j.PF..k._F..l.jF..n.rF..o.wF..p..F..q..F..r..F..s..F..t..F..v..F..w..F..y..F..z..F..|..F..}..G.....G.....G.....G.....G....'G.....G....5G....<G....>G....~G.....G.....G.....G.....H.... H....$H.....H....NH....nH.....H.....H.....H.....H.....H.....H.....H.....H.....I.....I.....I....'I..../I....BI.....I.....I..*..I..+..I..,..I../..I..0..I..1.8J..2.MJ..3.fJ..4..J..5..J..6..K..7.<K..>.mK..?.xK..N..K..g..K..i..K..j..K..k..K..l..K...].K...].L...]6L...]9M...]AM...].M...].M...].M...] N...]@N...]/R...]SR...][R...]lR...^.R...^.R...^.R...^.S...^.S...^/T...^3T...^hT...^}T...^.T...^.T...^.T...^.U...^.U...^uU...^.U...^.U..%^.U..&^.U..'^.U..)^TV..*^.V..+^.V..-^.V...^.V../^.W..0^.W..1^bX..2^.Y..3^8Y..4^jY..5^.Y..8^.Y..9^dZ..:^c[..;^y[..<^.[..>^.[..?^.\..@^.]..A^'^..B^L^..C^.^..D^.b..E^zd..F^.f..G^.f..I^.f..K^.f..L^.f..M^.f..N^.g..O^dg..T^.h..U^Qh..V^.h..W^.i..X^/i..Y^.i..Z^,j..[^.j..\^'k..]^wk..b^.l..c^.l..d^.l..e^.l..f^.l..g^.l..h^.l..i^.m..j^.m..k^8m..l^hm..o^.m..p^.n..q^+n..r^.n..s^.n..t^.o

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\bg.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):214333
                                              Entropy (8bit):4.866044052884893
                                              Encrypted:false
                                              SSDEEP:6144:tuOXNa4V175RToR0NZzrmLy8AOWa2ReKsUVT:Z9a4V175RTk0CLy8AOWa2Rek
                                              MD5:7F3FE009D84DDDF6A509AE33D95A7E7B
                                              SHA1:667D804C714FEAB9D104DB211A981357B2B8124F
                                              SHA-256:58BEC94801D09157C852CFBC3CCD9916FAFD1947FDC61C1453456BCE5B054C4E
                                              SHA-512:92151D7589682C7078D9F9915EB6D14D350A13A126A000E4DA29228649926282CAF03CD996E68704F9E5DD0FAF11750F7C4EE105E1655F9BECBE0E267F7FC614
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..G..v..G..w.'G..y.-G..z.<G..|.BG..}.TG....\G....aG....iG....qG....yG.....G.....G.....G.....G.....G.....G.....G.....H....4H....YH....[H...._H....kH....~H.....H.....H.....H....&I....WI....^I....aI....bI....vI.....I.....I.....I.....I.....I.....I.....J....cJ.....J..*..J..+..J..,..J../..K..0.&K..1..K..2..K..3..K..4..L..5.@L..6..L..7..L..>..M..?..M..N.>M..g.LM..i.OM..j.SM..k.ZM..l.hM...]mM...].M...].M...].O...]+O...]rO...].O...].O...]%P...]OP...].Q...].Q...].R...].R...^;R...^MR...^.R...^.R...^9T...^.T...^.T...^.T...^.U...^WU...^xU...^.U...^.U...^)V...^AV...^gV..%^yV..&^.V..'^.V..)^IW..*^.W..+^.W..,^.W..-^.W...^#X../^uX..0^QY..1^.Z..2^.Z..3^.Z..4^.[..5^X[..8^.[..9^t\..:^.]..;^.]..<^.]..>^X^..?^5_..@^._..A^._..B^.`..C^B`..D^.b..E^.b..F^yc..G^.c..I^#d..K^-d..L^Od..M^ad..N^.d..O^.d..T^~e..U^.e..V^.f..W^.f..X^.f..Y^Rg..Z^.h..[^.h..\^#i..]^.i..b^.j..d^.j..e^.j..f^.j..g^.k..h^.k..i^dk..j^ek..k^.k..l^.k..o^.k..p^:l..q^pl..r^.l..s^!m

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\bn.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):274613
                                              Entropy (8bit):4.47502496975818
                                              Encrypted:false
                                              SSDEEP:1536:L4+ROskKw6rEr2Rp9KJ3bEr98JMg/xCpwuDuLAJ/fvuhIbzo:0KjYSfy3bE8AJ/o
                                              MD5:ECFF6F8DC301B6B435DF5E44C2AE8A2A
                                              SHA1:6FDFA4136F3BB5CCD9E4E7B4706DB98F17F85C1B
                                              SHA-256:3250ADECE302934B9A78569D72CA70E596D91865455D5274CCF8D651CCAC5350
                                              SHA-512:C9E22FF9FEF3C2EEF6B25886E32A27FD19D56C1085C993AEA1D5A1528D65735B0628B825A2834A1B8B2512D8ABF59CABB3B35044484F566057826EAA3CFA682D
                                              Malicious:false
                                              Preview:..........4.j.dF..k.sF..l.~F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..F..w..F..y..F..z..F..|..G..}..G.....G....$G....,G....4G....9G....AG....HG....OG....VG....WG....XG.....G.....H....7H....bH.....H.....H.....H.....H.....H.....I....;I....iI.....I.....I.....I.....I.....I.....I.....J.....J....,J....MJ....\J....tJ.....J....&K..*.DK..,.GK../.~K..0..K..1..L..2.,L..3.HL..4..L..5..L..6.}M..7..M..>..N..?. N..N.UN..g.nN..i.qN..j.uN..k.zN..l..N...].N...].N...].O...].P...].P...]9Q...]xQ...].Q...]0R...]\R...].U...]WU...]`U...]xU...^.U...^.U...^ V...^.V...^.W...^.W...^.X...^hX...^.X...^.X...^.X...^.Y...^@Y...^UY...^.Y...^.Y...^.Z..%^+Z..&^UZ..'^{Z..)^'[..*^z[..+^.[..,^.[..-^.[...^H\../^.\..0^.]..1^.^..2^.`..3^/`..4^.`..5^.`..8^.a..9^eb..:^od..;^.d..<^.d..>^4e..?^.f..@^.g..A^.g..B^.g..C^Hh..D^.k..E^Xm..F^.n..G^Po..I^.o..K^.o..L^.o..M^.o..N^.p..O^yp..T^.q..U^.q..V^.r..W^.s..X^Us..Y^}s..Z^Zt..[^.u..\^.u..]^+v..b^.w..c^.w..d^.w..e^.w..f^.w..g^/x..h^.x..i^.x..j^.x..k^.x..l^.x..o^dy..p^.y..q^.z..r^.z

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\ca.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):136216
                                              Entropy (8bit):5.401900922137372
                                              Encrypted:false
                                              SSDEEP:3072:RnSJS9mJSpAaCcg4H65rKoMVhoVFBL8lmoT69Q1HyO/RjiNO5ufzwXiqCUXBlHPE:RnyS9mJpZcgNoF2O5hXiqCUXBdFtXfQv
                                              MD5:65C1F1FAEE2EDBE7D7B6709D7E6B6EF7
                                              SHA1:A81848018BC9978EDB9E764474CF9C9B297BB91C
                                              SHA-256:D8A83A19F8C66742226538AF9489B70C1439F6133591E29A353ADDD9089F67C6
                                              SHA-512:590587A66BF03C2CC61C49CB9452220B3697AD4A00ABC0056017FD0203EBC2980EC8F59337FCD1FF90EEDFA8F8171ACEF5818B1DA856EC78C352498002679FBD
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..G..t..G..v..G..w.+G..y.1G..z.@G..|.FG..}.XG....`G....eG....mG....uG....}G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H....0H....4H....;H....HH....XH....nH.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....I..../I....KI..*.WI..+.ZI..,.xI../..I..0..I..1..I..2..I..3..I..4..J..5.9J..6.vJ..7..J..>..J..?..J..N..J..g..J..i..J..j..J..k..J..l..J...].J...].K...])K...].K...].K...].K...].L...]1L...]hL...]vL...]=M...]XM...]`M...]gM...^}M...^.M...^.M...^.M...^.N...^.N...^.N...^.N...^.N...^.O...^"O...^3O...^JO...^^O...^.O...^.O...^.O..%^.O..&^.O..'^.O..)^0P..*^ZP..+^oP..,^.P..-^.P...^.P../^.P..0^GQ..1^.Q..2^?R..3^\R..4^.R..5^.R..8^.R..9^HS..:^.T..;^+T..<^IT..>^}T..?^.U..@^cU..A^tU..B^.U..C^.U..D^.V..E^AW..F^.W..G^.X..I^:X..K^DX..L^WX..M^bX..N^vX..O^.X..T^.X..U^.Y..V^yY..W^.Y..X^.Y..Y^.Y..Z^OZ..[^.Z..\^.Z..]^*[..b^.[..c^.[..d^.[..e^.[..f^.[..g^.[..h^.\..i^/\..j^0\..k^E\..l^H\..o^i\..p^.\..q^.\

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\cs.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):139589
                                              Entropy (8bit):5.805335191018667
                                              Encrypted:false
                                              SSDEEP:3072:m4bfDngdBcePzo3zO1J+17NPR12lygg+5XWAJ/e/Y8QG1A:mkfcdBczzOyL2lyb/Y8Qx
                                              MD5:C64366988F8D46B6912F2D6BE0120B1A
                                              SHA1:3A33FE58CA30F41EA341CC9B9413A6CBDD6A1E4B
                                              SHA-256:30FD14794EE1088D37387F42E5D366F962FA9273EBA8CCDD9B950646D2DD6172
                                              SHA-512:8990D212AFF170A547733B0CD54055ECF6D30319189A7D88CDA149B8994986C9CCC899D203FA4CEDCDACB3217B2B72E2A9E69AA195B285AA388BF2AF125158FE
                                              Malicious:false
                                              Preview:..........!.j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..G..w..G..y..G..z.$G..|.*G..}.<G....DG....IG....QG....YG....aG....hG....oG....vG....wG....xG.....G.....G.....G.....G.....G.....G.....H.....H.....H....+H....9H....IH....XH....iH....pH....sH....tH.....H.....H.....H.....H.....H.....H.....H.....H.....H.....I..*..I..+..I..,.<I../.YI..0.cI..1..I..2..I..3..I..4..I..5..I..6.4J..7.HJ..>.^J..?.fJ..N.xJ..g..J..i..J..j..J..k..J..l..J...].J...].J...].J...]{K...].K...].K...].K...].K...].L...].L...].M...].N...].N...].N...^"N...^,N...^EN...^hN...^.N...^.O...^.O...^>O...^LO...^wO...^.O...^.O...^.O...^.O...^.O...^.P...^.P..%^ P..&^.P..'^;P..)^.P..*^.P..+^.P..-^.P...^.P../^.P..0^gQ..1^.Q..2^7R..3^MR..4^{R..5^.R..8^.R..9^.S..:^.S..;^.S..<^.T..>^CT..?^.T..@^lU..A^~U..B^.U..C^.U..D^.W..E^.X..F^lY..G^.Y..I^.Y..K^.Y..L^.Y..M^.Y..N^.Y..O^ Z..T^pZ..U^.Z..V^.Z..W^.[..X^([..Y^`[..Z^.[..[^.[..\^B\..]^m\..b^.\..c^.]..d^.]..e^.]..f^.]..g^*]..h^B]..i^Q]..j^T]..k^e]..l^h]..o^.]..p^.]..q^.]..r^.^

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\da.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):127576
                                              Entropy (8bit):5.4328055342090105
                                              Encrypted:false
                                              SSDEEP:3072:UpDv+bjCEOCjaMRZszOfb+5VeWAJ/twbPeu:cv9EONMRazOfb+vowbj
                                              MD5:9FB8A421CAF18588B494C3F34D8764C6
                                              SHA1:201AC33074C76830893197AB9382EC84553F1794
                                              SHA-256:0997BE868557F97F013242C066B192E574B4FA553D13F37F97A1DE714B95A858
                                              SHA-512:59B2FD820F9BD45015444C85FCB55E04027836E62C6A9187E8CE0C2A9AEA6E5E626B76627C9601F69E769D4DDD09F6A8CCC2DFDDA6835E261B94A5AF91D8BBF9
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..G..v..G..w.#G..y.)G..z.8G..|.>G..}.PG....XG....]G....eG....mG....uG....|G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H.....H.....H.....H....%H....2H....=H....QH....cH....jH....mH....nH....uH....~H.....H.....H.....H.....H.....H.....H.....H.....H..*..H..+..H..,..I../.&I..0.0I..1.^I..2.jI..3.tI..4..I..5..I..6..I..7..I..>..I..?..J..N..J..g..J..i.!J..j.%J..k.*J..l./J...]4J...]]J...].J...]6K...]<K...]ZK...]hK...]xK...].K...].K...].M...](M...]/M...]5M...^BM...^OM...^.M...^.M...^4N...^`N...^iN...^.N...^.N...^.N...^.N...^.N...^.N...^.N...^,O...^3O...^FO..%^IO..&^]O..'^eO..)^.O..*^.O..+^.O..,^.O..-^.O...^.P../^(P..0^.P..1^.P..2^UQ..3^gQ..4^.Q..5^.Q..8^.Q..9^.R..:^.R..;^.R..<^.R..>^.S..?^fS..@^.S..A^.S..B^.T..C^.T..D^CU..E^.U..F^YV..G^.V..I^.V..K^.V..L^.V..M^.V..N^.V..O^.W..T^IW..U^oW..V^.W..W^.X..X^.X..Y^<X..Z^.X..[^.X..\^.Y..]^JY..b^.Y..d^.Y..e^.Y..f^.Y..g^.Y..h^.Z..i^!Z..j^"Z..k^0Z..l^3Z..o^HZ..p^}Z..q^.Z..r^.Z

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\de.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):136414
                                              Entropy (8bit):5.486129891558703
                                              Encrypted:false
                                              SSDEEP:3072:rbCAFix2ob23Yp8tMoAq/AJ/vN5N4ygxjl+:ruAFiUtMBB4ygVg
                                              MD5:A4D8EECEC2747FFB12551AB8E93FAFDF
                                              SHA1:59AA4C3A7179C46C7699D0D918DD92722A614DEF
                                              SHA-256:D67F95E2982E7DEBF67741B88CE054F5BB8356021A280E092227B77EC82E298F
                                              SHA-512:1DE20FA8798D050966C99AA0590C7460A40B6FF41AFC36645C1F4655A09F6070530ADBD1D6FB5937D1FC9965C7AAC932DBB06A0FF47F31BCB6D4717EAA81613E
                                              Malicious:false
                                              Preview:..........F.j.@F..k.OF..l.ZF..n.bF..o.gF..p.tF..q.zF..r..F..s..F..t..F..v..F..w..F..y..F..z..F..|..F..}..F.....F.....F.....G.....G.....G.....G....%G....,G....-G.....G....gG....xG.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H....-H....FH....MH....PH....QH....[H....eH....yH.....H.....H.....H.....H.....H.....H.....H..*..H..+..I..,..I.././I..0.7I..1.\I..2.jI..3.sI..4..I..5..I..6..J..7..J..>.*J..?.2J..N.GJ..g.RJ..i.UJ..j.YJ..k.bJ..l.hJ...]uJ...].J...].J...]{K...].K...].K...].K...].K...].L...],L...]%M...]<M...]CM...]IM...^fM...^sM...^.M...^.M...^VN...^.N...^.N...^.N...^.N...^.N...^.N...^.O...^.O...^2O...^mO...^{O...^.O..%^.O..&^.O..'^.O..)^.P..*^#P..+^4P..,^DP..-^JP...^mP../^.P..0^.Q..1^.Q..2^TR..3^kR..4^.R..5^.R..8^.R..9^SS..:^!T..;^0T..<^LT..>^tT..?^.T..@^ZU..A^aU..B^lU..C^.U..D^.V..E^.W..F^.W..G^.X..I^)X..K^2X..L^@X..M^IX..N^XX..O^.X..T^.X..U^.Y..V^.Y..W^.Y..X^.Y..Y^.Y..Z^2Z..[^.Z..\^.Z..]^.[..b^.[..d^.[..e^.[..f^.[..g^.[..h^.[..i^.\..j^.\..k^#\..l^&\..o^>\..p^h\..q^.\..r^.\

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\el.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):235472
                                              Entropy (8bit):4.928800315357694
                                              Encrypted:false
                                              SSDEEP:6144:7zUGI8nOCi+hF/kDuKx3xqt5ImROl3ppSZ3/7zFMeF+fY2hl76Hi5YlXSRzG:7zUGIiOCi+hF/kDuKx3xqt5ImROl3ppe
                                              MD5:DC334C39FA35F04D554FD6BF4D6301BE
                                              SHA1:8F83F39B41447E479E1DE761721FC35B22A1F227
                                              SHA-256:168FDC777570FA85C16EE7A701BEF28FE6D7EB943A674AD8681A2F9FCEDD2635
                                              SHA-512:E4F0FE4AC83DF9F106D60DE2D4563519512D1B088ABB0FD52D4D459CCF093397C5F56E41958111AD67AB9A19DC2A9DD6870356BE2E344559DEAF757D3B96B7A1
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..G..w..G..y..G..z.*G..|.0G..}.BG....JG....OG....WG...._G....gG....nG....uG....|G....}G....~G.....G.....H....+H....eH.....H.....H.....H.....H.....H.....H.....I....2I...._I.....I.....I.....I.....I.....I.....I.....I.....I.....J.....J...."J....2J.....J.....J..*..J..+..K..,. K../.pK..0..K..1..L..2.2L..3.JL..4..L..5..L..6.TM..7.|M..>..M..?..M..N..M..g..M..i..N..j..N..k..N..l..N...].N...]tN...].N...].O...].O...]CP...]jP...].P...].Q...]0Q...].R...].S...].S...]#S...^WS...^iS...^.S...^.S...^/U...^.U...^.U...^.V...^)V...^]V...^mV...^.V...^.V...^.V...^oW...^.W...^.W..%^.W..&^.W..'^.X..)^.X..*^.X..+^.Y..,^.Y..-^FY...^.Y../^.Y..0^.Z..1^.[..2^.\..3^.\..4^:]..5^a]..8^.]..9^.^..:^;`..;^V`..<^z`..>^.`..?^.a..@^sb..A^.b..B^.b..C^.b..D^.d..E^.e..F^.f..G^Qg..I^.g..K^.g..L^.g..M^.g..N^.g..O^8h..T^.h..U^.i..V^.i..W^Wj..X^xj..Y^.j..Z^.k..[^Ll..\^.m..]^jm..b^.n..c^.n..d^.n..e^.n..f^.n..g^.n..h^.o..i^3o..j^4o..k^So..l^Vo..o^.o..p^.o..q^.o

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\en-GB.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):112584
                                              Entropy (8bit):5.476085642762499
                                              Encrypted:false
                                              SSDEEP:1536:uXfjHeQnROOpWIWGmjXD0K6rcK4Rr3fSr5iBNgqkAJXuSOiJedMJrV9FDVfm3ggt:uC1OpTmjQK6ruzBNgBAJX9b63ggl+1w
                                              MD5:998947B55A25776181CC11110902F6D7
                                              SHA1:A93272EB26EB9977833FB809DF593759F2533570
                                              SHA-256:FCBCDFB71363750A9E404A365A00F196C9ED4FE149532580F149811475B45636
                                              SHA-512:A58B9B8BF6C2C2B14F870FDD3557B18AA002F5CC8C270EB0D35A1AAB3CB864CF472328F0515039515879C9B355569B7D049CA1A1569304CF347B40B5815B726F
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..G..t..G..v."G..w./G..y.5G..z.DG..|.JG..}.\G....dG....iG....qG....yG.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H.....H.....H....(H....8H....MH....bH....iH....lH....mH....uH....}H.....H.....H.....H.....H.....H.....H.....H.....H..*..H..+..H..,..I../..I..0.!I..1.UI..2.cI..3.iI..4.}I..5..I..6..I..7..I..>..I..?..I..N..J..g..J..i..J..j..J..k..J..l..J...]#J...]DJ...]SJ...].J...].J...].J...].J...].J...]"K...]/K...].K...].K...].K...].K...^.L...^.L...^.L...^=L...^.L...^.L...^.L...^.L...^.L...^.L...^.L...^.M...^(M...^5M...^mM...^wM...^.M..%^.M..&^.M..'^.M..)^.M..*^.N..+^.N..,^.N..-^.N...^*N../^PN..0^.N..1^.N..2^UO..3^dO..4^.O..5^.O..8^.O..9^(P..:^.P..;^.P..<^.P..>^.Q..?^{Q..@^.Q..A^.Q..B^.Q..C^.R..D^.R..E^wS..F^.S..G^.T..I^8T..K^>T..L^HT..M^OT..N^ZT..O^vT..T^.T..U^.T..V^,U..W^@U..X^PU..Y^tU..Z^.U..[^.V..\^OV..]^sV..b^.V..c^.V..d^.W..e^.W..f^.W..g^.W..h^2W..i^EW..j^FW..k^QW..l^TW..o^kW..p^.W..q^.W

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\en-US.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):113481
                                              Entropy (8bit):5.470392531977106
                                              Encrypted:false
                                              SSDEEP:3072:b2jJT3eY9DS2harnCBNg2AJXZfh3ggl+S7wh:ajd3ezrVDwh
                                              MD5:5CC884BF0EC1C702240173B35A421D1B
                                              SHA1:19BDFB0B31DC4A75E7C135D1A8EF76F5F6CC3A31
                                              SHA-256:9F0C75C84381360677055D6197812C7A6C42DBFC6134EB8212D8A60ED1CA1601
                                              SHA-512:48772F50F6B0D846084A0CFB0D6433F2FBF73677B557B022D0D73D04790636C0C40ED873C32FD037013E943FB7C24816EFDCDE38429520895C00C2D85A17EA5C
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..G..r..G..s."G..t.+G..v.@G..w.MG..y.SG..z.bG..|.hG..}.zG.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H.....H....!H....%H....,H....6H....FH....VH....kH.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H..*..I..+..I..,.%I../.6I..0.?I..1.rI..2..I..3..I..4..I..5..I..6..I..7..I..>..J..?..J..N..J..g.(J..i.+J..j./J..k.4J..l.;J...]@J...]aJ...]pJ...].J...].J...].J...].K...].K...]?K...]LK...].L...].L...]"L...](L...^1L...^9L...^KL...^jL...^.L...^.L...^.L...^.M...^.M...^.M...^&M...^9M...^UM...^bM...^.M...^.M...^.M..%^.M..&^.M..'^.M..)^.N..*^-N..+^7N..,^CN..-^GN...^VN../^xN..0^.N..1^.O..2^yO..3^.O..4^.O..5^.O..8^.O..9^OP..:^.P..;^.Q..<^.Q..>^>Q..?^.Q..@^.R..A^.R..B^'R..C^@R..D^5S..E^.S..F^:T..G^kT..I^.T..K^.T..L^.T..M^.T..N^.T..O^.T..T^.U..U^+U..V^.U..W^.U..X^.U..Y^.U..Z^%V..[^gV..\^.V..]^.V..b^PW..c^WW..d^]W..e^bW..f^fW..g^xW..h^.W..i^.W..j^.W..k^.W..l^.W..o^.W..p^.W..q^.X

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\es-419.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):135123
                                              Entropy (8bit):5.373057629573399
                                              Encrypted:false
                                              SSDEEP:1536:JuYwPdcKTJ5z4FjRbeZrphXu6TxaXGQa7+4VdMBPcHYKCRKfKTAJ/c0JWFsMH5B1:J5Wb5ElulhXu4FVKAJ/0u4
                                              MD5:10B1D1097987EA050A5791ECEB5EABDA
                                              SHA1:C0812FBC16592A39CD1600196E62D0000B22BD73
                                              SHA-256:04B24396CC017E1DBB0BCA7371D7CAE10CAD2350DA661A8A035B572AA76CBD49
                                              SHA-512:F2A6767EAE2D5EEBFF35F6B7D3A932FFD797FDFB48023C75B3C98B1CED5B3695EC12E642D68582DA1AACAC1C59B0D3A2F029C702D0DF02D7B08430384D40E178
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..G..v..G..w.)G..y./G..z.>G..|.DG..}.VG....^G....cG....kG....sG....{G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H.....H.....H....!H....2H....EH....XH....pH.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....I....5I..*.@I..+.CI..,.aI../..I..0..I..1..I..2..I..3..I..4..J..5.*J..6.qJ..7..J..>..J..?..J..N..J..g..J..i..J..j..J..k..J..l..J...].J...].K...]3K...].K...].K...].L...]!L...]4L...]hL...]wL...]TM...]uM...]~M...].M...^.M...^.M...^.M...^.M...^.N...^.N...^.N...^.N...^.N...^&O...^/O...^AO...^UO...^cO...^.O...^.O...^.O..%^.O..&^.O..'^.O..)^4P..*^hP..+^xP..,^.P..-^.P...^.P../^.P..0^EQ..1^.Q..2^SR..3^sR..4^.R..5^.R..8^.R..9^_S..:^)T..;^@T..<^UT..>^.T..?^.U..@^yU..A^.U..B^.U..C^.U..D^.V..E^.W..F^.W..G^.W..I^.X..K^.X..L^)X..M^4X..N^BX..O^hX..T^.X..U^.X..V^JY..W^jY..X^}Y..Y^.Y..Z^.Z..[^jZ..\^.Z..]^.Z..b^.[..c^.[..d^.[..e^.[..f^.[..g^.[..h^.\..i^.\..j^.\..k^*\..l^-\..o^T\..p^.\..q^.\

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\es.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):136317
                                              Entropy (8bit):5.340572969000703
                                              Encrypted:false
                                              SSDEEP:3072:WTfkQC57IJHy5p1i1wwZ7+R5E7rAJ/kU8Cx6PZ410:sTC5KHypiT7q5E7E8I6PZ00
                                              MD5:460ED6807D7A0E5DDE909D706B4F267C
                                              SHA1:D4948B217B8A2E620E7AAC7A04C2E8483AA84B3C
                                              SHA-256:665E93CA25DE6050A4FBC1F343D67496D6E1E296DBBCC9EDF3DAB7BBCF1035DB
                                              SHA-512:FA6C57DCFDB6E53FA13FBB353C3C581C3DFBD4D34AE7612B1F780F4DA944DA253767FE86AB3C5A3EAE918A339649828643FD50B9F66BB943F29924E713891D98
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..G..t..G..v..G..w.+G..y.1G..z.@G..|.FG..}.XG....`G....eG....mG....uG....}G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H.....H....!H..../H....@H....SH....fH....~H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....I....>I..*.II..+.LI..,.jI../..I..0..I..1..I..2..I..3..I..4..J..5. J..6.lJ..7.}J..>..J..?..J..N..J..g..J..i..J..j..J..k..J..l..J...].J...].K...]"K...].K...].K...].K...].L...].L...]?L...]NL...]%M...]@M...]IM...]OM...^`M...^nM...^.M...^.M...^YN...^.N...^.N...^.N...^.N...^.O...^.O...^!O...^:O...^HO...^.O...^.O...^.O..%^.O..&^.O..'^.O..)^)P..*^]P..+^mP..,^.P..-^.P...^.P../^.P..0^GQ..1^.Q..2^6R..3^VR..4^.R..5^.R..8^.R..9^5S..:^.S..;^.S..<^.T..>^HT..?^.T..@^.U..A^$U..B^6U..C^[U..D^VV..E^.V..F^JW..G^.W..I^.W..K^.W..L^.W..M^.W..N^.W..O^'X..T^yX..U^.X..V^.Y..W^?Y..X^RY..Y^.Y..Z^.Z..[^eZ..\^.Z..]^.Z..b^.[..c^.[..d^.[..e^.[..f^.[..g^.[..h^.[..i^.\..j^.\..k^.\..l^.\..o^1\..p^V\..q^y\

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\et.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):123538
                                              Entropy (8bit):5.464890802945206
                                              Encrypted:false
                                              SSDEEP:1536:MbW3XIGQTW9ls9DymW643RAyN1zyg9jX0AJ/TuLECs6WrsPQ05u:Mb4M6ls4mW643GAjEAJ/SLE6pPQ00
                                              MD5:9EB930ED036C2828877BBEAED94071B2
                                              SHA1:B410F1CBD1774FD2036C5E8424022554B1FC61F9
                                              SHA-256:502AB41D852C69EA961DF20B79480FD9D38F99BBAD07A4D1B5E7143BA1F7BDC3
                                              SHA-512:86A0C8C6ED19C801705D0CD07A5634C6D234329D4A3AFC10F2E221ABE6A21DEA0F3CB808E2DAF94BDF113B64B7ACDE6AC836BA238D9F8B5F7BB355DA1346E402
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..G..t..G..v..G..w.;G..y.AG..z.PG..|.VG..}.hG....pG....uG....}G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H....#H....%H....)H....5H....AH....JH....ZH....iH....~H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....I.....I..*.'I..+.*I..,.HI../.bI..0.oI..1..I..2..I..3..I..4..I..5..I..6..J..7.5J..>.NJ..?.VJ..N.eJ..g.oJ..i.rJ..j.vJ..k.}J..l..J...].J...].J...].J...]}K...].K...].K...].K...].K...].L...] L...].L...].M...].M...].M...^-M...^3M...^MM...^tM...^.M...^ N...^%N...^UN...^dN...^.N...^.N...^.N...^.N...^.N...^.N...^.O...^.O..%^.O..&^1O..'^?O..)^.O..*^.O..+^.O..,^.O..-^.O...^.O../^.P..0^tP..1^.P..2^LQ..3^^Q..4^.Q..5^.Q..8^.Q..9^(R..:^.R..;^.R..<^.R..>^$S..?^.S..@^.T..A^.T..B^.T..C^FT..D^>U..E^.U..F^.V..G^RV..I^lV..K^tV..L^.V..M^.V..N^.V..O^.V..T^.W..U^+W..V^.W..W^.W..X^.W..Y^.W..Z^AX..[^.X..\^.X..]^.X..b^gY..d^nY..e^qY..f^vY..g^.Y..h^.Y..i^.Y..j^.Y..k^.Y..l^.Y..o^.Y..p^.Z..q^DZ..r^.Z

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\fa.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):190789
                                              Entropy (8bit):5.232451563180468
                                              Encrypted:false
                                              SSDEEP:3072:feMIukF6X+94Raw9a8V+6NS9/W2ESEmSzR2XhmN4o6XsumhdBfOpfVKb8YIO/ECs:uvkXw4Raw9a8V+6NS9/W2ESEmSV2Xhm0
                                              MD5:993FFA47D0354C2A9B9B4D378026E653
                                              SHA1:416EF059058FAE7E91D79E94C0AE4CC56D604F3B
                                              SHA-256:309CEC5292EE0361D45796C2234CF40A064249DA09108B1DA75BF570963941A2
                                              SHA-512:D1ED53F52858090641058AD924E42BAD29610E8E7546279325335C4D8EB9F5830FFE32FA35DACB18040090078A4466199A586D3EA4E82247B73BAB02ECEB17C7
                                              Malicious:false
                                              Preview:..........P.j.,F..k.;F..l.FF..n.NF..o.SF..p.`F..q.fF..r.uF..s..F..t..F..v..F..w..F..y..F..z..F..|..F..}..F.....F.....F.....F.....F.....G.....G.....G.....G.....G....bG....|G.....G.....G.....G.....G.....G.....G.....H....$H....JH....gH.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....I.....I....oI.....I..*..I..+..I..,..I../..I..0..J..1.GJ..2.VJ..3.iJ..4..J..5..J..6.,K..7.dK..>..K..?..K..N..K..g..K..i..K..j..K..k..K..l..K...].K...]CL...]nL...]lM...].M...].M...].M...].N...]lN...].N...]YP...].P...].P...].P...^.P...^.P...^"Q...^kQ...^GR...^.R...^.R...^.R...^.S...^>S...^HS...^pS...^.S...^.S...^.T...^)T...^GT..%^QT..&^mT..'^.T..)^.T..*^(U..+^CU..,^_U..-^gU...^.U../^.U..0^.V..1^.W..2^.X..3^.X..4^.X..5^.Y..8^)Y..9^.Z..:^K[..;^l[..<^.[..>^.[..?^.\..@^.]..A^.]..B^.]..C^.]..D^_`..E^Ua..F^Kb..G^.b..K^.b..L^.c..M^.c..N^)c..O^nc..T^.c..U^Kd..V^.d..W^.e..X^*e..Y^he..Z^.e..[^rf..\^.f..]^'g..b^.g..d^.g..e^.h..f^.h..g^3h..h^Qh..i^rh..j^sh..k^.h..l^.h..o^.h..p^.h..q^-i..r^.i..s^.i..t^.j..v^!j

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\fi.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):125760
                                              Entropy (8bit):5.447273613792246
                                              Encrypted:false
                                              SSDEEP:3072:12KehY+NQoWmiTUqyUEvU2yjZEE218YWUzl3HRFj8mlQAJ/rjNM177Apf:1rehHugj+2lE218YWUzZ3jhXf
                                              MD5:DD7E21B02BDCED910A171D592FAE0B18
                                              SHA1:CC28F1B8F0B06E71DAC3802EE26F644837982FA5
                                              SHA-256:9E1C20ECDBE9D15386ED493D0AC839612CC91A2284D5A97D9DC38EA2C90A3DC1
                                              SHA-512:12B3FD4BA110087074D5BEF6237EEBA96EDEFBCC31BB701142DA058034AF591A627B7B07550670689733A32C747991AE4555884796D29631B7865D06B13E90F7
                                              Malicious:false
                                              Preview:..........#.j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..F..w..G..y..G..z. G..|.&G..}.8G....@G....EG....MG....UG....]G....dG....kG....rG....sG....tG.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H....%H....7H....FH....UH....\H...._H....`H....iH....qH....xH....}H.....H.....H.....H.....H.....H.....H..*..H..+..H..,..I../.)I..0.7I..1.oI..2.}I..3..I..4..I..5..I..6..I..7..J..>.;J..?.DJ..N.cJ..g.nJ..i.qJ..j.uJ..k.zJ..l..J...].J...].J...].J...]gK...]lK...].K...].K...].K...].K...].L...].L...].M...].M...].M...^!M...^*M...^=M...^mM...^.M...^.N...^.N...^2N...^@N...^_N...^dN...^sN...^.N...^.N...^.N...^.N...^.N..%^.N..&^.O..'^.O..)^VO..*^{O..+^.O..,^.O..-^.O...^.O../^.O..0^VP..1^.P..2^.Q..3^+Q..4^UQ..5^bQ..8^.Q..9^.R..:^.R..;^.R..<^.R..>^"S..?^.S..@^.S..A^.S..B^.T..C^*T..D^.U..E^.U..F^.V..G^5V..I^UV..K^YV..L^gV..M^sV..N^.V..O^.V..T^.V..U^.W..V^`W..W^rW..X^.W..Y^.W..Z^.W..[^>X..\^.X..]^.X..b^.Y..d^ Y..e^(Y..f^-Y..g^DY..h^[Y..i^qY..j^rY..k^.Y..l^.Y..o^.Y..p^.Y..q^.Y..r^.Z

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\fil.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):140356
                                              Entropy (8bit):5.190245344679947
                                              Encrypted:false
                                              SSDEEP:3072:zm5fD0udgYRiHX9ooz8p9wYgEAJX0AaCz36/6pS55:oDoYAyoopbA7s5
                                              MD5:9F3A970C8FED49AC50BDDBF09DD9A950
                                              SHA1:E8B986D42D4A79C513BF2DA3D3314FBF55A2A960
                                              SHA-256:7A4C4822516F47CDBABC4B9EF45B710B057A056BC29D3A4A270A22E963E257D3
                                              SHA-512:4533A05B38E45F8CEDFFDECEFB77ED9AF44ABA799F030A770B616EC7867FD0D7893DE67528A611D1002D18E3EE7F8799944804E008EC8217CBF59E03A19139B5
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..G..s..G..t..G..v.0G..w.=G..y.CG..z.RG..|.XG..}.jG....rG....wG.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H....!H....#H....'H....-H....7H....@H....WH....pH.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H....2I....YI..*.gI..+.jI..,..I../..I..0..I..1..I..2..I..3..I..4..J..5.5J..6.nJ..7..J..>..J..?..J..N..J..g..J..i..J..j..J..k..J..l..J...].J...].K...]0K...].K...].K...].K...].K...].L...]EL...]ZL...].M...].M...].M...].M...^.M...^.M...^.M...^&N...^.N...^.N...^.N...^.O...^.O...^)O...^3O...^MO...^fO...^zO...^.O...^.O...^.O..%^.O..&^.O..'^.O..)^EP..*^gP..+^wP..,^.P..-^.P...^.P../^.P..0^>Q..1^.Q..2^.R..3^5R..4^fR..5^~R..8^.R..9^,S..:^.S..;^.T..<^.T..>^JT..?^.T..@^YU..A^eU..B^yU..C^.U..D^.W..E^.W..F^vX..G^.X..I^.X..K^.X..L^.X..M^.Y..N^.Y..O^;Y..T^.Y..U^.Y..V^.Z..W^2Z..X^IZ..Y^yZ..Z^.Z..[^1[..\^.[..]^.[..b^X\..c^c\..d^k\..e^p\..f^t\..g^.\..h^.\..i^.\..j^.\..k^.\..l^.\..o^.\..p^ ]..q^?]

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\fr.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):145490
                                              Entropy (8bit):5.383401113888468
                                              Encrypted:false
                                              SSDEEP:3072:jAJQbq5J3EqQRLbEKdG2Hr+6y9Z85Nt3lsnEpS0NRHD7AJ/dIzKByroFDuFcVRSh:0J4q5REqQRLgEG2Hr+6y9Z85Nt3mnEpL
                                              MD5:B7AD524464A61CFE4A5BE1D41C069D4B
                                              SHA1:9EB5C98999D5EA3B0BE56DDEC39BAF58BA5EB078
                                              SHA-256:5B9951426B8783B203B8ED44EBAB916CA8AF020B9E0A32F7249ED9021CCE1C3C
                                              SHA-512:9B6B3274A98097E79DA946B90DA8B0A50575D202A8D76A07868CE03BCAC69C1B848A9A28A55814683E44C8760E5D7A0F25CFF18C974349FB393B9BDAAAADA8E4
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..G..w..G..y..G..z.(G..|..G..}.@G....HG....MG....UG....]G....eG....lG....sG....zG....{G....|G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H....7H....NH....fH....mH....pH....qH....yH.....H.....H.....H.....H.....H.....H.....H.....H.....I..*..I..+..I..,.9I../.PI..0.^I..1..I..2..I..3..I..4..I..5..I..6.BJ..7.SJ..>.kJ..?.vJ..N..J..g..J..i..J..j..J..k..J..l..J...].J...].J...].J...].K...].K...].K...].K...].K...]4L...]HL...]jM...]}M...].M...].M...^.M...^.M...^.M...^.N...^.N...^.N...^.N...^.N...^.O...^%O...^.O...^EO...^hO...^.O...^.O...^.O...^.O..%^.O..&^.P..'^ P..)^sP..*^.P..+^.P..-^.P...^.P../^.Q..0^.Q..1^2R..2^.R..3^.R..4^.S..5^.S..8^6S..9^.S..:^.T..;^.T..<^.T..>^.T..?^.U..@^?V..A^RV..B^oV..C^.V..D^SX..E^$Y..F^.Y..G^)Z..K^UZ..L^hZ..M^rZ..N^.Z..O^.Z..T^.[..U^2[..V^.[..W^.[..X^.[..Y^.\..Z^.\..[^.\..\^Z]..]^.]..b^H^..c^Q^..d^X^..e^\^..f^b^..g^{^..h^.^..i^.^..j^.^..k^.^..l^.^..o^.^..p^._..q^0_..r^s_..s^._

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\gu.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):265683
                                              Entropy (8bit):4.514931934952092
                                              Encrypted:false
                                              SSDEEP:3072:/Ufs9FfYNDx39v+1lT1A626EysP8n3M8IrU35YdO3C36SoYimPVOyVWcTPgrmd/U:XXfsLPVTAf
                                              MD5:45943AE45049D9B7D76068D3721D6C8F
                                              SHA1:0BC3F9B24F0C8CA0078AC7780A21F623B8D7F9E6
                                              SHA-256:AA885CBBF8A13FB95405CC3DCA6677545FD51E303A65897D14ED019955C040DA
                                              SHA-512:7CD2BEC685CE103DCB0900BE832C472BCD1619F549FFC2864A2AE61B60B06565ACC95DC25222521E192362F8D3C4F8816BD1C3438AF7BAD826561247326CBA99
                                              Malicious:false
                                              Preview:..........2.j.hF..k.wF..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..F..w..F..y..F..z..G..|..G..}..G...."G....'G..../G....7G....?G....FG....MG....TG....UG....VG.....G.....G.....H....BH....zH....|H.....H.....H.....H.....H.....I....+I....XI....|I.....I.....I.....I.....I.....I.....I.....I.....J....$J....0J....RJ.....J.....J..*..K..+..K..,.-K../.aK..0..K..1..K..2..L..3.$L..4.XL..5..L..6..L..7.%M..>..M..?..M..N..M..g..M..i..M..j..M..k..M..l..M...].M...]FN...].N...].O...].O...]&P...]iP...].P...]>Q...]dQ...]4T...]\T...]eT...]zT...^.T...^.T...^/U...^.U...^.V...^.V...^.W...^^W...^zW...^.W...^.W...^.W...^4X...^`X...^.Y...^0Y...^aY..%^pY..&^.Y..'^.Y..)^\Z..*^.Z..+^.Z..,^.Z..-^.[...^E[../^.[..0^.\..1^.]..2^.^..3^.^..4^%_..5^N_..8^._..9^.`..:^.b..;^.b..<^.b..>^ic..?^.d..@^.e..A^.e..B^.f..C^.f..D^&j..E^.k..F^.l..G^em..I^.m..K^.m..L^.m..M^.n..N^+n..O^.n..T^6o..U^.o..V^.p..W^.p..X^.p..Y^Vq..Z^?r..[^.s..\^.s..]^.t..b^Vu..c^ru..d^.u..e^.u..f^.u..g^.u..h^]v..i^.v..j^.v..k^.v..l^.v..o^Bw..p^.w..q^.w

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\he.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):167370
                                              Entropy (8bit):4.897123170448971
                                              Encrypted:false
                                              SSDEEP:3072:04dRCZfyn1pNz+WxgbllqMPnXQ5r1GAJ/m3XTnw6jCPQt:FRqK1pNzwbllqMPnXQ5r1UXTnw6jCPQt
                                              MD5:3716C23FA0D68B698F5FD41153757622
                                              SHA1:800CC99237FD8C2151C90E01D6C78978617C0F27
                                              SHA-256:45E428FE527BCC746039A9822DB7F5DF12FD651452209A8746182383C2C004EC
                                              SHA-512:D738DA7FBB6BDA597F2C381C533BA70B8E0A8417E943A17FC91AF455492B04E7607CDD89EB3CB6D2D70F0B87BF89BFBD6FD96DF18603F0FAE485FEE9C7FFFD70
                                              Malicious:false
                                              Preview:..........=.j.RF..k.aF..l.lF..n.tF..o.yF..p..F..q..F..r..F..s..F..t..F..v..F..w..F..y..F..z..F..|..F..}..G.....G.....G.....G....!G....)G....0G....7G....>G....?G....@G.....G.....G.....G.....G.....G.....G.....G.....H....,H....?H....VH....iH.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....I....TI....{I..*..I..+..I..,..I../..I..0..I..1..J..2..J..3.*J..4.NJ..5.}J..6..J..7..J..>..J..?..K..N..K..g.&K..i.)K..j.-K..k.2K..l.:K...]?K...]tK...].K...]cL...]pL...].L...].L...].L...]GM...]cM...].O...].O...].O...].P...^$P...^0P...^[P...^.P...^[Q...^.Q...^.Q...^.Q...^.R...^:R...^BR...^QR...^uR...^.R...^.R...^.R...^.R..%^.S..&^$S..'^;S..)^.S..*^.S..+^.S..,^.S..-^.T...^-T../^iT..0^.T..1^.U..2^/V..3^GV..4^yV..5^.V..8^.V..9^`W..:^OX..;^lX..<^.X..>^.X..?^xY..@^fZ..A^xZ..B^.Z..C^.Z..D^T]..E^~^..F^._..G^.`..I^5`..K^?`..L^V`..M^c`..N^x`..O^.`..T^.a..U^Aa..V^.a..W^.a..X^.b..Y^Zb..Z^.b..[^%c..\^.c..]^.c..b^od..c^yd..d^.d..e^.d..f^.d..g^.d..h^.d..i^.d..j^.d..k^.e..l^.e..o^6e..p^pe..q^.e

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\hi.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):273942
                                              Entropy (8bit):4.493588587563909
                                              Encrypted:false
                                              SSDEEP:3072:RIfyKM/nqz5cwfKSIvYh0b3cvEVhYWVLAogCO/S/Ffm9NLmILORvTHIf+ovahgBD:RxKqLCFP
                                              MD5:0CE87D6655517DCB4D74E5130F235C89
                                              SHA1:0A61C0E385523BC55B3AB2435E7D1231548D3BD2
                                              SHA-256:79FC8A24C93E19ED052DDC0F158E516198A10DF7280265CCB769EE196A438CD7
                                              SHA-512:18ED9D0D354CD8DE96A54A6F793E6C59FF476F02106F7C3CA309175DFBDB00271AA3290BA9805F1B9484E7FAF2CC44E3AC93AA69B7D30C8E99EE31E29D7E4808
                                              Malicious:false
                                              Preview:..........A.j.JF..k.YF..l.dF..n.lF..o.qF..p.~F..q..F..r..F..s..F..t..F..v..F..w..F..y..F..z..F..|..F..}..F.....G.....G.....G.....G....!G....(G..../G....6G....7G....8G.....G.....G.....H....<H....mH....oH....sH.....H.....H.....H.....H.....I....FI....pI....wI....zI....|I.....I.....I.....I.....I.....J....*J....CJ....YJ.....J.....J..*..K..+..K..,.-K../.mK..0..K..1..L..2.#L..3.CL..4..L..5..L..6..M..7.YM..>..M..?..M..N..M..g..N..i..N..j..N..k. N..l..N...]3N...].N...]SO...].Q...].Q...].R...]FR...].R...]2S...]^S...].V...].V...].V...].V...^TW...^fW...^.W...^!X...^.Y...^8Z...^NZ...^.[...^:[...^.[...^.[...^.\...^c\...^.\...^:]...^^]...^z]..%^.]..&^.]..'^.]..)^.^..*^.^..+^._..,^G_..-^W_...^._../^.`..0^.a..1^.a..2^.b..3^.c..4^^c..5^.c..8^.c..9^.e..:^.f..;^.f..<^.g..>^.g..?^.h..@^.i..A^$j..B^Uj..C^.j..D^.m..E^.o..F^Ap..G^.p..I^.q..K^.q..L^;q..M^Mq..N^lq..O^.r..T^?s..U^.s..V^.t..W^.t..X^.t..Y^2u..Z^.v..[^.v..\^.w..]^Dx..b^xy..d^.y..e^.y..f^.y..g^.y..h^Bz..i^.z..j^.z..k^.z..l^.z..o^#{..p^.{..q^I|..r^.|

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\hr.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):133955
                                              Entropy (8bit):5.502579129345829
                                              Encrypted:false
                                              SSDEEP:3072:3EFk7trSBVqKRgAGCv1ljWNqcUlEdp9qLnMUpE+ugAJ/IMMoqa721Ox9s:UFPBVb6q3
                                              MD5:B8A77FDFDF62A844C90FE62DE0B6858A
                                              SHA1:B601AB105FCB328AF4B17B3E1DBEBF94ECDDAB33
                                              SHA-256:AD13BAB195D7619C58494D592CB11C22DDDCF3B2735804BE60F951F87DDD734B
                                              SHA-512:164122955B11EAF5E88BC61366C473B7A67C12B858BDAB407C189DC74ACA75C406075BFC0BD5877FA0B3857BA5DAD81C9795EB55D3DBE7EADA67B03D1BFAA442
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..G..v..G..w.#G..y.)G..z.8G..|.>G..}.PG....XG....]G....eG....mG....uG....|G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H....%H....8H....NH....dH....kH....nH....oH....zH.....H.....H.....H.....H.....H.....H.....H.....H.....I..*..I..+..I..,.4I../.MI..0.SI..1..I..2..I..3..I..4..I..5..I..6.%J..7.>J..>.XJ..?.aJ..N.rJ..g.{J..i.~J..j..J..k..J..l..J...].J...].J...].J...]xK...].K...].K...].K...].K...].K...].L...].M...].M...].M...].M...^.M...^.M...^.N...^>N...^.N...^.N...^.O...^,O...^<O...^oO...^vO...^.O...^.O...^.O...^.O...^.O...^.O..%^.P..&^ P..'^1P..)^yP..*^.P..+^.P..,^.P..-^.P...^.P../^.Q..0^.Q..1^.Q..2^LR..3^`R..4^.R..5^.R..8^.R..9^%S..:^.S..;^.S..<^.T..>^BT..?^.T..@^zU..A^.U..B^.U..C^.U..D^.W..E^.X..F^yY..G^.Y..I^.Y..K^.Y..L^.Y..M^.Y..N^.Z..O^1Z..T^pZ..U^.Z..V^.Z..W^.[..X^-[..Y^U[..Z^.[..[^.\..\^Z\..]^.\..b^.]..d^.]..e^"]..f^(]..g^@]..h^U]..i^g]..j^h]..k^{]..l^~]..o^.]..p^.]..q^.^..r^H^

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\hu.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):144547
                                              Entropy (8bit):5.634145281802686
                                              Encrypted:false
                                              SSDEEP:3072:BfOMF2+rAIR7rjgIHmMRHiGhj8oAJ/kgCdAtRdpEsLK5M3ICm:BfnQ+rxRDjxiGhgjRdpEB63ICm
                                              MD5:873CA729BBFEAB336795E1696289B191
                                              SHA1:BEF9CC201BCA2D433E2DC183C96425A542BC3F01
                                              SHA-256:D7C29C66D265129EDE1019C708BD0A358D6B820366509845834752EC2EF705DA
                                              SHA-512:2973C94779893C1F4D8725677355D71EDEA2599077EEFE7DAD6D4E4392AB036C0633440D2578A2D51947007ADF9DFE859F9B50E39CE7D7482992D5A3790CFDC4
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..G..w..G..y..G..z..G..|.4G..}.FG....NG....SG....[G....cG....kG....rG....yG.....G.....G.....G.....G.....G.....G.....G.....H.....H.....H...."H....)H....>H....SH....mH.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....I.....I.....I....QI....sI..*.|I..+..I..,..I../..I..0..I..1..I..2..I..3..J..4.%J..5.GJ..6..J..7..J..>..J..?..J..N..J..g..J..i..J..j..J..k..J..l..J...].K...]2K...]TK...].L...]"L...]TL...]vL...].L...].L...].L...].M...].N...].N...].N...^+N...^9N...^LN...^yN...^.O...^DO...^MO...^xO...^.O...^.O...^.O...^.O...^.O...^.O...^)P...^9P...^KP..%^RP..&^dP..'^tP..)^.P..*^.P..+^.P..,^.P..-^.Q...^ Q../^@Q..0^.Q..1^$R..2^.R..3^.R..4^.R..5^.R..8^.S..9^.S..:^sT..;^.T..<^.T..>^.T..?^dU..@^.U..A^.U..B^.U..C^.V..D^.W..E^.W..F^.X..G^XX..I^.X..K^.X..L^.X..M^.X..N^.X..O^.X..T^CY..U^lY..V^.Y..W^.Y..X^.Z..Y^UZ..Z^.Z..[^ [..\^.[..]^.[..b^o\..c^}\..d^.\..e^.\..f^.\..g^.\..h^.\..i^.\..j^.\..k^.\..l^.\..o^.]..p^P]..q^.]

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\id.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):121818
                                              Entropy (8bit):5.360373815575629
                                              Encrypted:false
                                              SSDEEP:3072:3ZKQj9ZZpz495KWVce03AJX/8WsAzaZ6N3cCEL:JKQjxpMvtRsEaR
                                              MD5:E61A4D062CD61972A534A5E86E49C34D
                                              SHA1:C19BE8F744B956753CE40D91A34F0DA02F699FFA
                                              SHA-256:D00C7EE5EDEB1BD1493C49CF2D124FFDF47405D21D8D43C1A41C8749CE5C86A3
                                              SHA-512:7DE4453B0793DDE96503E762D4E9A77835DDBB1D75D35F012D24E8453A90AC85F87B0A62D95AD68393901A8AC3FCB147CF2B7BD468DFFA62D959133528AF15F9
                                              Malicious:false
                                              Preview:..........$.j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..F..w..G..y..G..z..G..|.$G..}.6G....>G....CG....KG....SG....[G....bG....iG....pG....qG....rG.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H....4H....IH....PH....SH....TH....\H....dH....lH....qH....wH.....H.....H.....H.....H.....H..*..H..+..H..,..I../..I..0..I..1.II..2.[I..3.eI..4..I..5..I..6..I..7..I..>..I..?..I..N..J..g..J..i..J..j..J..k.!J..l.)J...].J...]VJ...]pJ...].K...].K...],K...];K...]jK...]yK...]hL...].L...].L...].L...^.L...^.L...^.L...^.L...^^M...^.M...^.M...^.M...^.M...^.M...^.M...^.N...^.N...^*N...^iN...^rN...^.N..%^.N..&^.N..'^.N..)^.N..*^.N..+^.O..,^.O..-^.O...^4O../^fO..0^.O..1^;P..2^.P..3^.P..4^.P..5^.P..8^.Q..9^.Q..:^SR..;^bR..<^tR..>^.R..?^.S..@^qS..A^.S..B^.S..C^.S..D^.T..E^.U..F^{U..G^.U..I^.U..K^.U..L^.U..M^.U..N^.V..O^.V..T^^V..U^.V..V^.V..W^.V..X^.W..Y^+W..Z^.W..[^.W..\^.X..]^=X..b^.X..c^.X..d^.X..e^.X..f^.X..g^.X..h^.Y..i^&Y..j^'Y..k^5Y..l^8Y..o^QY..p^uY..q^.Y..r^.Y

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\it.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):134374
                                              Entropy (8bit):5.276015939200961
                                              Encrypted:false
                                              SSDEEP:3072:UbhWa92N5TAgX3OEKDoLx1NyN4tA7kxAjidqoxAJXsPdo80Juz:khWdN5TAgX3OBcLx7yN4tA7kxAjiJlow
                                              MD5:A2E2D2B990CFFD395772D2F146084775
                                              SHA1:30EB2B67223104E72FD4CBD3448B01442928FC56
                                              SHA-256:27C74ECE0AA92E15D2F26628C4E132AF03A6DB5384E24504932C45912ABA7268
                                              SHA-512:8D874A43DC7FD2933CE4B81C8CB8D17C709E1947CCA8867614F726A34600F8B59689FB7DF50C7502FC21CC99785074723E4502622C677E5239D598CAC8962E00
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..G..w..G..y.%G..z.4G..|.:G..}.LG....TG....YG....aG....iG....qG....xG.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H.....H.....H.....H....CH....VH....nH.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....I....+I..*.7I..+.:I..,.XI../.iI..0.nI..1..I..2..I..3..I..4..I..5..J..6.`J..7.pJ..>..J..?..J..N..J..g..J..i..J..j..J..k..J..l..J...].J...].J...].K...].K...].K...].K...].K...].L...]ZL...]gL...]NM...]tM...]|M...].M...^.M...^.M...^.M...^.N...^.N...^.N...^.N...^.N...^.O...^.O...^%O...^9O...^VO...^gO...^.O...^.O...^.O..%^.O..&^.O..'^.O..)^)P..*^SP..+^`P..,^qP..-^uP...^.P../^.P..0^.Q..1^.Q..2^.R..3^#R..4^NR..5^`R..8^zR..9^.S..:^.S..;^.S..<^.T..>^BT..?^.T..@^%U..A^0U..B^AU..C^rU..D^.V..E^.W..F^.W..G^.W..K^.X..L^"X..M^,X..N^9X..O^^X..T^.X..U^.X..V^@Y..W^fY..X^wY..Y^.Y..Z^.Z..[^pZ..\^.Z..]^.Z..b^.[..c^.[..d^.[..e^.[..f^.[..g^.[..h^.[..i^.[..j^.[..k^.\..l^.\..o^0\..p^Q\..q^p\..r^.\

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\ja.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):159139
                                              Entropy (8bit):5.873398037642396
                                              Encrypted:false
                                              SSDEEP:3072:oItCbyjIPthibF3MkCRAJ/2ijt+FC1yNLAVv:tLyAVv
                                              MD5:0553C4D65C38A5AFB98A0EE8F420A207
                                              SHA1:C6011AB07BC0B1E036BF564BE6F4D65C24E7D3E4
                                              SHA-256:C2BAD3C397CC41210E1D5D1D04A7185F9287C670E285D30C66235F5807B39FCF
                                              SHA-512:F3B9636A93BA77C1BD00D491710ADB221F570A30D1B5ADC50B8E263165B81A17C062ACA1CB656314140A512CD7E69F583DA781EE4C8929A1305E743361A3B030
                                              Malicious:false
                                              Preview:..........h.j..E..k..F..l..F..m..F..o.3F..p.@F..q.FF..v.UF..w.bF..y.hF..z.wF..|.}F..}..F.....F.....F.....F.....F.....F.....F.....F.....F.....F.....F.....F.....F....&G....?G....]G....~G.....G.....G.....G.....G.....G.....G.....G.....G...."H....KH....RH....UH....^H....gH....mH....vH.....H.....H.....H.....H.....H.....I..*. I..+.#I..,.EI../.aI..0.jI..1..I..2..I..3..I..4..I..5..J..6.oJ..7..J..>..J..?..J..N..J..g..J..i..J..j..J..k..J..l..J...].J...];K...]bK...]:L...]@L...]pL...].L...].L...].L...]<N...]QN...]WN...]fN...^{N...^.N...^.N...^.N...^.O...^.O...^)P...^AP...^\P...^bP...^.P...^.P...^.P...^.Q...^.Q...^(Q..%^.Q..&^OQ..'^aQ..)^.Q..*^.Q..+^.R..,^%R..-^+R...^LR../^vR..0^.S..1^.S..2^.T..3^.T..4^VT..5^eT..8^zT..9^.U..:^.U..;^.U..<^.V..>^oV..?^.W..@^~W..A^.W..B^.W..C^.W..D^.X..E^sY..F^.Y..G^LZ..I^sZ..K^.Z..L^.Z..M^.Z..N^.Z..O^.Z..T^>[..U^n[..V^.[..W^.\..X^.\..Y^;\..Z^.\..[^.\..\^W]..]^.]..b^)^..d^/^..e^2^..f^5^..g^Y^..h^w^..i^.^..j^.^..k^.^..l^.^..o^.^..p^*_..q^Y_..r^._..s^._..t^._..v^._..x^.`

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\kn.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):299517
                                              Entropy (8bit):4.421440980554494
                                              Encrypted:false
                                              SSDEEP:6144:dR3ENI+2gRlXEgkndwm+PDu6h1TS/Z7JQO6aym:dR3EhRl07+VBm
                                              MD5:33BC5AC34A95379D58F9C42CB21A92E4
                                              SHA1:0F4EF0A9A40E9042F3B744B5B87FCF00C08FD7E1
                                              SHA-256:99C8C57A808C63088D3E7B83DCF7CF80FB2A648D678A7C9473F2B5CC0BEF8152
                                              SHA-512:62DB9B5781B6C218E39BF7D4E47614FAF2EDB496A51E0B4E802047D57639890F13A4B4F84B6326FBDF6218B8991A0456DC5BB1473436CC74AF4E54283BB3BF13
                                              Malicious:false
                                              Preview:........../.j.nF..k.}F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..F..w..F..y..F..z..G..|..G..}. G....(G....-G....5G....=G....EG....LG....SG....ZG....[G....\G.....G....%H....\H.....H.....H.....H.....H.....I....-I....^I.....I.....I.....J....@J....GJ....JJ....LJ....dJ.....J.....J.....J.....J.....J.....K....%K.....K.....K..*..K..+..L..,. L../.QL..0.oL..1..M..2..M..3.4M..4..M..5..M..6.RN..7..N..>..N..?..N..N.1O..g.MO..i.PO..j.TO..k.YO..l.gO...]lO...].O...]=P...].Q...].Q...]5R...]xR...].R...]%S...]qS...]WV...].V...].V...].V...^.V...^.W...^hW...^.W...^2Y...^.Y...^.Y...^+Z...^JZ...^.Z...^.Z...^.Z...^.[...^D[...^!\...^J\...^u\..%^.\..&^.\..'^.\..)^.]..*^.]..+^.^..,^X^..-^p^...^.^../^?_..0^z`..1^~a..2^.b..3^.b..4^ c..5^Tc..8^.c..9^Ce..:^Tg..;^kg..<^.g..>^Sh..?^.i..@^.j..A^Wk..B^.k..C^.k..D^.o..E^kq..F^.r..G^.s..K^.s..L^.t..M^@t..N^qt..O^.t..T^.u..U^Av..V^fw..W^.w..X^.w..Y^bx..Z^_y..[^?z..\^#{..]^.{..b^.|..c^.}..d^$}..e^6}..f^B}..g^.}..h^.}..i^/~..j^0~..k^h~..l^k~..o^.~..p^....q^m...r^1.

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\ko.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):134295
                                              Entropy (8bit):6.191082491321746
                                              Encrypted:false
                                              SSDEEP:3072:qc7oyh7cbcQ4G+othXuAgWCYeHw0pFSCukpHTezNsAJ/r/4KiWgx1D/xRAmxJT6e:JV7cQGbtd5EdSwxn
                                              MD5:7FF011AE4E5FFD05736F99888AE9A8CB
                                              SHA1:544BF65AB5FE462FAADCDA88E2E5DB0009169123
                                              SHA-256:5BA83651D941CB9F87B961F735D5BFB0E249878255129BE1D8E8D6BA5D903D76
                                              SHA-512:BAA72F1A5561FD67A047309255CA799A55365D6D755324313E86E26AE9F3A8209AF7AF24C1A9BA83FAA441CF49FB843D9AD1FAB4B76354B0800EDFD9A2AE21F7
                                              Malicious:false
                                              Preview:..........o.j..E..k..E..l..F..m..F..o..F..p..F..q..F..r.-F..s.>F..t.GF..y.\F..z.kF..|.qF..}..F.....F.....F.....F.....F.....F.....F.....F.....F.....F.....F.....G.....G....'G....:G....JG....LG....PG....\G....cG....yG.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H.....H....XH....jH..*.wH..+.zH..,..H../..H..0..H..1..I..2.#I..3./I..4.NI..5.vI..6..I..7..I..>..I..?..I..N..I..g..J..i..J..j..J..k..J..l."J...]'J...]SJ...]}J...].K...].K...]CK...]TK...].K...].K...].L...].L...].L...].L...^.L...^.L...^.L...^.M...^.M...^.M...^.M...^.N...^.N...^/N...^5N...^BN...^ON...^_N...^.N...^.N...^.N..%^.N..&^.N..'^.O..)^NO..*^.O..+^.O..,^.O..-^.O...^.O../^.O..0^tP..1^.P..2^lQ..3^.Q..4^.Q..5^.Q..8^.Q..9^yR..:^tS..;^.S..<^.S..>^.S..?^PT..@^.T..A^.T..B^.T..C^.T..D^.V..E^.V..F^.W..G^aW..K^.W..L^.W..M^.W..N^.W..O^.W..T^<X..U^oX..V^.X..W^.X..X^.Y..Y^5Y..Z^.Y..[^.Y..\^3Z..]^XZ..d^.Z..e^.Z..f^.Z..g^.[..h^,[..i^F[..j^G[..k^Z[..l^][..o^q[..p^.[..q^.[..r^.\..s^.\..t^S\..v^\\..x^p\..y^v\..z^.\

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\lt.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):146763
                                              Entropy (8bit):5.624470493823786
                                              Encrypted:false
                                              SSDEEP:3072:lD0hfQBDyyUa5I2dAJ/9bXpwh2I76S1l5nJ:edQ0Pa5IFbXpwh2I76SX
                                              MD5:90847DC4F0387C80DD00BAD7B001A879
                                              SHA1:B7543FA3A3185201EACB2CBEB1F6EF667CCA10B1
                                              SHA-256:FB5BB8AA591D3D8D7557FB296317C30DB3C4D5C9F438FE0A43A94B974B9286A1
                                              SHA-512:19ED2F2B9D71F00A81EE93C776EE9B2D4D6283CB5ADB280A30EB8ADB9BE53A2D007D267DD8143FE7EB98AB909DBC88B16BC7E4167717D3F4EEC3B1C7DCEB8B1B
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..G..v..G..w.#G..y.)G..z.8G..|.>G..}.PG....XG....]G....eG....mG....uG....|G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H.....H....,H....?H....QH....iH.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....I....-I..*.:I..+.=I..,.[I../..I..0..I..1..I..2..I..3..I..4..I..5.%J..6.tJ..7..J..>..J..?..J..N..J..g..J..i..J..j..J..k..J..l..K...].K...];K...]OK...].K...].K...]#L...]4L...]DL...].L...].L...].O...])O...]2O...]JO...^]O...^gO...^.O...^.O...^BP...^jP...^rP...^.P...^.P...^.P...^.P...^.P...^.Q...^.Q...^TQ...^^Q...^rQ..%^|Q..&^.Q..'^.Q..)^.Q..*^.R..+^2R..,^CR..-^JR...^gR../^.R..0^.S..1^.S..2^(T..3^BT..4^rT..5^.T..8^.T..9^5U..:^.U..;^.V..<^#V..>^LV..?^.V..@^.W..A^.W..B^.W..C^.X..D^HZ..E^.[..F^.\..G^.\..I^.]..K^!]..L^7]..M^@]..N^S]..O^.]..T^.]..U^.^..V^s^..W^.^..X^.^..Y^._..Z^u_..[^._..\^&`..]^f`..b^1a..d^<a..e^Ba..f^Ga..g^_a..h^sa..i^.a..j^.a..k^.a..l^.a..o^.a..p^.a..q^.b..r^Db

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\lv.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):145384
                                              Entropy (8bit):5.624257022055004
                                              Encrypted:false
                                              SSDEEP:3072:EVo9zC3sdc2eT4mPGojE7+Gv9AA7dNIM8cAJ/7AMfZ1j:EV+zrdc2eT4mPG/7V9AA7dNIhjAMZ1j
                                              MD5:61EE8D708739FB4BB33F37BFFBA745AE
                                              SHA1:7173073DDDD29E4688B922297EEC471AE8B0FDF9
                                              SHA-256:F944E3DBBE9694EF7C111E1A0BF91F5B0229B7C3CA221F54C253276242C281F8
                                              SHA-512:25FDFC2EBBF7D408D9570DA3D55D9722C912B2995DE9E73449B8CDE8C0EBB3C25B38E70F66681CBF39D791F151194C85146D95EF59A7B43E7E64B0169B49E2A7
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..G..s..G..t..G..v.0G..w.=G..y.CG..z.RG..|.XG..}.jG....rG....wG.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H....#H....%H....)H....0H....;H....KH....^H....pH.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....I....OI..*.\I..+._I..,.}I../..I..0..I..1..I..2..I..3..J..4..J..5.@J..6.{J..7..J..>..J..?..J..N..J..g..J..i..J..j..J..k..J..l..J...].J...].K...]/K...].K...].K...].L...].L...]<L...]zL...].L...]eN...]{N...].N...].N...^.N...^.N...^.N...^.O...^.O...^.O...^.O...^.O...^.P...^&P...^/P...^DP...^_P...^.P...^.P...^.P...^.P..%^.P..&^.P..'^.Q..)^NQ..*^xQ..+^.Q..,^.Q..-^.Q...^.Q../^.Q..0^gR..1^.R..2^KS..3^kS..4^.S..5^.S..8^.S..9^QT..:^.U..;^/U..<^RU..>^.U..?^.U..@^.V..A^.V..B^.V..C^.W..D^.Y..E^.Z..F^.Z..G^.[..I^0[..K^6[..L^D[..M^O[..N^\[..O^.[..T^.[..U^.[..V^U\..W^r\..X^.\..Y^.\..Z^.]..[^`]..\^.]..]^.]..b^`^..c^l^..d^v^..e^~^..f^.^..g^.^..h^.^..i^.^..j^.^..k^.^..l^.^..o^._..p^L_..q^m_

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\ml.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):315496
                                              Entropy (8bit):4.438433180200473
                                              Encrypted:false
                                              SSDEEP:1536:Jdi0gvoO1Ouu1ElYBkPQ4z6GXdubbTMAJ/I23j:virvn1OuuyPQE6GXduHTMAJ//3j
                                              MD5:6183544A4F554D40A211C8E0376C95AA
                                              SHA1:A9E855BBD03CFEB96DAE4C52E6A577B9F0374184
                                              SHA-256:2B5C12D6628B1835D5658085C04F9DCF0D792DB603A034264E70D86F8D43E044
                                              SHA-512:7C517702F24C92B708DD4EE1D6D5A911213062CFA5AE05C12DA9B2CD4DEC06ED9B218CE88A75AE9A7C9177AF100169F61056B1ECCB9AB3F10811B6E6C99CC86E
                                              Malicious:false
                                              Preview:............j.pF..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..F..w..F..y..F..z..G..|..G..}."G....*G..../G....7G....?G....GG....NG....UG....\G....]G....^G.....G.....H....IH.....H.....H.....H.....H.....I.....I....?I.....I.....I.....I....(J..../J....2J....4J....UJ....sJ.....J.....J.....J.....K....0K....NK....)L....TL..*..L..+..L..,..L../..L..0..L..1..M..2..M..3..M..4.+N..5..N..6.%O..7.mO..>..O..?..P..N.5P..g.WP..i.ZP..j.^P..k.cP..l.wP...]|P...].Q...]NQ...]9S...]WS...].S...].S...]%T...].T...].T...].V...]0W...]9W...]ZW...^.W...^.W...^.W...^|X...^.Z...^oZ...^.Z...^.[...^1[...^y[...^.[...^.[...^&\...^M\...^.\...^.]...^A]..%^e]..&^.]..'^.]..)^x^..*^.^..+^._..,^B_..-^i_...^._../^0`..0^ga..1^.b..2^.c..3^.d..4^.d..5^.d..8^.e..9^.f..:^.h..;^.h..<^%i..>^.i..?^.k..@^%l..A^ll..B^.l..C^.m..D^.o..E^.p..F^.q..G^.r..I^.r..K^.s..L^1s..M^Ls..N^.s..O^.s..T^.u..U^.u..V^.v..W^.v..X^7w..Y^.w..Z^.x..[^cy..\^Fz..]^.z..b^e|..d^.|..e^.|..f^.|..g^.|..h^F}..i^.}..j^.}..k^.}..l^.}..o^-~..p^.~..q^.~..r^..

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\mr.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):260776
                                              Entropy (8bit):4.505268866905645
                                              Encrypted:false
                                              SSDEEP:3072:aWiUPHuEFAbZPMD6D/Wcq02RCnXUIuc7n3SZhO93AJ/fFlWSLQMD8jB3qAyXyYHA:aWFD/Cn/5
                                              MD5:80B49D820F83133B9EFB9AC2CA102C83
                                              SHA1:6E2D370C74891BEF70768F051E4BA0483D6B5C1E
                                              SHA-256:DF72EACF4938F4912F5BAE563DBE7E81A758A7E8FFD49F14502F6D0B5DAB6F27
                                              SHA-512:AFD58A2ADA72E96423CA1F9E1869C8E1621C22E72A13B90FEC5FD2DBE662D2D9280E3277018D426196AD63CD74CE7406975BD134F577B6B3E5864DA7F0831936
                                              Malicious:false
                                              Preview:..........D.j.DF..k.SF..l.^F..n.fF..o.kF..p.xF..q.~F..r..F..s..F..t..F..v..F..w..F..y..F..z..F..|..F..}..F.....F.....G.....G.....G.....G...."G....)G....0G....1G....2G.....G.....G.....G.....H...._H....aH....eH.....H.....H.....H.....H.....I.....I....RI....YI....\I....^I....qI.....I.....I.....I.....I.....I.....J.....J....pJ.....J..*..J..+..J..,..J../.*K..0.7K..1..K..2..K..3..K..4..L..5.TL..6..L..7..L..>.>M..?.QM..N..M..g..M..i..M..j..M..k..M..l..M...].M...].N...]yN...].O...].O...]7P...]dP...].P...].P...].R...].R...].R...].S...^@S...^XS...^.S...^.S...^.T...^QU...^`U...^.U...^.U...^.V...^.V...^FV...^.V...^.V...^2W...^IW...^kW..%^.W..&^.W..'^.W..)^.X..*^.Y..+^/Y..,^mY..-^.Y...^.Y../^3Z..0^;[..1^2\..2^,]..3^Z]..4^.]..5^.]..8^*^..9^._..:^Xa..;^oa..<^.a..>^-b..?^}c..@^od..A^.d..B^.d..C^@e..D^.g..E^.h..F^|i..G^.j..I^fj..K^|j..L^.j..M^.j..N^.j..O^6k..T^.k..U^Rl..V^Hm..W^.m..X^.m..Y^An..Z^-o..[^.o..\^.p..]^*q..b^ur..c^.r..d^.r..e^.r..f^.r..g^.s..h^[s..i^.s..j^.s..k^.s..l^.s..o^.t..p^Xt..q^.t..r^.u

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\ms.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):125611
                                              Entropy (8bit):5.26463363101804
                                              Encrypted:false
                                              SSDEEP:3072:6CdXh6S4YO3xDEj2xjBSxAJ/YL6P8u8Jyt:Lh6S4Yg1Eje
                                              MD5:0CDA98188CCC97E932408BED970E2CE1
                                              SHA1:91595881665CC51FBC013EC0A1D212DEA9F70CB5
                                              SHA-256:18C1CD2F95F5C029F308C53774F49E4B718BC94B78FC3029F95457BCC58281D7
                                              SHA-512:4CF8A939ADF3B79537051016D52A0E2C3C10135DC2A652B68D5EA7BB338DAC422D3AD814DDA1902C393083DB55168E12822DD51151302D5770FE599C0B395AB4
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..G..w..G..y..G..z..G..|.4G..}.FG....NG....SG....[G....cG....kG....rG....yG.....G.....G.....G.....G.....G.....G.....G.....H.....H.....H.....H.....H....1H....EH....WH....pH.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....I.....I..*.%I..+.(I..,.FI../.WI..0.aI..1..I..2..I..3..I..4..I..5..I..6..J..7.2J..>.NJ..?.VJ..N.kJ..g.tJ..i.wJ..j.{J..k..J..l..J...].J...].J...].J...]\K...]dK...].K...].K...].K...].K...].L...].L...].L...].L...^.L...^.L...^.M...^3M...^.M...^.M...^.M...^.M...^.N...^.N...^%N...^3N...^QN...^^N...^.N...^.N...^.N..%^.N..&^.N..'^.N..)^+O..*^FO..+^RO..,^ZO..-^aO...^zO../^.O..0^.P..1^lP..2^.P..3^.P..4^.Q..5^.Q..8^2Q..9^.Q..:^cR..;^rR..<^.R..>^.R..?^.S..@^tS..A^.S..B^.S..C^.S..D^.T..E^,U..F^.U..G^.U..I^.U..K^.U..L^.V..M^.V..N^.V..O^8V..T^.V..U^.V..V^.V..W^.W..X^.W..Y^KW..Z^.W..[^.W..\^DX..]^fX..b^.X..d^.Y..e^.Y..f^.Y..g^.Y..h^5Y..i^KY..j^LY..k^ZY..l^]Y..o^uY..p^.Y..q^.Y..r^.Z..s^%Z

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\nb.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):124135
                                              Entropy (8bit):5.430025230496119
                                              Encrypted:false
                                              SSDEEP:1536:CRF/rikZ7NPdoS2y1SubIsRWYHnfdG4I8F/iX5XzqFlAJ/hIm8VUvCATpdlR0n:+7TIKYstHnVxI8+XzqFlAJ/hIwCcpdi
                                              MD5:00F1A382F8F5E0950CB9BA4A4F3FD478
                                              SHA1:BBA2DE6051BDD9B596F66312F2E2296C370E2D93
                                              SHA-256:E42E748F28E944F9A3A7FAD19E686B856BC60B3E0128DE94E6CD7619A7D24071
                                              SHA-512:2D8F502F51FCF066BF8C420CA2C86FE4EC6274AB0DA5A5266293225910C9A0DFB6D5C529A9FD0DA6FF4952BAC385FCE2885757DE81A4DB2D7F5C10CDDD539C0E
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..G..w..G..y..G..z.(G..|..G..}.@G....HG....MG....UG....]G....eG....lG....sG....zG....{G....|G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H.....H.....H....>H....EH....HH....IH....PH....XH....cH....gH....nH....yH.....H.....H.....H.....H..*..H..+..H..,..H../..I..0..I..1.6I..2.BI..3.SI..4.mI..5..I..6..I..7..I..>..I..?..I..N..I..g..J..i..J..j..J..k..J..l..J...]!J...]LJ...]pJ...].K...].K...]=K...]MK...]\K...].K...].K...]@L...]RL...]YL...]bL...^xL...^.L...^.L...^.L...^nM...^.M...^.M...^.M...^.M...^.M...^.M...^.N...^.N...^%N...^`N...^hN...^{N..%^.N..&^.N..'^.N..)^.N..*^.O..+^.O..,^)O..-^/O...^DO../^jO..0^.O..1^NP..2^.P..3^.P..4^.P..5^.P..8^.Q..9^oQ..:^.R..;^.R..<^)R..>^UR..?^.R..@^.S..A^/S..B^<S..C^XS..D^FT..E^.T..F^*U..G^oU..I^.U..K^.U..L^.U..M^.U..N^.U..O^.U..T^.V..U^EV..V^.V..W^.V..X^.V..Y^)W..Z^.W..[^.W..\^.X..]^FX..b^.X..d^.X..e^.X..f^.X..g^.Y..h^(Y..i^9Y..j^:Y..k^IY..l^LY..o^eY..p^.Y..q^.Y..r^.Y

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\nl.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):128369
                                              Entropy (8bit):5.355883393524085
                                              Encrypted:false
                                              SSDEEP:3072:/PXjFQh8YD5L3O4DjhJk8YIAJ/HgHkIINe2A4Tie1oWnV:/uhzOSYzbYOnV
                                              MD5:2D4BBBF2E9459992252D62AB1A152D30
                                              SHA1:78E696C8B30F2B4A113B72A92C0A011AA7D777BE
                                              SHA-256:4D450B5659EA7BB907728E2B8F48D77A43DC18024E2A15E749F5A760D4144571
                                              SHA-512:3325DBCF891A55E06D2D106046D0E0589DAE5E437B4437B929672150735B38DCF39AFCCF0FADB2C43DD1484F3726ECF9B0EE1641BDE7BB31A84B88790E9CAD55
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..G..v..G..w.#G..y.)G..z.8G..|.>G..}.PG....XG....]G....eG....mG....uG....|G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H....)H....=H....PH....kH.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....I.....I..*.#I..+.&I..,.DI../.UI..0._I..1..I..2..I..3..I..4..I..5..I..6..J..7.7J..>.TJ..?.aJ..N.pJ..g.}J..i..J..j..J..k..J..l..J...].J...].J...].J...]eK...]mK...].K...].K...].K...].K...].K...].L...].L...].L...].L...^.M...^.M...^:M...^[M...^.M...^"N...^*N...^UN...^^N...^xN...^.N...^.N...^.N...^.N...^.N...^.N...^.N..%^.O..&^.O..'^.O..)^ZO..*^xO..+^.O..,^.O..-^.O...^.O../^.O..0^HP..1^.P..2^.Q..3^"Q..4^OQ..5^^Q..8^rQ..9^.Q..:^.R..;^.R..<^.R..>^.R..?^`S..@^.S..A^.S..B^.S..C^.S..D^.U..E^.U..F^.V..G^KV..I^nV..K^wV..L^.V..M^.V..N^.V..O^.V..T^.W..U^:W..V^.W..W^.W..X^.W..Y^.X..Z^lX..[^.X..\^.X..]^(Y..b^.Y..c^.Y..d^.Y..e^.Y..f^.Y..g^.Y..h^.Z..i^.Z..j^.Z..k^&Z..l^)Z..o^GZ..p^qZ..q^.Z

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\pl.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):139797
                                              Entropy (8bit):5.7397990834880295
                                              Encrypted:false
                                              SSDEEP:1536:J7f9ehB1p5o8mmIRMa8oc/1QatCDYezNFOOjAJ/V4KNsNYziU3YxnyL4:J7f92BL9Zh1QaSNF5AJ/V4NYziU3YZ7
                                              MD5:999ED3F4123A1479D43AB2DC9028EDE9
                                              SHA1:346A3C515D01929A4FE3B33C42A3AAD5FE731843
                                              SHA-256:4174B220824334D04BAD161309D342A647433FAE7C353432E34EAF49EC8787CB
                                              SHA-512:ABFB66F0826E88AD2E1C5850C14AD03A9DAF96239E1B675C7442659B9851F202F73B4BA98FF494719683E5C4EEA5CE8756533AF609218E83A47D61730F28E9A6
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..G..v..G..w.)G..y./G..z.>G..|.DG..}.VG....^G....cG....kG....sG....{G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H.....H.....H.....H....3H....AH....PH....fH....}H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....I....'I..*.2I..+.5I..,.SI../.|I..0..I..1..I..2..I..3..I..4..I..5..J..6.CJ..7.\J..>.uJ..?.~J..N..J..g..J..i..J..j..J..k..J..l..J...].J...].J...].J...].K...].K...].K...].K...].K...].L...]=L...].M...].M...].M...].M...^.N...^.N...^0N...^eN...^.N...^.O...^.O...^FO...^UO...^{O...^.O...^.O...^.O...^.O...^.O...^.P..%^.P..&^ P..'^-P..)^yP..*^.P..+^.P..,^.P..-^.P...^.P../^.Q..0^.Q..1^.Q..2^bR..3^.R..4^.R..5^.R..8^.R..9^VS..:^.T..;^.T..<^(T..>^`T..?^.T..@^.U..A^.U..B^.U..C^.U..D^.W..E^.X..F^?Y..G^xY..I^.Y..K^.Y..L^.Y..M^.Y..N^.Y..O^.Y..T^3Z..U^WZ..V^.Z..W^.Z..X^.Z..Y^.[..Z^e[..[^.[..\^.[..]^"\..b^.\..c^.\..d^.\..e^.\..f^.\..g^.\..h^.\..i^.]..j^.]..k^%]..l^(]..o^=]..p^e]..q^.]..r^.]

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\pt-BR.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):133496
                                              Entropy (8bit):5.415308981100393
                                              Encrypted:false
                                              SSDEEP:1536:Dw3h5p48XUV79Xcg7CHFD6XDcc4jHiWXBzOAJ/S0Y0q4qc6x0xGUsTQ5iM0mR:Dw3hY3V7egs5wDccaDXBaAJ/TMzM0w
                                              MD5:31556D02BA0EE812EBDA678E3B70B1F7
                                              SHA1:A2468245936DCE8B2944A66C7562EF4745F64FF7
                                              SHA-256:9D93FDB7F9D0D7833EBEF8EA7016F952301075E714A4918C6A3D5338FEC08FFE
                                              SHA-512:3B6EF3AD2D0115E9694A879E127ECF067D8DF03F0875EBED4427BC674C0C9CC0DEB591FEDA9DF120062C3A59D65FE952727B2A59F352A096887449A0745C8FE5
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..G..v..G..w.%G..y.+G..z.:G..|.@G..}.RG....ZG...._G....gG....oG....wG....~G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H.....H.....H....&H....0H....BH....SH....iH.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....I.....I..*.)I..+.,I..,.JI../.[I..0.dI..1..I..2..I..3..I..4..I..5..I..6.$J..7.8J..>.PJ..?.[J..N.pJ..g.|J..i..J..j..J..k..J..l..J...].J...].J...].J...]gK...]oK...].K...].K...].K...].K...].K...]UM...]mM...]uM...]{M...^.M...^.M...^.M...^.M...^LN...^rN...^yN...^.N...^.N...^.N...^.N...^.N...^.N...^.O...^9O...^=O...^SO..%^YO..&^hO..'^vO..)^.O..*^.O..+^.O..,^.O..-^.P...^'P../^VP..0^.P..1^4Q..2^.Q..3^.Q..4^.Q..5^.Q..8^.R..9^.R..:^.S..;^.S..<^.S..>^.S..?^ST..@^.T..A^.T..B^.T..C^.U..D^.V..E^]W..F^.X..G^ZX..I^.X..K^.X..L^.X..M^.X..N^.X..O^.X..T^.Y..U^CY..V^.Y..W^.Y..X^.Y..Y^.Y..Z^`Z..[^.Z..\^.[..]^<[..b^.[..d^.[..e^.[..f^.[..g^.[..h^.\..i^&\..j^'\..k^8\..l^;\..o^]\..p^.\..q^.\..r^.\

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\pt-PT.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):133827
                                              Entropy (8bit):5.406788102503695
                                              Encrypted:false
                                              SSDEEP:1536:6m13PAqnyVM/oEqsQX3rdc0bvjIFQBAJXHdvxz2qKHiLXLLaH5619n:6muqnyVMUsQX3rKVFQBAJXbLnaH5619n
                                              MD5:B7456478AB25DA7A037689ECF9FC39B1
                                              SHA1:6CACB9E84AF6ADB490B92CAA6A24DEF7114266AD
                                              SHA-256:F07D58C568707C6DE882A19E260C9F97751BF750237FC0BF3556BA95995F5442
                                              SHA-512:9F71AC8F21C64E4B8C93ECDA70C47CC697395E0E67D8B4A8AB4D2C1F95F4D5644AEC87DF2E058526534BD4D65130D600443D3BAAF6AD32BCCE5BB994C506159B
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..G..t..G..v..G..w.+G..y.1G..z.@G..|.FG..}.XG....`G....eG....mG....uG....}G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H.....H.....H...."H....,H....@H....TH....kH.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....I....'I..*./I..+.2I..,.PI../.gI..0.rI..1..I..2..I..3..I..4..I..5..J..6.MJ..7.aJ..>.wJ..?..J..N..J..g..J..i..J..j..J..k..J..l..J...].J...].J...].K...].K...].K...].K...].K...].K...](L...]8L...]EM...]]M...]gM...]mM...^}M...^.M...^.M...^.M...^iN...^.N...^.N...^.N...^.N...^.N...^.N...^.N...^.O...^,O...^cO...^qO...^.O..%^.O..&^.O..'^.O..)^.P..*^+P..+^;P..,^IP..-^SP...^vP../^.P..0^.Q..1^.Q..2^.R..3^.R..4^IR..5^WR..8^sR..9^.S..:^.S..;^.T..<^!T..>^bT..?^.T..@^DU..A^`U..B^xU..C^.U..D^.V..E^5W..F^.W..G^.W..I^%X..K^-X..L^9X..M^BX..N^QX..O^.X..T^.X..U^.Y..V^tY..W^.Y..X^.Y..Y^.Y..Z^OZ..[^.Z..\^.Z..]^)[..b^.[..c^.[..d^.[..e^.[..f^.[..g^.[..h^.\..i^.\..j^.\..k^'\..l^*\..o^@\..p^p\..q^.\

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\ro.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):136702
                                              Entropy (8bit):5.445627159958296
                                              Encrypted:false
                                              SSDEEP:1536:WmIEoOqbh1lVpb6k3aveNmpoKyVwRHpDv2QnvAJ/KpsPlJtWCXh6YuvVBMPMs:AtVpGya2NGpr2iAJ/bPnXh6YuvfG5
                                              MD5:B665411D1B5570903F8E4C2501F977D5
                                              SHA1:CB8D98CF3E053C278F8B93D734FD2B1A42B6F322
                                              SHA-256:8DA674ABE460D1E2824A13338D29344BAE2F092FD94082D71EE91389F8822D69
                                              SHA-512:BDCB8E626DB816C1DB5C60489064D4BA4720381889A36E3D80D00E9988332EC6529107D9B3EF062B9BCC2AFDFE75EC55C8F08BA06D908B07D772D2547C7B4CF1
                                              Malicious:false
                                              Preview:..........).j.zF..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..F..w..F..y..G..z..G..|..G..}.,G....4G....9G....AG....IG....QG....XG...._G....fG....gG....hG.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H....,H....GH....eH....lH....oH....pH....|H.....H.....H.....H.....H.....H.....H.....H.....H.....I..*.$I..+.'I..,.EI../._I..0.pI..1..I..2..I..3..I..4..I..5..I..6.5J..7.JJ..>.aJ..?.iJ..N.xJ..g..J..i..J..j..J..k..J..l..J...].J...].J...].J...]mK...]tK...].K...].K...].K...].L...]"L...]eM...]zM...].M...].M...^.M...^.M...^.M...^.M...^.N...^.N...^.N...^.N...^.N...^%O...^.O...^@O...^SO...^dO...^.O...^.O...^.O..%^.O..&^.O..'^.O..)^ P..*^AP..+^UP..,^kP..-^sP...^.P../^.P..0^/Q..1^.Q..2^.Q..3^.R..4^<R..5^LR..8^cR..9^.R..:^.S..;^.S..<^.S..>^.S..?^[T..@^.T..A^.T..B^.U..C^'U..D^.V..E^CW..F^.W..G^.X..K^6X..L^DX..M^LX..N^[X..O^.X..T^.X..U^.X..V^aY..W^|Y..X^.Y..Y^.Y..Z^.Z..[^\Z..\^.Z..]^.Z..b^`[..d^k[..e^p[..f^r[..g^.[..h^.[..i^.[..j^.[..k^.[..l^.[..o^.[..p^.\..q^(\..r^a\..s^y\

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\ru.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):213507
                                              Entropy (8bit):5.024482756621217
                                              Encrypted:false
                                              SSDEEP:6144:8EaX+/KuMHVOorn+T52wdOrsL489QgIv7RW9o3MfZyLv9Y+YDdVxPA:8EaX+/KuMHVOorn+T52wdOrsL489QgI9
                                              MD5:848ED63D29215F8B7D002F8D731DB13C
                                              SHA1:1A33D0ABFC5F4237E63440AB04A698AC4F230EC6
                                              SHA-256:CF4D6FA2C4A8F828FB11D464F504DDBBFF5ABAB9CC78CBA326BB8EAFCFCDF812
                                              SHA-512:2A1F75D2AAC4075DD43F816FA0B5D7949B1591E53BC711A69DD5540A3A6AD502648F7C6681DB7632B869553FF24EA43AB7CB4CE4B646C022FB88F0ACE97A3C7F
                                              Malicious:false
                                              Preview:..........J.j.8F..k.GF..l.RF..n.ZF..o._F..p.lF..q.rF..r..F..s..F..t..F..v..F..w..F..y..F..z..F..|..F..}..F.....F.....F.....F.....G.....G.....G.....G....$G....%G....&G....~G.....G.....G.....G.....G.....G.....G.....H...."H....4H....SH....vH.....H.....H.....H.....H.....H.....H.....H.....H.....I.... I....8I....BI....NI.....I.....I..*..I..+..I..,..J../.%J..0.6J..1..J..2..J..3..J..4..J..5.'K..6..K..7..K..>..K..?..K..N..L..g.'L..i.*L..j..L..k.7L..l.CL...]HL...].L...].L...].M...].M...].N...]:N...]^N...].N...].N...].R...].R...].S...].S...^-S...^?S...^iS...^.S...^.T...^.T...^.T...^.U...^OU...^.U...^.U...^.U...^.U...^.U...^\V...^yV...^.V..%^.V..&^.V..'^.V..)^OW..*^.W..+^.W..-^.W...^.W../^%X..0^.Y..1^.Y..2^.Z..3^.Z..4^.Z..5^.Z..8^D[..9^0\..:^p]..;^.]..<^.]..>^.]..?^.^..@^"`..A^/`..B^I`..C^.`..D^.d..E^.e..F^]g..G^.g..K^.g..L^.h..M^0h..N^Ih..O^.h..T^.i..U^Ui..V^.i..W^%j..X^Sj..Y^.j..Z^*k..[^.k..\^$l..]^ll..b^Am..d^Wm..e^am..f^gm..g^.m..h^.m..i^.m..j^.m..k^.n..l^!n..o^]n..p^.n..q^.n..r^,o..s^Ro..t^~o

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\sk.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):141995
                                              Entropy (8bit):5.773757591863307
                                              Encrypted:false
                                              SSDEEP:3072:5lfLiyHHuaQRmAJ/4ckM+zBHCYeQrGw5Pa:7TpHuaQR0Gh
                                              MD5:0B9599388DEC973FFEC68A5738A848F4
                                              SHA1:0A0AAF4F9618CF867A1BF1E5BC6B8B21B46C4870
                                              SHA-256:E7038A23BE62E4A476960B935A6C528AAEFB781B28FDB7E24B3D830B5C02F10E
                                              SHA-512:5EE7AEAAF1BE25DDC86694A16CA595872F2A9DCF1E48D0189D3A1EEF425629ABDC814FF32A8B288B468AB4F263953618C4363D033EF7AEC2BAE0072129DD1F9A
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..G..t..G..v. G..w.-G..y.3G..z.BG..|.HG..}.ZG....bG....gG....oG....wG.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H.....H.....H....$H....8H....FH....WH....gH....zH.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....I....'I..*.1I..+.4I..,.RI../.cI..0.mI..1..I..2..I..3..I..4..I..5..I..6.6J..7.KJ..>.bJ..?.lJ..N..J..g..J..i..J..j..J..k..J..l..J...].J...].J...].J...].K...].K...].K...].K...].L...]EL...]UL...].N...].N...].N...]%N...^=N...^GN...^iN...^.N...^&O...^RO...^WO...^.O...^.O...^.O...^.O...^.O...^.O...^.P...^BP...^OP...^bP..%^jP..&^yP..'^.P..)^.P..*^.P..+^.Q..,^.Q..-^ Q...^7Q../^fQ..0^.Q..1^LR..2^.R..3^.R..4^.R..5^.S..8^%S..9^.S..:^pT..;^.T..<^.T..>^.T..?^OU..@^.U..A^.V..B^$V..C^EV..D^.X..E^.Y..F^.Y..G^>Z..I^_Z..K^gZ..L^vZ..M^.Z..N^.Z..O^.Z..T^"[..U^J[..V^.[..W^.[..X^.[..Y^.\..Z^h\..[^.\..\^.\..]^%]..b^.]..c^.]..d^.]..e^.]..f^.]..g^.]..h^.]..i^.^..j^.^..k^,^..l^/^..o^K^..p^.^..q^.^..r^.^

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\sl.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):135567
                                              Entropy (8bit):5.468430155460571
                                              Encrypted:false
                                              SSDEEP:3072:hHcfu74qyRw1uW3NTDPAJ/hIqTCO5i/fzXzZQqu:hHiuyq3FgIsi/fzXNQqu
                                              MD5:3BF6C4AA2129B4B535637AA6727FB1E9
                                              SHA1:569BCFAB7176BB9833A02B5853BBBEB3165538CC
                                              SHA-256:CBFF2DBB38D4D95FE7C811E0ABDB0B92AAD621E5C2C1EEDA3C394DCE5CF1D34F
                                              SHA-512:779CED23ADC89AF08F43531056B7195D253B7EA021439F73F0C9F9B49969153A2044E90ACC0BDA3C14D3B3E68F772F5CF8611F954B5B9CB0370D252A484CA36E
                                              Malicious:false
                                              Preview:..........!.j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..G..w..G..y..G..z.$G..|.*G..}.<G....DG....IG....QG....YG....aG....hG....oG....vG....wG....xG.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H.....H....-H....BH....YH....`H....cH....dH....oH....wH....}H.....H.....H.....H.....H.....H.....H.....H..*..H..+..H..,..I../.?I..0.II..1.zI..2..I..3..I..4..I..5..I..6..J..7..J..>.4J..?.>J..N.LJ..g.XJ..i.[J..j._J..k.fJ..l.nJ...]sJ...].J...].J...]cK...]iK...].K...].K...].K...].K...].K...].M...].M...].M...].N...^2N...^<N...^bN...^.N...^'O...^UO...^\O...^.O...^.O...^.O...^.O...^.O...^.O...^&P...^/P...^KP..%^QP..&^jP..'^xP..)^.P..*^.P..+^.P..,^.Q..-^.Q...^/Q../^SQ..0^.Q..1^/R..2^.R..3^.R..4^.R..5^.R..8^.R..9^gS..:^.T..;^.T..<^)T..>^\T..?^.T..@^.U..A^.U..B^.U..C^.U..D^.X..E^.Y..F^.Z..G^.Z..I^.Z..K^.Z..L^.[..M^.[..N^#[..O^C[..T^.[..U^.[..V^.\..W^.\..X^'\..Y^a\..Z^.\..[^.\..\^A]..]^a]..b^.]..c^.]..d^.]..e^.]..f^.]..g^.^..h^&^..i^8^..j^9^..k^K^..l^N^..o^n^..p^.^..q^.^..r^._

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\sr.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):202805
                                              Entropy (8bit):4.966841321768272
                                              Encrypted:false
                                              SSDEEP:3072:+p95+Dq+4SjoFDq949M6oG3LFYJLajlw+f1SsSZXDn37skAJ/BBn0yh9KlQc+NAy:K95FOoDT9M6ea+sS1r37sTn59b0/k/ZN
                                              MD5:9F9570670D844A1B14B256A7584665E8
                                              SHA1:5B5CF46415662CC1CE4D93B876F4C45389AEDFC2
                                              SHA-256:ABCEE52DEB7382D84DE334C3228711A62A7D21D9A2CE506385805EEA0ED716F4
                                              SHA-512:D38FCA2D639E32F5EF90DFAAC04AEF0CCFBCC409619ACEC6535B5401502B7141F6EB24F574DB97A7ABC550B8E35E93CBC62A4A0F7494C56537FB670F19E02F8E
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..G..t..G..v.$G..w.1G..y.7G..z.FG..|.LG..}.^G....fG....kG....sG....{G.....G.....G.....G.....G.....G.....G.....G.....H....6H....[H.....H.....H.....H.....H.....H.....H.....H.....I....8I....VI....]I....`I....aI....kI....wI.....I.....I.....I.....I.....I.....I....1J....dJ..*.yJ..+.|J..,..J../..J..0..J..1.*K..2.AK..3.ZK..4..K..5..K..6.3L..7.[L..>..L..?..L..N..L..g..L..i..L..j..L..k..L..l..L...].L...]>M...].M...].N...].N...].N...].N...].O...]wO...].O...]7R...]sR...].R...].R...^.R...^.R...^.R...^MS...^PT...^.T...^.T...^.T...^.U...^oU...^.U...^.U...^.U...^.U...^QV...^aV...^.V..%^.V..&^.V..'^.V..)^_W..*^.W..+^.W..,^.W..-^.X...^7X../^{X..0^9Y..1^.Y..2^}Z..3^.Z..4^.Z..5^.Z..8^.[..9^.[..:^.\..;^.\..<^.]..>^v]..?^L^..@^]_..A^s_..B^._..C^._..D^.b..E^,d..F^.e..G^.f..I^<f..K^Hf..L^ef..M^uf..N^.f..O^.f..T^4g..U^.g..V^&h..W^Oh..X^th..Y^.h..Z^Li..[^.i..\^Jj..]^xj..b^Mk..c^[k..d^mk..e^wk..f^.k..g^.k..h^.k..i^.k..j^.k..k^.l..l^.l..o^Il..p^.l..q^.l

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\sv.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):124359
                                              Entropy (8bit):5.508086107251322
                                              Encrypted:false
                                              SSDEEP:3072:UMEKocfz89KPmp1vWZtgKqrAuxHcShbWe2wAJ/0b1+rrx:UMJI9vpPbI
                                              MD5:C0EB9DC359EAD97302591D09A4D80C81
                                              SHA1:5569C326861E80DD05AA49A74D77815364915AF1
                                              SHA-256:B34E855F518A2041E4BBD7B5C269E35E7DFAA431FDD876FC0AAC38B887E65AFF
                                              SHA-512:B488831AA6219A246D0CDC370DC7B95FC07754702447964737EB53B9D5F64092E8873032BC40E8AF9270388BB1B655B4F06D6DE304B85B32FDD297959534D06D
                                              Malicious:false
                                              Preview:..........#.j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..F..w..G..y..G..z. G..|.&G..}.8G....@G....EG....MG....UG....]G....dG....kG....rG....sG....tG.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H.....H....1H....BH....IH....LH....MH....UH....]H....hH....nH....vH.....H.....H.....H.....H.....H..*..H..+..H..,..H../..I..0..I..1.HI..2.RI..3.]I..4..I..5..I..6..I..7..I..>..I..?..I..N..J..g..J..i..J..j..J..k.$J..l.)J...].J...]]J...].J...].K...].K...]@K...]PK...]bK...].K...].K...]uL...].L...].L...].L...^.L...^.L...^.L...^"M...^.M...^.M...^.M...^.M...^.M...^.N...^.N...^#N...^;N...^IN...^.N...^.N...^.N..%^.N..&^.N..'^.N..)^.O..*^0O..+^BO..,^NO..-^SO...^qO../^.O..0^.P..1^eP..2^.P..3^.P..4^.Q..5^)Q..8^CQ..9^.Q..:^lR..;^~R..<^.R..>^.R..?^2S..@^.S..A^.S..B^.S..C^.S..D^.T..E^&U..F^.U..G^.U..I^.V..K^.V..L^.V..M^$V..N^0V..O^WV..T^.V..U^.V..V^%W..W^;W..X^KW..Y^qW..Z^.W..[^.X..\^RX..]^yX..b^.X..c^.X..d^.Y..e^.Y..f^.Y..g^'Y..h^=Y..i^XY..j^YY..k^iY..l^lY..o^.Y..p^.Y..q^.Y

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\sw.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):128671
                                              Entropy (8bit):5.3456626209237825
                                              Encrypted:false
                                              SSDEEP:3072:lg2BYLIYC9tUDiGypkjnfNPXIAJ/AtVPGuLeH+hJHw2L:lg2vtUDiGLfSwH+hJHw2L
                                              MD5:9CD6230B42F2F99D9580F7EF84508F9C
                                              SHA1:4F9D82E3C39F2B0D3B0CC32733254AAF38E811B2
                                              SHA-256:FE18B3E9E275D7330706DD19F4AF603A8AD899138374BFCBA8E2C6764F94C190
                                              SHA-512:46A07A61EE7A70B4D261C16D2FEF6F0E8A35CAF371E33E05CA1DC3BDC7F3D304C1DBDB34DDBA7B6BC573A6A58E170D9250CB1B6A4AD8AE6E255704416C022607
                                              Malicious:false
                                              Preview:..........".j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..G..w..G..y..G..z."G..|.(G..}.:G....BG....GG....OG....WG...._G....fG....mG....tG....uG....vG.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H....(H....;H....OH....eH....lH....oH....pH....wH....|H.....H.....H.....H.....H.....H.....H.....H.....H..*..I..+..I..,.+I../.KI..0.NI..1..I..2..I..3..I..4..I..5..I..6..J..7.,J..>.HJ..?.QJ..N.lJ..g.xJ..i.{J..j..J..k..J..l..J...].J...].J...].J...].K...].K...].K...].K...].L...]*L...]LM...]_M...]cM...]qM...^.M...^.M...^.M...^.M...^aN...^.N...^.N...^.N...^.N...^.O...^.O...^#O...^FO...^UO...^.O...^.O...^.O..%^.O..&^.O..'^.O..)^-P..*^_P..+^pP..,^|P..-^.P...^.P../^.P..0^2Q..1^.Q..2^$R..3^;R..4^kR..5^zR..8^.R..9^5S..:^.S..;^.T..<^.T..>^QT..?^.T..@^$U..A^5U..B^HU..C^lU..D^zV..E^.W..F^gW..G^.W..I^.W..K^.W..L^.W..M^.W..N^.W..O^.X..T^cX..U^.X..V^.X..W^.Y..X^.Y..Y^IY..Z^.Y..[^.Y..\^>Z..]^aZ..b^.Z..d^.Z..e^.Z..f^.[..g^.[..h^/[..i^B[..j^C[..k^\[..l^_[..o^|[..p^.[..q^.[..r^.\..s^&\

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\ta.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):313562
                                              Entropy (8bit):4.239267478834166
                                              Encrypted:false
                                              SSDEEP:1536:SbAjkXB8AVWfEiKV2QwQw+z0vBRiE2k4ca6QVW640akLJse1oQXR2qtR+lAJ/R+i:SbAjkXBdVWDG0vCtRSAJ/v
                                              MD5:AFBB6F8A11ECB993E73A530E2682848C
                                              SHA1:950D0FA6CD4338084B5FFA72EB49F79B07830466
                                              SHA-256:3D16A99568173AD5760BF195B047C8850E39EC8D308A94F6C81CF7BA733F6F5F
                                              SHA-512:74EE545CDCE2E263BC33279325E0C72336575B36DE7DFE145897964CDE7EB57429CDFF082EC5A06E7F46F75E9BC6D5C4CC3DCA395745E990092CDAC27E56F129
                                              Malicious:false
                                              Preview:..........<.j.TF..k.cF..l.nF..n.vF..o.{F..p..F..q..F..r..F..s..F..t..F..v..F..w..F..y..F..z..F..|..F..}..G.....G.....G.....G....#G....+G....2G....9G....@G....AG....BG.....G.....H....8H....xH.....H.....H.....H.....H.....I....;I....{I.....I.....I....'J.....J....1J....2J....PJ....nJ.....J.....J.....J.....J.....J.... K.....K.....K..*..L..+..L..,.5L../.lL..0..L..1..M..2.JM..3.rM..4..M..5.QN..6..N..7.+O..>..O..?..O..N..O..g..O..i..O..j..O..k..O..l..P...].P...].P...].P...].R...].R...].R...]7S...].S...]ZT...].T...]9W...]mW...].W...].W...^.W...^.W...^SX...^.X...^.Z...^.Z...^.Z...^.Z...^.[...^c[...^u[...^.[...^.[...^.\...^.\...^.\...^.\..%^.\..&^1]..'^V]..)^$^..*^y^..+^.^..,^.^..-^._...^k_../^._..0^.a..1^.b..2^.c..3^.d..4^.d..5^.d..8^1e..9^.f..:^.h..;^.h..<^#i..>^.i..?^'k..@^)l..A^.l..B^.l..C^Lm..D^.o..E^.q..F^!r..G^!s..I^ws..K^.s..L^.s..M^.s..N^.t..O^qt..T^Eu..U^.u..V^.v..W^.v..X^Rw..Y^.w..Z^.y..[^.y..\^.z..]^,{..b^.|..c^.|..d^.}..e^.}..f^)}..g^i}..h^.}..i^.}..j^.}..k^.~..l^.~..o^.~..p^.~..q^<.

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\te.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):292506
                                              Entropy (8bit):4.456018055206471
                                              Encrypted:false
                                              SSDEEP:6144:XmgBEAYbTaJAuJLtobDpOr/gTipfJiUvqdWASw6Q7wdis5eRNwJLvM:XyAYbTaJAuJLtobDpOr/gTipfJiUvqdd
                                              MD5:5F441DE15CED6697594E8BC066297348
                                              SHA1:33C64379EC7297404E8AA4A4BA5A7155CD69DC90
                                              SHA-256:4AB6FBF03177BD7AD0908318D5AFFD0CAD142EC5E9ED560043E6B76E590BA995
                                              SHA-512:DAC2982DD5E9337FC3443A87D5DCBBFF46F0FEFDF9E163624BBA1ACD1528F543C84E2A088A83A749543E7B764607C16F1AB1C6C4F9504EFF48180A30681570F3
                                              Malicious:false
                                              Preview:..........".j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..G..w..G..y..G..z."G..|.(G..}.:G....BG....GG....OG....WG...._G....fG....mG....tG....uG....vG.....G....-H....aH.....H.....H.....H.....H.....I....<I....mI.....I.....I.....I.....J....!J....$J....&J....MJ....tJ.....J.....J.....J.....J.....K.....K.....K.....K..*. L..+.#L..,.AL../.xL..0..L..1.-M..2.PM..3.yM..4..M..5..N..6..N..7..N..>.#O..?.6O..N.sO..g..O..i..O..j..O..k..O..l..O...].O...]0P...].P...]=R...]XR...].R...].R...]/S...].S...].T...].U...].V...].V...](V...^oV...^.V...^.V...^KW...^.X...^.Y...^$Y...^.Y...^.Y...^6Z...^TZ...^.Z...^.Z...^.[...^.[...^.[...^!\..%^@\..&^|\..'^.\..)^s]..*^.]..+^.^..,^G^..-^e^...^.^../^._..0^.`..1^:a..2^cb..3^.b..4^.b..5^.c..8^mc..9^$e..:^%g..;^<g..<^.g..>^.h..?^fi..@^@j..A^|j..B^.j..C^.k..D^Qm..E^<n..F^.o..G^.o..I^Hp..K^jp..L^.p..M^.p..N^.p..O^Pq..T^'r..U^.r..V^.s..W^.s..X^?t..Y^.t..Z^.u..[^Gv..\^.w..]^gw..b^.x..c^.x..d^.x..e^.x..f^.x..g^Ly..h^.y..i^.y..j^.y..k^)z..l^,z..o^.z..p^.z..q^-{

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\th.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):246816
                                              Entropy (8bit):4.526207320870026
                                              Encrypted:false
                                              SSDEEP:6144:Oj8nCJFkcSCkIO+CSGHIqXqWmh+OqeZK8QyYo2w1p7GZuRM5aQxFvM4Obhi8ltOX:OAnsFkcSCkIO+CSGHIqXqWmh+OqeZK80
                                              MD5:F0A3CE8609D1CEA58D4D0DFC47D433F9
                                              SHA1:9F0497E31AC881960C2B9CE3F75FAC98D6EE300B
                                              SHA-256:31F31B2985C2AB430D373DD3D79821DB0674EDEE163B4AE74DC362051CCC1491
                                              SHA-512:0A722FE6373F0F64A844A8BD79CFF66707E158A908292DB8F5EE883E4732FC55864B06554988836A07039BEFC4020CB837883851DA0455F070BCB63DF390D919
                                              Malicious:false
                                              Preview:..........b.j..F..k..F..l..F..o.%F..p.2F..q.8F..r.GF..s.XF..t.aF..v.vF..w..F..y..F..z..F..|..F..}..F.....F.....F.....F.....F.....F.....F.....F.....F.....F.....F.....F....GG....kG.....G.....G.....H....0H....4H....FH....^H.....H.....H.....H.....H.....I.....I.....I....5I....VI....hI....qI.....I.....I.....I.....I....BJ....wJ..*..J..+..J..,..J../..J..0..J..1.sK..2..K..3..K..4..K..5.>L..6..L..7..L..>."M..?.SM..N.kM..g.~M..i..M..j..M..k..M..l..M...].M...].N...]HN...]]O...]oO...].O...].O...]SP...].P...]cR...].R...].R...].R...^.S...^ S...^kS...^.S...^.T...^.U...^.U...^.U...^.U...^.U...^.U...^.V...^IV...^jV...^.V...^.W...^lW..%^~W..&^.W..'^.W..)^aX..*^.X..+^.X..,^.X..-^.Y...^DY../^.Y..0^.Z..1^.[..2^.\..3^.]..4^Y]..5^w]..8^.]..9^.^..:^.`..;^.`..<^.`..>^Qa..?^&b..@^.b..A^.c..B^:c..C^.c..D^.f..E^.f..F^.g..G^Ph..I^.h..K^.h..L^.h..M^.h..N^.h..O^<i..T^.i..U^.j..V^.k..W^-k..X^Kk..Y^.k..Z^Xl..[^.m..\^.m..]^.m..b^.o..d^,o..e^;o..f^Ao..g^qo..h^.o..i^.o..j^.o..k^.p..l^.p..o^Ap..p^pp..q^.p..r^.q..s^)q..t^tq

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\tr.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):131303
                                              Entropy (8bit):5.614477997540201
                                              Encrypted:false
                                              SSDEEP:3072:h9Jxt4IyitGJmAMvUsPnnNtOLlh74OfkiO8ru0j19S4jiRRhdaMEi4AJ/Nwi1PLP:x4VJmAWvR0MEAwiBBlnH
                                              MD5:FE23B2095B245AE359C449CF3AE2D4C4
                                              SHA1:56AF0705886551389DEDB9BA1D9BECC682321977
                                              SHA-256:48B76D081B4398C7AF10BE207751EF3BF67720700C35B17196A4AA0C94526208
                                              SHA-512:94B81F5469620BB7545F3CCDA35845861E92FF7D29351A7F562AC861F718454D3D8DFF324CFC904E484F5551D952BC338F24E284F585A714FFFFF5F3A5445F64
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..G..v..G..w.'G..y.-G..z.<G..|.BG..}.TG....\G....aG....iG....qG....yG.....G.....G.....G.....G.....G.....G.....G.....G.....H....(H....*H.....H....5H....?H....OH...._H....qH.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....I....1I..*.7I..+.:I..,.XI../.oI..0.xI..1..I..2..I..3..I..4..I..5..J..6.<J..7.YJ..>.~J..?..J..N..J..g..J..i..J..j..J..k..J..l..J...].J...].J...].K...].K...].K...].K...].K...].L...]OL...]VL...]KM...]dM...]kM...]qM...^.M...^.M...^.M...^.M...^.N...^.N...^.N...^.O...^.O...^)O...^1O...^<O...^VO...^gO...^.O...^.O...^.O..%^.O..&^.O..'^.O..)^=P..*^cP..+^rP..,^.P..-^.P...^.P../^.P..0^=Q..2^.Q..3^.Q..4^.Q..5^.Q..8^.R..9^.R..:^aS..;^rS..<^.S..>^.S..?^9T..@^.T..A^.T..B^.T..C^.T..D^ V..E^.V..F^.V..G^.W..I^MW..K^SW..L^dW..M^mW..N^{W..O^.W..T^.W..U^.X..V^rX..W^.X..X^.X..Y^.X..Z^DY..[^.Y..\^.Y..]^.Z..b^.Z..c^.Z..d^.Z..e^.Z..f^.Z..g^.Z..h^.Z..i^.Z..j^.Z..k^.Z..l^.[..o^#[..p^N[..q^k[..r^.[

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\uk.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):216199
                                              Entropy (8bit):5.057813342706528
                                              Encrypted:false
                                              SSDEEP:3072:/J01cJI2B3IjHVzDFjqCKTASYagFczOAJ/ILNiXEMQOCqWiqrEb4UdsHh:iuJI2B3IjHB0TMWz2LNiXEoCqWiq5B
                                              MD5:6027526062E6F51A7C99FEEBC9AE1947
                                              SHA1:10D7346A8D6A4DADB48BF7720303EF39F76A564A
                                              SHA-256:5DDF9212CBC6696941547B2E57B02092517BFF6E70529F2EE14D0F593610E14F
                                              SHA-512:52178A648747F3247E32183CDB36ECC9A6314B2BEFA91CAE28D5110C479F5D1FF59AD2C802A75288C17650DE5A2EBCF369E04E760259015FF855FF8299DD9F3D
                                              Malicious:false
                                              Preview:..........%.j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..F..w..G..y..G..z..G..|."G..}.4G....<G....AG....IG....QG....YG....`G....gG....nG....oG....pG.....G.....G.....H....6H....xH....zH....~H.....H.....H.....H.....H.....I....'I....II....PI....SI....TI....dI....vI.....I.....I.....I.....I.....I.....I....,J....\J..*.mJ..+.pJ..,..J../..J..0..J..1.EK..2.^K..3.|K..4..K..5..K..6.<L..7._L..>..L..?..L..N..L..g..L..i..L..j..L..k..L..l..L...].L...]?M...]nM...].N...].N...].N...].O...];O...].O...].O...];S...]_S...]mS...]{S...^.S...^.S...^.S...^4T...^1U...^.U...^.U...^.U...^.U...^"V...^6V...^UV...^sV...^.V...^.V...^.W...^ W..%^0W..&^NW..'^kW..)^.W..*^9X..+^XX..,^yX..-^.X../^.X..0^]Y..1^.Z..2^.Z..3^.[..4^`[..5^.[..8^.[..9^.\..:^.]..;^.]..<^.^..>^s^..?^C_..@^.`..A^.`..B^.a..C^Ia..D^re..E^rg..F^.h..G^Ii..I^wi..K^.i..L^.i..M^.i..N^.i..O^"j..T^.j..U^.j..V^.k..W^.k..X^.k..Y^Hl..Z^.l..[^fm..\^.m..]^1n..b^(o..d^>o..e^Jo..f^Po..g^.o..h^.o..i^.o..j^.o..k^.o..l^.o..o^%p..p^np..q^.p..r^'q..s^Sq

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\vi.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):155363
                                              Entropy (8bit):5.800734141236524
                                              Encrypted:false
                                              SSDEEP:3072:fIALmZzHiKMPnq2Piz+sjoO4294sK+UfclzQa1bwNgqoziL89KAJXSW8LTtdLpFd:6ZzHc0FosK+UfmbMYzig9SVX
                                              MD5:8D1DE53FF78406C42FE554ACC82B5983
                                              SHA1:1B80F071914C9A2F071355973DA7FF3D9508298B
                                              SHA-256:314FF8E069D132D43566143FFE0F5CEBC990A015AC32ED550AC687A4FF78D56F
                                              SHA-512:D027A534F8DDAC3C953D81BA635A8A3FE452E7295FB2AA7D8B9D5A718FFF7CD619323E3914DD6A17EACECB0C6D6F5129C9E793B2925F65DABEC83B9389DB295D
                                              Malicious:false
                                              Preview:..........2.j.hF..k.wF..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..F..w..F..y..F..z..G..|..G..}..G...."G....'G..../G....7G....?G....FG....MG....TG....UG....VG....yG.....G.....G.....G.....G.....G.....G.....G.....G.....H....%H....CH....SH....kH....rH....uH....vH.....H.....H.....H.....H.....H.....H.....H.....H.....I....#I..*..I..+.1I..,.OI../.kI..0.xI..1..I..2..I..3..I..4..I..5..I..6./J..7.LJ..>.wJ..?..J..N..J..g..J..i..J..j..J..k..J..l..J...].J...].J...].K...].K...].K...].L...]3L...]uL...].L...].M...].M...].M...].M...^.N...^!N...^ON...^.N...^2O...^rO...^zO...^.O...^.O...^.P...^.P...^$P...^FP...^VP...^.P...^.P...^.P..%^.P..&^.P..'^.Q..)^lQ..*^.Q..+^.Q..,^.Q..-^.Q...^.Q../^!R..0^.R..1^.S..2^.S..3^.S..4^.S..5^.T..8^!T..9^.T..:^.U..;^.U..<^.U..>^/V..?^.V..@^.W..A^.W..B^?W..C^aW..D^.X..E^-Y..F^.Y..G^.Y..I^.Z..K^.Z..L^&Z..M^9Z..N^CZ..O^mZ..T^.Z..U^.Z..V^h[..W^y[..X^.[..Y^.[..Z^E\..[^.\..\^.]..]^1]..b^.^..c^&^..d^/^..e^5^..f^9^..g^S^..h^~^..i^.^..j^.^..k^.^..l^.^..o^.^..p^._..q^#_..r^._

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\zh-CN.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):114748
                                              Entropy (8bit):6.7174096339004095
                                              Encrypted:false
                                              SSDEEP:3072:PyiDrZa1pqA5Rk109nKyeiTAArAJ/dIKqlES:6i81p7vnJcIll1
                                              MD5:B2E2087F9C688DC3EC45A55742BEDB6A
                                              SHA1:8EFD0726B46FC67CDA9FDC9989C707C23C7B031C
                                              SHA-256:2B255293F6C85ABB09162C825AEA120C3E695156EB952D26D1E5F505BA324B37
                                              SHA-512:2382B2B4D56831BD25D5A3535936D8A1039E00A287BD5AF05628C1A6FC54715FC8AD68AD3F207D6E073A588A66D5FA181E124125E7D1F00A5DE54ED658E5C33E
                                              Malicious:false
                                              Preview:..........b.j..F..k..F..l..F..m.&F..o.,F..p.1F..q.7F..r.FF..s.WF..t.`F..v.uF..w..F..|..F..}..F.....F.....F.....F.....F.....F.....F.....F.....F.....F.....F.....G.... G....,G....>G....PG....RG....VG....\G....hG....tG.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H....1H....EH..*.NH..+.QH..,.~H../..H..0..H..1..H..2..H..3..H..4..H..5..I..6.UI..7.jI..>..I..?..I..N..I..g..I..i..I..j..I..k..I..l..I...].I...].I...].J...]yJ...].J...].J...].J...].J...].J...].K...].K...].K...].K...^.K...^.K...^.L...^@L...^.L...^.L...^.L...^.L...^.M...^#M...^)M...^5M...^PM...^bM...^.M...^.M...^.M..%^.M..&^.M..'^.M..)^-N..*^\N..+^kN..,^wN..-^}N...^.N../^.N..0^-O..1^.O..2^9P..3^HP..4^kP..5^wP..8^.P..9^.Q..:^.Q..;^.Q..<^.Q..>^.R..?^tR..@^.R..A^.R..B^.S..C^.S..D^.S..E^^T..F^.T..G^.T..I^.U..K^.U..L^.U..M^.U..N^%U..O^[U..T^.U..U^.U..V^.V..W^EV..X^ZV..Y^.V..Z^.V..[^HW..\^.W..]^.W..b^bX..c^hX..d^nX..e^qX..f^tX..g^.X..h^.X..i^.X..j^.X..k^.X..l^.X..o^.X..p^!Y..q^;Y..r^.Y..s^.Y..t^.Y

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\locales\zh-TW.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):114042
                                              Entropy (8bit):6.719449431220688
                                              Encrypted:false
                                              SSDEEP:3072:KzLhdmOXfT3Ud8iCAJ/U/N/9XiPI5hcWTS:o5f4/s/9y0TS
                                              MD5:32F600C44C8A26FDF518FAFFBCE56B71
                                              SHA1:7481922ABB60EE20F6FAFF9AE4DC4A55F6E6224E
                                              SHA-256:1710CEA2EB84E4FEED749E9E497D01E16B1B244D1A621D380226B8AE7CCE07C6
                                              SHA-512:DA145697AC8D7CE6E8CDF3F6E190C23F9791F4FDC2C1EED2DBC10E8C6377298C4D02DF464752277CD7EC429297860FFE50E7B9DE79632699DD2202B7324F55FE
                                              Malicious:false
                                              Preview:..........c.j..F..k..F..l. F..n.(F..o.-F..p.5F..q.;F..r.JF..s.[F..t.dF..v.yF..w..F..y..F..z..F..|..F..}..F.....F.....F.....F.....F.....F.....F.....F.....F.....G....(G....4G....CG....RG....VG....ZG....`G....iG....uG.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H.....H....;H....OH..*.XH..+.[H..,..H../..H..0..H..1..H..2..H..3..H..4..I..5.#I..6.aI..7.vI..>..I..?..I..N..I..g..I..i..I..j..I..k..I..l..I...].I...].I...].J...].J...].J...].J...].J...].J...]%K...]1K...].K...].L...].L...] L...^/L...^5L...^ML...^zL...^.L...^.M...^.M...^?M...^QM...^lM...^rM...^~M...^.M...^.M...^.M...^.M...^.N..%^.N..&^#N..'^/N..)^.N..*^.N..+^.N..,^.N..-^.N...^.N../^.O..0^.O..1^.O..2^vP..3^.P..4^.P..5^.P..8^.P..9^TQ..:^.Q..;^.R..<^ R..>^MR..?^.R..@^.S..A^(S..B^4S..C^LS..D^.T..E^.T..F^.T..G^.U..I^/U..K^5U..L^AU..M^GU..N^SU..O^.U..T^.U..U^.U..V^FV..W^eV..X^tV..Y^.V..Z^.V..[^FW..\^.W..]^.W..b^DX..c^JX..d^PX..e^SX..f^VX..g^nX..h^.X..i^.X..j^.X..k^.X..l^.X..o^.X..p^.Y..q^.Y..r^]Y..s^qY

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\resources.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):5113713
                                              Entropy (8bit):7.996602002236813
                                              Encrypted:true
                                              SSDEEP:98304:O6z11Kt66I0L1Yk93pP3qPh1348CYCUrwr1ISgMRQK8nXCpGm5vEybt:rz7Kt66KG3ohB48hCUkrGsyCV5vXbt
                                              MD5:A1E5AAFE5A1509EF461D584C98484FF7
                                              SHA1:455A36FFF7A12989D0D1FC944A3C8840141D865A
                                              SHA-256:DD0CDD9201C5966DCC8B3AC3F587FDB05CAD09547E267E0D16B8B1A3CFF14772
                                              SHA-512:F98E33FE7E89A7798C6C274B4220C7C5262A2CEDD0C0A04C7821634679F71145ECA78C7A36A9F576712A00FFBABFABF58C958483D2D69FA9960178A7C3581946
                                              Malicious:false
                                              Preview:............f.....h..&.....&.....&.....*.....0.....0.....0.....0...0.0...0,9...0.;...07M...0nV...0.^...0.`...0Wg...0.i...0.l...0.l...0.n...0.o...0.p...0.u...0Yz...0.....0k....0.....0h....0.....0f....0.....0....0$....0d....0.....0.....0;....0.....0.....0J....0.....0Z....1z....1w....1.....1.....1F3..(7O6..-7.A...7.B../7.E..07sJ..17'T..27.U..37.W..47?l..57.q..67....77...87....97\...:7....;7....<7....=7....>7....?7....@7X...A7....B7Z...C7....D7....E7....F7....G7....H7....j7X...k7....l7....m7H...n7....o7....p7....q7....r7.,..s7.7..t7.d..u7vl..v7L...w7e...x7u...y7!...z7....{7....|7Y...}7...~7u....72....7.....7....7.....7.....7....7....7U....7e....7"....;d....;.....;.....;.....;G....;U....<O....<*....<.....<.....<.....<O....<.....<.....<.....<.....<(2...<.5...<.k...<yp...<.x...<M....<.....<.....<.....<.....<....<.....<.....<j....<.....<O....H.(...H.-...H.2...H.3...H.7...H.J...H.S...H.V...H_Y...Hma...H.f...H,l...H.v...H.|...H=....HR....H.....H.....H.....Hi....H.....H.....H0....H.....H..

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\resources\app.asar

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):35557128
                                              Entropy (8bit):6.210627062782269
                                              Encrypted:false
                                              SSDEEP:196608:3v86TOT8mACM4UfE9cCtP6s6AEDhz2U+RtIa8:EEOntMJE9cCtP6s6AEDhCR2h
                                              MD5:05E228EF13DA21E56C55E2772CE7110B
                                              SHA1:87D351581604D4638C1031ABE52118E207C1B86B
                                              SHA-256:6360D47E3903450C6647E0AE15423A70242E70E714114666FF58A105FE1F29D2
                                              SHA-512:8268F55BC6A421803E6597F9CA75711A9DB2F3DD11863E41606A5F698243F68CAE8F0B9073ABD8447366ADCF5853F89E82F26114F79ABDDA43F4C75EB90171EE
                                              Malicious:false
                                              Preview:....8...4.......{"files":{"icon.ico":{"size":270398,"integrity":{"algorithm":"SHA256","hash":"85db7f849c7a0a41bb581446f773437ef2175b2952ed9224f00c6abbc9543c0f","blockSize":4194304,"blocks":["85db7f849c7a0a41bb581446f773437ef2175b2952ed9224f00c6abbc9543c0f"]},"offset":"0"},"package.json":{"size":1372,"integrity":{"algorithm":"SHA256","hash":"85cce53211667127ebd8aa37ac383a0cf0d1b4fe918509a6df5d0a2c91afa116","blockSize":4194304,"blocks":["85cce53211667127ebd8aa37ac383a0cf0d1b4fe918509a6df5d0a2c91afa116"]},"offset":"270398"},"src.rar":{"size":1390923,"integrity":{"algorithm":"SHA256","hash":"fd786f9c88d4b6534e2e263ebbd27101a3df5f6e579b02b2e98652c1fb1a6998","blockSize":4194304,"blocks":["fd786f9c88d4b6534e2e263ebbd27101a3df5f6e579b02b2e98652c1fb1a6998"]},"offset":"271770"},"src":{"files":{"alien.png":{"size":184182,"integrity":{"algorithm":"SHA256","hash":"61d672610d6b7e83fe83142c2f90b355343f8c9b14ba76efb829d855d0df33c9","blockSize":4194304,"blocks":["61d672610d6b7e83fe83142c2f90b355343f8c9

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\snapshot_blob.bin

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):405456
                                              Entropy (8bit):3.3151721500305027
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:F14A9115EDBCC4697515DB49CDAF5B08
                                              SHA1:9C43D69BA11A03278885DC7F285584278DE9CA11
                                              SHA-256:F25DDF52F68DE295BF1CDBD4F7FC6AA9D8F882A16A2F97B4E08E322B6B90546E
                                              SHA-512:3C646B258A2BA7CD3E1D878D3009D181302D790F324C4C2B10A9EEEBBEAB9C49AB43B15B3154AE99749410DEBB2F3AD8D121979EC11E44AD074E1F675CF05DC0
                                              Malicious:false
                                              Preview:........#..<10.0.139.17-electron.0..........................................h....n......M.......a........a........a........at.......a........a.......... ....9.`H...D..W.....W.....W...D. ..Y.`H...D..W.....W.....W...D. ..`H...D..W.....W.....W...D. ....`H...D..W.....W.....W...D. ....`....D..W.....W.....W...D. ..).`H...D..W.....W.....W...D. ....`H...D..W.....W.....W...D. ..`H...D..W.....W.....W...D. ..`H...D..W.....W.....W...D. ..Y.`H...D..W.....W.....W...D. ..`H...D..W.....W.....W...D.(Jb....!.....@..F^.....U`....`.....(Jb....B.....@..F^...`.....D...IDa........D`....D`....D`.......`.....D].......D`.......VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa............L`.....HD...%.D...L.....................................................................................................................................

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\v8_context_snapshot.bin

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):726296
                                              Entropy (8bit):4.668258384826135
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:DD0D4997DFAB65B96AAD66D035F6029C
                                              SHA1:65FAA1DBB7CCD902F1F1AF544F6941234FF679D3
                                              SHA-256:F033FB86FA92DF1BE464DE590AA312CC016BC5D6BEA26672C896BF4D3F1261CD
                                              SHA-512:86B06BD0F91F50BD13B3AF179F3F498F10A225D25BA5CA32258F75567E601C3F48F7A3FB436C3B0D2BA53CC9EAAA8F74C95B44458628B0EA716563694A3C7002
                                              Malicious:false
                                              Preview:.........lrz10.0.139.17-electron.0..........................................x....v...C......P...M.......a........a........aR.......at.......a........a.......... ....9.`H...D..W.....W.....W...D. ..Y.`H...D..W.....W.....W...D. ..`H...D..W.....W.....W...D. ....`H...D..W.....W.....W...D. ....`....D..W.....W.....W...D. ..).`H...D..W.....W.....W...D. ....`H...D..W.....W.....W...D. ..`H...D..W.....W.....W...D. ..`H...D..W.....W.....W...D. ..Y.`H...D..W.....W.....W...D. ..`H...D..W.....W.....W...D.(Jb....!.....@..F^.....U`....`.....(Jb....B.....@..F^...`.....D...IDa........D`....D`....D`.......`.....D].......D`.......VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa............L`.....HD...%.D...L.............................................................................................................................

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\vk_swiftshader.dll

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                              Category:dropped
                                              Size (bytes):4654592
                                              Entropy (8bit):6.2751649857298615
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:6B40CE4AF617399536D0EA6EDC84BAAD
                                              SHA1:55C91309FE49AF121DD3DE9C24F60B8CFEA680F1
                                              SHA-256:C64B87D7CEBDAEE8B779859059A6C63FB47C8102A4F7311D678895F87B825C59
                                              SHA-512:9C4CADDB2F6BA7D17683D662A1D9ECD2EFCDF1FC081E0127260F0266EDA78B42C684BCAD5BCCBDC03A06619B9AE4960CCEA67472D7650C53E67A5A70BE6E36C6
                                              Malicious:false
                                              Antivirus:
                                              • Antivirus: ReversingLabs, Detection: 0%
                                              Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d.....{b.........." .....":......... .2.......................................H...........`A........................................xeD.....o.D.P.....H.......F..1............H.Pi...6D......................5D.(....S:.0.............D.H............................text....!:......":................. ..`.rdata..L....@:......&:.............@..@.data....,...`E..&...8E.............@....pdata...1....F..2...^E.............@..@.00cfg..(.....G.......F.............@..@.tls....A.....G.......F.............@..._RDATA........G.......F.............@..@.rsrc.........H.......F.............@..@.reloc..Pi....H..j....F.............@..B................................................................................................................................................................................................................................................................

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\vk_swiftshader_icd.json

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:JSON data
                                              Category:dropped
                                              Size (bytes):106
                                              Entropy (8bit):4.724752649036734
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:8642DD3A87E2DE6E991FAE08458E302B
                                              SHA1:9C06735C31CEC00600FD763A92F8112D085BD12A
                                              SHA-256:32D83FF113FEF532A9F97E0D2831F8656628AB1C99E9060F0332B1532839AFD9
                                              SHA-512:F5D37D1B45B006161E4CEFEEBBA1E33AF879A3A51D16EE3FF8C3968C0C36BBAFAE379BF9124C13310B77774C9CBB4FA53114E83F5B48B5314132736E5BB4496F
                                              Malicious:false
                                              Preview:{"file_format_version": "1.0.0", "ICD": {"library_path": ".\\vk_swiftshader.dll", "api_version": "1.0.5"}}

                                              C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\vulkan-1.dll

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                              Category:dropped
                                              Size (bytes):850432
                                              Entropy (8bit):6.547858375062584
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:4783D34314EF4FEB241F4FDF36499521
                                              SHA1:89296D6AC36CD005045DB7307BF31005D0CF29A7
                                              SHA-256:6E8BEB4E9DA77313F40E75C4FFAEEAA522B6F054FD792631EC1EFCF8248CA63B
                                              SHA-512:7EF1B0E89590B4AF20F182BED9D82D5175D1C8C675FC3D05DC0EB2F834052124C877135FC68B2988683CF35E8B25870E45F7C126349D28125C021C8EEB4998AC
                                              Malicious:false
                                              Antivirus:
                                              • Antivirus: ReversingLabs, Detection: 0%
                                              Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d.....{b.........." ......... .......n....................................................`A........................................X...@!......P....p..........|e.............................................(.......0............................................text...v........................... ..`.rdata.............................@..@.data....M....... ...\..............@....pdata..|e.......f...|..............@..@.00cfg..(....@......................@..@.tls.........P......................@..._RDATA.......`......................@..@.rsrc........p......................@..@.reloc..............................@..B................................................................................................................................................................................................................................................................

                                              C:\Users\user\AppData\Local\Temp\Cookies

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:SQLite 3.x database, last written using SQLite version 3038005, file counter 17, database pages 7, 1st free page 5, free pages 2, cookie 0x13, schema 4, UTF-8, version-valid-for 17
                                              Category:dropped
                                              Size (bytes):28672
                                              Entropy (8bit):1.4755077381471955
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:DEE86123FE48584BA0CE07793E703560
                                              SHA1:E80D87A2E55A95BC937AC24525E51AE39D635EF7
                                              SHA-256:60DB12643ECF5B13E6F05E0FBC7E0453D073E0929412E39428D431DB715122C8
                                              SHA-512:65649B808C7AB01A65D18BF259BF98A4E395B091D17E49849573275B7B93238C3C9D1E5592B340ABCE3195F183943CA8FB18C1C6C2B5974B04FE99FCCF582BFB
                                              Malicious:false
                                              Preview:SQLite format 3......@ ..........................................................................[5.........g...$......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                              C:\Users\user\AppData\Local\Temp\Login Data

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:SQLite 3.x database, last written using SQLite version 3038005, page size 2048, file counter 2, database pages 23, cookie 0x19, schema 4, UTF-8, version-valid-for 2
                                              Category:dropped
                                              Size (bytes):49152
                                              Entropy (8bit):0.7876734657715041
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:CF7758A2FF4A94A5D589DEBAED38F82E
                                              SHA1:D3380E70D0CAEB9AD78D14DD970EA480E08232B8
                                              SHA-256:6CA783B84D01BFCF9AA7185D7857401D336BAD407A182345B97096E1F2502B7F
                                              SHA-512:1D0C49B02A159EEB4AA971980CCA02751973E249422A71A0587EE63986A4A0EB8929458BCC575A9898CE3497CC5BDFB7050DF33DF53F5C88D110F386A0804CBF
                                              Malicious:false
                                              Preview:SQLite format 3......@ ..........................................................................[5....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                              C:\Users\user\AppData\Local\Temp\Web Data

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:SQLite 3.x database, last written using SQLite version 3038005, page size 2048, file counter 4, database pages 45, cookie 0x3d, schema 4, UTF-8, version-valid-for 4
                                              Category:dropped
                                              Size (bytes):94208
                                              Entropy (8bit):1.2882898331044472
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:4822E6A71C88A4AB8A27F90192B5A3B3
                                              SHA1:CC07E541426BFF64981CE6DE7D879306C716B6B9
                                              SHA-256:A6E2CCBD736E5892E658020543F4DF20BB422253CAC06B37398AA4935987446E
                                              SHA-512:C4FCA0DBC8A6B00383B593046E30C5754D570AA2009D4E26460833FB1394D348776400174C898701F621C305F53DC03C1B42CF76AA5DC33D5CCD8FA44935B03C
                                              Malicious:false
                                              Preview:SQLite format 3......@ .......-...........=......................................................[5...........*........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                              C:\Users\user\AppData\Local\Temp\a29c34ab-b943-477c-ac6f-48afff1de174.tmp.node

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                              Category:dropped
                                              Size (bytes):598016
                                              Entropy (8bit):5.679946920993194
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:AF4C5AFABFE3A88BF915791DB1FCA9D8
                                              SHA1:F70E537DB7D7883336D2BC03EC2BEF02D05727F8
                                              SHA-256:FA027EB0DEA178A2FC7D32BB2C4B6BBD638508796CED7FEED80E8191171C5BF8
                                              SHA-512:2B8A23920CB5D9347DEAD35E074CF1E31027163037342D63C6B6C0E047735B80DAD3DAA65800E891DF48412AC16189B8F1D2A3572CC05BA7D8EE354774D97CAF
                                              Malicious:false
                                              Antivirus:
                                              • Antivirus: ReversingLabs, Detection: 0%
                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......@.....B..B..B...C..B...C..B...C..Bb.gB..BV..C..BV..C..BV..C .B...C..B..B..B...C..B...C..B..eB..B...C..BRich..B........PE..d...a&8d.........." .........8............................................................`.........................................@...n... 4..<.......<.......$K..................h...8...............................8............0.. ....P..@....................text............................... ..`.rdata...o... ...p..................@..@.data....3...........x..............@....pdata...S.......T..................@..@.idata.......0......................@..@.didat.......P......................@....00cfg..Q....`......................@..@_RDATA.."....p......................@..@.rsrc...<...........................@..@.reloc..............................@..B........................................................................

                                              C:\Users\user\AppData\Local\Temp\epsilon-user.zip

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:Zip archive data, at least v1.0 to extract, compression method=deflate
                                              Category:dropped
                                              Size (bytes):980
                                              Entropy (8bit):6.103011465958223
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:77059E76E822FD76838283FB402B56AE
                                              SHA1:D35E7814CB8CEC89D84E398F468731983BC1EB02
                                              SHA-256:33933E2233A9D2D8287B35BF79086E2E7B292B5B1450F7F491C3459CC30E0227
                                              SHA-512:AD2EF7B9691A3CDD9A0C9898B582E6629F081E59EFC08AB33D4B9DF641685C3F8157C8209FF5C976424D90C7CC30625D6D2AE374F9C4365E94B95243E736937C
                                              Malicious:false
                                              Preview:PK.........x.V...Z...^.......Autofill Data.txt.r...w...Qpq.qTp...Up...-N-*..H,J..q,(pI,I...ON.q..O.I.q.(..M..S....%...((((...{...qq..PK.........x.V................Cookies/PK.........x.V..9.............Cookies/Chrome_Default.txt..A..0.@...t7.9]7....H...2l).L....#....N.<.".M^Hr.f.v.A....yN..0...dL?jH.k&.ud..~...B.../ .....Ybl.......[#..eqQ...<.B........9.h.E...^...R...PK.........x.V.8..Z...^.......Credit Cards.txt.r.ru...Vpv.r.Vp...Up...-N-*..H,J..q,(pI,I...ON.q..O.I.q.(..M..S....%...((((...{...qq..PK.........x.VKA.V...Z.......Passwords.txt..p.....r.Vp...Up...-N-*..H,J..q,(pI,I...ON.q..O.I.q.(..M..S....%...((((...{...qq..PK...........x.V...Z...^.....................Autofill Data.txtPK...........x.V..............................Cookies/PK...........x.V..9...........................Cookies/Chrome_Default.txtPK...........x.V.8..Z...^.....................Credit Cards.txtPK...........x.VKA.V...Z.....................Passwords.txtPK..........6.........

                                              C:\Users\user\AppData\Local\Temp\epsilon-user\Autofill Data.txt

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:ASCII text
                                              Category:dropped
                                              Size (bytes):94
                                              Entropy (8bit):4.852766943069074
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:FFA8F77BAAC50B94395B0C11516B9006
                                              SHA1:63943228D2449D8D13FC4AC1938EE7E59DBA8325
                                              SHA-256:7E907E7A897595DF319360F1AC7807ABF7AB0891C3C91631F9C947F6CEC8068E
                                              SHA-512:D70096B1C477E9C67CE98930B165F9EF434E136DFC080B77EA68486C621F625E809B88C6114FBBF3AB3AAD399A82F2396B5A0E4CCBD74D44B5ACCE65AC1F2C08
                                              Malicious:false
                                              Preview:.AUTOFILL DATA FROM C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ #EPSILON..

                                              C:\Users\user\AppData\Local\Temp\epsilon-user\Cookies\Chrome_Default.txt

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:ASCII text
                                              Category:dropped
                                              Size (bytes):170
                                              Entropy (8bit):5.462595884661604
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:E9FE95CC0BC85EC54ED90D04F5365723
                                              SHA1:ABF83E080FAB6F11135BD3B80C46B0C207D1048C
                                              SHA-256:A4E2C734DF6AAEE8AD520AA3E3902AB4321DA57353FD94C50FC2C67E53B8B8ED
                                              SHA-512:962D1BD95BB04E283DC519D356094A1C2A85A124DEBF0290FC4DD8E9B57A31CB0B1ED1AC871012B321CBF360882AFE5C4854AAC51CA7FC099F479063F024F9BF
                                              Malicious:false
                                              Preview:.COOKIES FROM C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\ #EPSILON..ogs.google.com.TRUE./.FALSE.2597573456.OTZ.6639696_84_88_104280_84_446940.

                                              C:\Users\user\AppData\Local\Temp\epsilon-user\Credit Cards.txt

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:ASCII text
                                              Category:dropped
                                              Size (bytes):94
                                              Entropy (8bit):4.856919703979322
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:76FD4E9C39B60675747AA0E7C3261375
                                              SHA1:AB12D88669E8DA299FC180F80117CC4E8CED5C04
                                              SHA-256:93617D3F1C581C7E549AD103E1A451AB5D7AA610E874BFAF68C22503B120B418
                                              SHA-512:16CA27FBD48D305920DE5D6DAF915906DA46C5FD1D940A0C2544659DCC73FB9D5CC1E95D1040F4B3AB9EF5DD3406A31970A9445D715E3E7B0ACD7919ED383633
                                              Malicious:false
                                              Preview:.CREDITS CARDS FROM C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ #EPSILON..

                                              C:\Users\user\AppData\Local\Temp\epsilon-user\Passwords.txt

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:ASCII text
                                              Category:dropped
                                              Size (bytes):90
                                              Entropy (8bit):4.857690180141172
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:AD7E4608BCFB009BF5935D9D425EF5C9
                                              SHA1:079D02E4489B88FEB32898997E7483EF39CCDC19
                                              SHA-256:5C89D7C442354F75D081464F6C35B6C3485F678340E992A675787667344C74A0
                                              SHA-512:27E2C85204455727B87177492A6007D4CBC70BEC31A84B27894A5AAFAA9A673D07765F19A0783DD59E48CE6D41B2D37362231062E7372E594D6B20D42F888661
                                              Malicious:false
                                              Preview:.PASSWORDS FROM C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ #EPSILON..

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\GalacticShooter.exe

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                              Category:dropped
                                              Size (bytes):146870272
                                              Entropy (8bit):6.7183719212678445
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:93BD0AE322D0293B5AFF20C25B1F71A2
                                              SHA1:6F9C06ED0F5A43826BA928EE1C818A69A52C2C7A
                                              SHA-256:38C81E9D17174F56BF3C22E5994D341AD041254ADA2743160B69D893B8D51EDA
                                              SHA-512:B844328E8BD38B21EA94D1B501CA6E6D6B19E731A6097226F09A71466485F5717082F20BA87B3CAAE7457F43F97EBBE33CC96B59B312EBABA1B7D623E24A8F59
                                              Malicious:false
                                              Antivirus:
                                              • Antivirus: ReversingLabs, Detection: 0%
                                              Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d.....{b..........".......... .......#.........@..........................................`...........................................c.jC..r.f.h...............q:..........p.......VZ.....................`QZ.(...P...0...........8.f.X...HGc.`....................text...H........................... ..`.rdata....M.......M.................@..@.data....HB...j......dj.............@....pdata...q:.....r:..Vr.............@..@.00cfg..(....P.....................@..@.retplne`....`..........................rodata......p..................... ..`.tls....a..........................@...CPADinfo8..........................@..._RDATA.............................@..@malloc_h........................... ..`.rsrc..............................@..@.reloc.......p......................@..B................................................................................................

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\LICENSE.electron.txt

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:ASCII text
                                              Category:dropped
                                              Size (bytes):1096
                                              Entropy (8bit):5.13006727705212
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:4D42118D35941E0F664DDDBD83F633C5
                                              SHA1:2B21EC5F20FE961D15F2B58EFB1368E66D202E5C
                                              SHA-256:5154E165BD6C2CC0CFBCD8916498C7ABAB0497923BAFCD5CB07673FE8480087D
                                              SHA-512:3FFBBA2E4CD689F362378F6B0F6060571F57E228D3755BDD308283BE6CBBEF8C2E84BEB5FCF73E0C3C81CD944D01EE3FCF141733C4D8B3B0162E543E0B9F3E63
                                              Malicious:false
                                              Preview:Copyright (c) Electron contributors.Copyright (c) 2013-2020 GitHub Inc...Permission is hereby granted, free of charge, to any person obtaining.a copy of this software and associated documentation files (the."Software"), to deal in the Software without restriction, including.without limitation the rights to use, copy, modify, merge, publish,.distribute, sublicense, and/or sell copies of the Software, and to.permit persons to whom the Software is furnished to do so, subject to.the following conditions:..The above copyright notice and this permission notice shall be.included in all copies or substantial portions of the Software...THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,.EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF.MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND.NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE.LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION.OF CONTRACT, TORT OR OTHERWISE, ARISIN

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\LICENSES.chromium.html

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:HTML document, ASCII text, with CRLF, LF line terminators
                                              Category:dropped
                                              Size (bytes):5557692
                                              Entropy (8bit):4.82586139211392
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:DFA12F4EDCCB902D7D3B07FAE219F176
                                              SHA1:C2073440A5ADD265B4143DE05E6864FED2C3B840
                                              SHA-256:501F0B7EBF0BE7ED8702D317332A0F8820AF837C0A2A1D7645BA04352270E2B8
                                              SHA-512:EEE3A8E0EEAE139DDD9369D0869C29C91007BF6C5B0D7982918D5A013214A9E80B9233E7C1CCB43124152F684F0B782831B0A6B3D126558261DD161230004E50
                                              Malicious:false
                                              Preview: Generated by licenses.py; do not edit. --><!doctype html>.<html>.<head>.<meta charset="utf-8">.<meta name="viewport" content="width=device-width">.<meta name="color-scheme" content="light dark">.<title>Credits</title>.<link rel="stylesheet" href="chrome://resources/css/text_defaults.css">.<link rel="stylesheet" href="chrome://credits/credits.css">.</head>.<body>.<span class="page-title" style="float:left;">Credits</span>.<a id="print-link" href="#" style="float:right;" hidden>Print</a>.<div style="clear:both; overflow:auto;"> Chromium <3s the following projects -->.<div class="product">.<span class="title">2-dim General Purpose FFT (Fast Fourier/Cosine/Sine Transform) Package</span>.<span class="homepage"><a href="http://www.kurims.kyoto-u.ac.jp/~ooura/fft.html">homepage</a></span>.<input type="checkbox" hidden id="0">.<label class="show" for="0" tabindex="0"></label>.<div class="licence">.<pre>Copyright(C) 1997,2001 Takuya OOURA (email: ooura@kurims.kyoto-u.ac.jp)..You may us

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\chrome_100_percent.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):148598
                                              Entropy (8bit):7.923683311160288
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:237CA1BE894F5E09FD1CCB934229C33B
                                              SHA1:F0DFCF6DB1481315054EFB690DF282FFE53E9FA1
                                              SHA-256:F14362449E2A7C940C095EDA9C41AAD5F1E0B1A1B21D1DC911558291C0C36DD2
                                              SHA-512:1E52782DB4A397E27CE92412192E4DE6D7398EFFAF8C7ACABC9C06A317C2F69EE5C35DA1070EB94020ED89779344B957EDB6B40F871B8A15F969EF787FBB2BCA
                                              Malicious:false
                                              Preview:..................#.Z...:......k.....k.....k ....k.....k=....k.....k.....k.....l.....l.....l;....l."...l2....l.9...l.;...l.<...l.>...l'?...l.H...l.P...l.R...l{S..NziT..Oz.U..PzJW..Qz2Z..Rz+]..Sz^`..Tzod..Uz9h..Vz.k...z.o...z.p...zmr...z.s...z.t...zWu...z.u...zA....z......p.....s.....................................................=...........{.....9............"....1,....Q/.....7.....;....-E....eO.....S....3U.....]....|f....dg.....h.....j.....m.....n.....q.....s....Wu.....w.....y....2z.....{....D}................;..............................................l....N........H.............|....K....0...."...................B....0.......................Y........................o....6..............{....4....F....".........f..........L........t....>.......................:.......................:.....q.....g.....\.....T".....'....z'.....'....'(.....(.....).....*.....+....Z+.....+....+...=,...Q2...;6....6...;7....7...H8....8...a9....9

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\chrome_200_percent.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):219575
                                              Entropy (8bit):7.950067097420845
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:7059AF03603F93898F66981FEB737064
                                              SHA1:668E41A728D2295A455E5E0F0A8D2FEE1781C538
                                              SHA-256:04D699CFC36565FA9C06206BA1C0C51474612C8FE481C6FD1807197DC70661E6
                                              SHA-512:435329D58B56607A2097D82644BE932C60727BE4AE95BC2BCF10B747B7658918073319DFA1386B514D84090304A95FCF19D56827C4B196E4D348745565441544
                                              Malicious:false
                                              Preview:..................#.[...:......k.....k.....ky....k>....k|....kw....k5&...kq+...l.....l.5...l.:...l.B...l.X...l\o...l.q...lBs...l.v...l<w...l.....l....l.....l...Nz....Oz...Pz....Qz....Rz....SzS...Tzp...UzF...Vz.....z.....z.....z.....z.....z.....z|....z.....zf....z.'.....*....3/....u8....~:.....=.....B.....N.....O.....X.....^....id.....i.....p.....r....#w.....{...............4.....%................\................\...../.....O.....\.....q.................q.................o.....m.....Z.....{.....l.............................d..........=....>....C....H....I....K....L...%N....N...OP....Q...BS....T....V....Y....]....b....j....r....s...Du....v....w...^y....z...}~...._.........y........8....W.............E.......................H...............U..............6.....Z.....{.....o.....e...................................I............(.....8.....9....l9.....9....y:.....;.....<.....<....==.....=....=...D>...dD...ZH....H...rI....J....J

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\d3dcompiler_47.dll

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                              Category:dropped
                                              Size (bytes):4524696
                                              Entropy (8bit):6.367051782021837
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:7641E39B7DA4077084D2AFE7C31032E0
                                              SHA1:2256644F69435FF2FEE76DEB04D918083960D1EB
                                              SHA-256:44422E6936DC72B7AC5ED16BB8BCAE164B7554513E52EFB66A3E942CEC328A47
                                              SHA-512:8010E1CB17FA18BBF72D8344E1D63DED7CEF7BE6E7C13434FA6D8E22CE1D58A4D426959BDCB031502D4B145E29CB111AF929FCBC66001111FBC6D7A19E8800A5
                                              Malicious:false
                                              Antivirus:
                                              • Antivirus: ReversingLabs, Detection: 0%
                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......S........................................a.............................................................................Rich....................PE..d.....2..........." ......3.........0.&.......................................E.....VTE...`A..........................................A.x.....A...... E.@.....B..!....D.."...0E....P.>.T....................{7.(...pz7..............{7..............................text...D.3.......3................. ..`.rdata........3.......3.............@..@.data....#....A.......A.............@....pdata...!....B.."...>B.............@..@.rsrc...@.... E......`D.............@..@.reloc......0E......fD.............@..B................................................................................................................................................................................................................................

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\ffmpeg.dll

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                              Category:dropped
                                              Size (bytes):2714112
                                              Entropy (8bit):6.6777628855193685
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:21647425561F9DFA567139D2C505F585
                                              SHA1:EFD5B3D6A21886C6467D28C73D20BE0ACB4591E9
                                              SHA-256:B827172262CEA032BE8303AAE69A947A8D867006269BB8B2BC7E77619333C1B6
                                              SHA-512:C5316A6B2D77CF2C2949698F9CBA92FE1EC57B2AC82D55FBBEFFE71B4834EC06E83728A176F5089C91CC9544DEDA0667F39338F1E9D1A37DB69BD8BAD4AF915A
                                              Malicious:false
                                              Antivirus:
                                              • Antivirus: ReversingLabs, Detection: 0%
                                              Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d.....{b.........." .....(!..>................................................?...........`A........................................X.'.....r.'.(............p>..............P?../....'.......................'.(...`e!.0.............'.0............................text....'!......(!................. ..`.rdata...9...@!..:...,!.............@..@.data.........(.."...f(.............@....pdata.......p>.......(.............@..@.00cfg..(.... ?......4).............@..@.tls.........0?......6).............@..._RDATA.......@?......8).............@..@.reloc.../...P?..0...:).............@..B........................................................................................................................................................................................................................................................................................................

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\icudtl.dat

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):10284336
                                              Entropy (8bit):6.285840716785654
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:D866D68E4A3EAE8CDBFD5FC7A9967D20
                                              SHA1:42A5033597E4BE36CCFA16D19890049BA0E25A56
                                              SHA-256:C61704CC9CF5797BF32301A2B3312158AF3FE86EADC913D937031CF594760C2D
                                              SHA-512:4CC04E708B9C3D854147B097E44FF795F956B8A714AB61DDD5434119ADE768EB4DA4B28938A9477E4CB0D63106CCE09FD1EC86F33AF1C864F4EA599F8D999B97
                                              Malicious:false
                                              Preview:...'........CmnD........ Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html .0....A..p....A.......A..`....A.......A.......A..P....A.. &...B..p&...B...&.. B...n..4B...n..GB...o..ZB.. p..mB...p...B..0r...B...r...B...r...B..Ps...B...t...B..`u...B...v...C..Pw...C...w..+C...y..>C...y..QC...{..dC..p}..wC...}...C.......C..p....C..P....C.......C.. ....C.......C.......D.. ..."D.....5D..0...FD......ZD.....jD.. ...}D.......D.......D.......D..`....D.......D.......D..P....E.......E...../E..P...BE......YE......iE..p...|E.......E.......E..`....E.......E.......E...2...F....&..F..`.&.6F....&.MF....&.gF..@.&.~F....&..F..p.&..F.. .&..F..P.&..F..pY(..F...%)..G....).7G....).YG...K*.yG...*..G..0.+..G.. .+..G....+..G..`.+..H....+..H...e+.6H....+.TH..`.-.mH....-..H....-..H....-..H..`.-..H....-..H..P....H.......I.......I..@...-I...I..@I...J..SI..`J..fI...J..yI...K...I..`K...I...K...I...M...I...p...I...q...I..`....J.......J......4J...$/.IJ..

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\libEGL.dll

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                              Category:dropped
                                              Size (bytes):447488
                                              Entropy (8bit):6.309802860311442
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:91F11A9181583F75E2B29FCD9050C7F5
                                              SHA1:FD90ABC3048F3347435DFBD1075B8051AC6FFABC
                                              SHA-256:43A549FF51CE4EE20074999527B19FBF280A8CAA7DB0BDE957704033B6F5B330
                                              SHA-512:925AC2A87E436219E22A924F615669CB166E8183D6E4DD0F00ED68C16FAA3FFA10AB410106A7F81320F10205415BFF9D10976F1DC0BB695B9293B80101E4CE8A
                                              Malicious:false
                                              Antivirus:
                                              • Antivirus: ReversingLabs, Detection: 0%
                                              Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d.....{b.........." ................0........................................`............`A............................................a...I...(....@..x........=...........P..................................(.......0...........X................................text............................... ..`.rdata..D...........................@..@.data...|L....... ...\..............@....pdata...=.......>...|..............@..@.00cfg..(...........................@..@.tls....!.... ......................@..._RDATA.......0......................@..@.rsrc...x....@......................@..@.reloc.......P......................@..B................................................................................................................................................................................................................................................................

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\libGLESv2.dll

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                              Category:dropped
                                              Size (bytes):7040512
                                              Entropy (8bit):6.411129914957704
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:16DEB84C2DD1D55ED938A112B6CE92D4
                                              SHA1:15ED353F418030E2A3D94C2C77D45605EA9CB3C2
                                              SHA-256:B49922F98946952E96C03C468A4812E0B1E7A090F4E1F96489F48ACC07EBA1F8
                                              SHA-512:BB9EA90E01AC7E633D3E27054206C6070B352CCE196B7B70B989AF2B718DEC3506D3AAF62E3074FDC93E7E23839ED15CCB8A508305170E7BA38920CA21F4047B
                                              Malicious:false
                                              Antivirus:
                                              • Antivirus: ReversingLabs, Detection: 0%
                                              Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d.....{b.........." .....VQ...........F......................................Pl...........`A..........................................b. ...-.c.d....Pk.......i.,............`k......jb......................ib.(... .Q.0........... .c.....0.b.@....................text...UUQ......VQ................. ..`.rdata..|....pQ......ZQ.............@..@.data........pd......Vd.............@....pdata..,.....i......`h.............@..@.00cfg..(.... k......rj.............@..@.tls....1....0k......tj.............@..._RDATA.......@k......vj.............@..@.rsrc........Pk......xj.............@..@.reloc.......`k......~j.............@..B................................................................................................................................................................................................................................................................

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\am.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):192492
                                              Entropy (8bit):5.056947701287817
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:C0490D3C4FF1EE8614225043654AAF0C
                                              SHA1:B044484CED372B5817285B67EBA59F0AF40CB639
                                              SHA-256:E98F3437F6D451FB9FEC33473ABC9F07ABF0794CD45D02AE1DE48CCB9FC5C8B6
                                              SHA-512:3D66B9A2AA4B08B19C635D350342A162879042E926FA41E059E3C62FC68BDD73A91D6A9A41E409EEEE7338DAF0A931F178E9D151B4B9EE9EF6545F8957CCEFB4
                                              Malicious:false
                                              Preview:..........6.j.`F..k.oF..l.zF..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..F..w..F..y..F..z..F..|..G..}..G.....G.....G....'G..../G....7G....>G....EG....LG....MG....NG....zG.....G.....G.....G.....G.....G.....H.....H.....H....8H....jH.....H.....H.....H.....H.....H.....H.....H.....H.....I.....I....%I....<I....HI....UI.....I.....I..*..I..+..I..,..I../..J..0."J..1.~J..2..J..3..J..4..J..5..K..6.|K..7..K..>..K..?..K..N..L..g..L..i..L..j..L..k..L..l.$L...])L...]}L...].L...].M...].M...].M...].M...].N...]hN...]~N...]FP...]hP...]qP...]zP...^.P...^.P...^.P...^"Q...^.Q...^>R...^GR...^.R...^.R...^.R...^.R...^.S...^@S...^_S...^.S...^.S...^.T..%^.T..&^)T..'^BT..)^.T..*^.T..+^.U..,^&U..-^8U...^dU../^.U..0^{V..2^,W..3^FW..4^.W..5^.W..8^.W..9^.X..:^.Y..;^.Y..<^.Y..>^gZ..?^%[..@^.\..A^.\..B^H\..C^|\..D^.^..E^._..F^.`..G^.a..I^Ha..K^Qa..L^pa..M^.a..N^.a..O^.a..T^nb..U^.b..V^fc..W^.c..X^.c..Y^.c..Z^id..[^.d..\^We..]^.e..b^Lf..d^[f..e^af..f^jf..g^.f..h^.f..i^.f..j^.f..k^.g..l^.g..o^8g..p^gg..q^.g..r^.h..s^6h

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\ar.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):198772
                                              Entropy (8bit):5.130198020742576
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:9B610C0107724603B19893C4CCC551A0
                                              SHA1:37D987196C640861B336628D67E22EF283115E7D
                                              SHA-256:F9D96AF7D5EF9E0B4F4EF133A98A64B4398C7AEF04E20688B523E6EA27C61F15
                                              SHA-512:E99C07E474278990027E560D0F0464ED0D59C485226B56C8318470C41B5976602B1D52659996EBEECECC3D59927577202AB6312E07F40F71EB39972AE5296BC6
                                              Malicious:false
                                              Preview:..........>.j.PF..k._F..l.jF..n.rF..o.wF..p..F..q..F..r..F..s..F..t..F..v..F..w..F..y..F..z..F..|..F..}..G.....G.....G.....G.....G....'G.....G....5G....<G....>G....~G.....G.....G.....G.....H.... H....$H.....H....NH....nH.....H.....H.....H.....H.....H.....H.....H.....H.....I.....I.....I....'I..../I....BI.....I.....I..*..I..+..I..,..I../..I..0..I..1.8J..2.MJ..3.fJ..4..J..5..J..6..K..7.<K..>.mK..?.xK..N..K..g..K..i..K..j..K..k..K..l..K...].K...].L...]6L...]9M...]AM...].M...].M...].M...] N...]@N...]/R...]SR...][R...]lR...^.R...^.R...^.R...^.S...^.S...^/T...^3T...^hT...^}T...^.T...^.T...^.T...^.U...^.U...^uU...^.U...^.U..%^.U..&^.U..'^.U..)^TV..*^.V..+^.V..-^.V...^.V../^.W..0^.W..1^bX..2^.Y..3^8Y..4^jY..5^.Y..8^.Y..9^dZ..:^c[..;^y[..<^.[..>^.[..?^.\..@^.]..A^'^..B^L^..C^.^..D^.b..E^zd..F^.f..G^.f..I^.f..K^.f..L^.f..M^.f..N^.g..O^dg..T^.h..U^Qh..V^.h..W^.i..X^/i..Y^.i..Z^,j..[^.j..\^'k..]^wk..b^.l..c^.l..d^.l..e^.l..f^.l..g^.l..h^.l..i^.m..j^.m..k^8m..l^hm..o^.m..p^.n..q^+n..r^.n..s^.n..t^.o

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\bg.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):214333
                                              Entropy (8bit):4.866044052884893
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:7F3FE009D84DDDF6A509AE33D95A7E7B
                                              SHA1:667D804C714FEAB9D104DB211A981357B2B8124F
                                              SHA-256:58BEC94801D09157C852CFBC3CCD9916FAFD1947FDC61C1453456BCE5B054C4E
                                              SHA-512:92151D7589682C7078D9F9915EB6D14D350A13A126A000E4DA29228649926282CAF03CD996E68704F9E5DD0FAF11750F7C4EE105E1655F9BECBE0E267F7FC614
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..G..v..G..w.'G..y.-G..z.<G..|.BG..}.TG....\G....aG....iG....qG....yG.....G.....G.....G.....G.....G.....G.....G.....H....4H....YH....[H...._H....kH....~H.....H.....H.....H....&I....WI....^I....aI....bI....vI.....I.....I.....I.....I.....I.....I.....J....cJ.....J..*..J..+..J..,..J../..K..0.&K..1..K..2..K..3..K..4..L..5.@L..6..L..7..L..>..M..?..M..N.>M..g.LM..i.OM..j.SM..k.ZM..l.hM...]mM...].M...].M...].O...]+O...]rO...].O...].O...]%P...]OP...].Q...].Q...].R...].R...^;R...^MR...^.R...^.R...^9T...^.T...^.T...^.T...^.U...^WU...^xU...^.U...^.U...^)V...^AV...^gV..%^yV..&^.V..'^.V..)^IW..*^.W..+^.W..,^.W..-^.W...^#X../^uX..0^QY..1^.Z..2^.Z..3^.Z..4^.[..5^X[..8^.[..9^t\..:^.]..;^.]..<^.]..>^X^..?^5_..@^._..A^._..B^.`..C^B`..D^.b..E^.b..F^yc..G^.c..I^#d..K^-d..L^Od..M^ad..N^.d..O^.d..T^~e..U^.e..V^.f..W^.f..X^.f..Y^Rg..Z^.h..[^.h..\^#i..]^.i..b^.j..d^.j..e^.j..f^.j..g^.k..h^.k..i^dk..j^ek..k^.k..l^.k..o^.k..p^:l..q^pl..r^.l..s^!m

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\bn.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):274613
                                              Entropy (8bit):4.47502496975818
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:ECFF6F8DC301B6B435DF5E44C2AE8A2A
                                              SHA1:6FDFA4136F3BB5CCD9E4E7B4706DB98F17F85C1B
                                              SHA-256:3250ADECE302934B9A78569D72CA70E596D91865455D5274CCF8D651CCAC5350
                                              SHA-512:C9E22FF9FEF3C2EEF6B25886E32A27FD19D56C1085C993AEA1D5A1528D65735B0628B825A2834A1B8B2512D8ABF59CABB3B35044484F566057826EAA3CFA682D
                                              Malicious:false
                                              Preview:..........4.j.dF..k.sF..l.~F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..F..w..F..y..F..z..F..|..G..}..G.....G....$G....,G....4G....9G....AG....HG....OG....VG....WG....XG.....G.....H....7H....bH.....H.....H.....H.....H.....H.....I....;I....iI.....I.....I.....I.....I.....I.....I.....J.....J....,J....MJ....\J....tJ.....J....&K..*.DK..,.GK../.~K..0..K..1..L..2.,L..3.HL..4..L..5..L..6.}M..7..M..>..N..?. N..N.UN..g.nN..i.qN..j.uN..k.zN..l..N...].N...].N...].O...].P...].P...]9Q...]xQ...].Q...]0R...]\R...].U...]WU...]`U...]xU...^.U...^.U...^ V...^.V...^.W...^.W...^.X...^hX...^.X...^.X...^.X...^.Y...^@Y...^UY...^.Y...^.Y...^.Z..%^+Z..&^UZ..'^{Z..)^'[..*^z[..+^.[..,^.[..-^.[...^H\../^.\..0^.]..1^.^..2^.`..3^/`..4^.`..5^.`..8^.a..9^eb..:^od..;^.d..<^.d..>^4e..?^.f..@^.g..A^.g..B^.g..C^Hh..D^.k..E^Xm..F^.n..G^Po..I^.o..K^.o..L^.o..M^.o..N^.p..O^yp..T^.q..U^.q..V^.r..W^.s..X^Us..Y^}s..Z^Zt..[^.u..\^.u..]^+v..b^.w..c^.w..d^.w..e^.w..f^.w..g^/x..h^.x..i^.x..j^.x..k^.x..l^.x..o^dy..p^.y..q^.z..r^.z

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\ca.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):136216
                                              Entropy (8bit):5.401900922137372
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:65C1F1FAEE2EDBE7D7B6709D7E6B6EF7
                                              SHA1:A81848018BC9978EDB9E764474CF9C9B297BB91C
                                              SHA-256:D8A83A19F8C66742226538AF9489B70C1439F6133591E29A353ADDD9089F67C6
                                              SHA-512:590587A66BF03C2CC61C49CB9452220B3697AD4A00ABC0056017FD0203EBC2980EC8F59337FCD1FF90EEDFA8F8171ACEF5818B1DA856EC78C352498002679FBD
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..G..t..G..v..G..w.+G..y.1G..z.@G..|.FG..}.XG....`G....eG....mG....uG....}G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H....0H....4H....;H....HH....XH....nH.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....I..../I....KI..*.WI..+.ZI..,.xI../..I..0..I..1..I..2..I..3..I..4..J..5.9J..6.vJ..7..J..>..J..?..J..N..J..g..J..i..J..j..J..k..J..l..J...].J...].K...])K...].K...].K...].K...].L...]1L...]hL...]vL...]=M...]XM...]`M...]gM...^}M...^.M...^.M...^.M...^.N...^.N...^.N...^.N...^.N...^.O...^"O...^3O...^JO...^^O...^.O...^.O...^.O..%^.O..&^.O..'^.O..)^0P..*^ZP..+^oP..,^.P..-^.P...^.P../^.P..0^GQ..1^.Q..2^?R..3^\R..4^.R..5^.R..8^.R..9^HS..:^.T..;^+T..<^IT..>^}T..?^.U..@^cU..A^tU..B^.U..C^.U..D^.V..E^AW..F^.W..G^.X..I^:X..K^DX..L^WX..M^bX..N^vX..O^.X..T^.X..U^.Y..V^yY..W^.Y..X^.Y..Y^.Y..Z^OZ..[^.Z..\^.Z..]^*[..b^.[..c^.[..d^.[..e^.[..f^.[..g^.[..h^.\..i^/\..j^0\..k^E\..l^H\..o^i\..p^.\..q^.\

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\cs.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):139589
                                              Entropy (8bit):5.805335191018667
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:C64366988F8D46B6912F2D6BE0120B1A
                                              SHA1:3A33FE58CA30F41EA341CC9B9413A6CBDD6A1E4B
                                              SHA-256:30FD14794EE1088D37387F42E5D366F962FA9273EBA8CCDD9B950646D2DD6172
                                              SHA-512:8990D212AFF170A547733B0CD54055ECF6D30319189A7D88CDA149B8994986C9CCC899D203FA4CEDCDACB3217B2B72E2A9E69AA195B285AA388BF2AF125158FE
                                              Malicious:false
                                              Preview:..........!.j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..G..w..G..y..G..z.$G..|.*G..}.<G....DG....IG....QG....YG....aG....hG....oG....vG....wG....xG.....G.....G.....G.....G.....G.....G.....H.....H.....H....+H....9H....IH....XH....iH....pH....sH....tH.....H.....H.....H.....H.....H.....H.....H.....H.....H.....I..*..I..+..I..,.<I../.YI..0.cI..1..I..2..I..3..I..4..I..5..I..6.4J..7.HJ..>.^J..?.fJ..N.xJ..g..J..i..J..j..J..k..J..l..J...].J...].J...].J...]{K...].K...].K...].K...].K...].L...].L...].M...].N...].N...].N...^"N...^,N...^EN...^hN...^.N...^.O...^.O...^>O...^LO...^wO...^.O...^.O...^.O...^.O...^.O...^.P...^.P..%^ P..&^.P..'^;P..)^.P..*^.P..+^.P..-^.P...^.P../^.P..0^gQ..1^.Q..2^7R..3^MR..4^{R..5^.R..8^.R..9^.S..:^.S..;^.S..<^.T..>^CT..?^.T..@^lU..A^~U..B^.U..C^.U..D^.W..E^.X..F^lY..G^.Y..I^.Y..K^.Y..L^.Y..M^.Y..N^.Y..O^ Z..T^pZ..U^.Z..V^.Z..W^.[..X^([..Y^`[..Z^.[..[^.[..\^B\..]^m\..b^.\..c^.]..d^.]..e^.]..f^.]..g^*]..h^B]..i^Q]..j^T]..k^e]..l^h]..o^.]..p^.]..q^.]..r^.^

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\da.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):127576
                                              Entropy (8bit):5.4328055342090105
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:9FB8A421CAF18588B494C3F34D8764C6
                                              SHA1:201AC33074C76830893197AB9382EC84553F1794
                                              SHA-256:0997BE868557F97F013242C066B192E574B4FA553D13F37F97A1DE714B95A858
                                              SHA-512:59B2FD820F9BD45015444C85FCB55E04027836E62C6A9187E8CE0C2A9AEA6E5E626B76627C9601F69E769D4DDD09F6A8CCC2DFDDA6835E261B94A5AF91D8BBF9
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..G..v..G..w.#G..y.)G..z.8G..|.>G..}.PG....XG....]G....eG....mG....uG....|G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H.....H.....H.....H....%H....2H....=H....QH....cH....jH....mH....nH....uH....~H.....H.....H.....H.....H.....H.....H.....H.....H..*..H..+..H..,..I../.&I..0.0I..1.^I..2.jI..3.tI..4..I..5..I..6..I..7..I..>..I..?..J..N..J..g..J..i.!J..j.%J..k.*J..l./J...]4J...]]J...].J...]6K...]<K...]ZK...]hK...]xK...].K...].K...].M...](M...]/M...]5M...^BM...^OM...^.M...^.M...^4N...^`N...^iN...^.N...^.N...^.N...^.N...^.N...^.N...^.N...^,O...^3O...^FO..%^IO..&^]O..'^eO..)^.O..*^.O..+^.O..,^.O..-^.O...^.P../^(P..0^.P..1^.P..2^UQ..3^gQ..4^.Q..5^.Q..8^.Q..9^.R..:^.R..;^.R..<^.R..>^.S..?^fS..@^.S..A^.S..B^.T..C^.T..D^CU..E^.U..F^YV..G^.V..I^.V..K^.V..L^.V..M^.V..N^.V..O^.W..T^IW..U^oW..V^.W..W^.X..X^.X..Y^<X..Z^.X..[^.X..\^.Y..]^JY..b^.Y..d^.Y..e^.Y..f^.Y..g^.Y..h^.Z..i^!Z..j^"Z..k^0Z..l^3Z..o^HZ..p^}Z..q^.Z..r^.Z

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\de.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):136414
                                              Entropy (8bit):5.486129891558703
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:A4D8EECEC2747FFB12551AB8E93FAFDF
                                              SHA1:59AA4C3A7179C46C7699D0D918DD92722A614DEF
                                              SHA-256:D67F95E2982E7DEBF67741B88CE054F5BB8356021A280E092227B77EC82E298F
                                              SHA-512:1DE20FA8798D050966C99AA0590C7460A40B6FF41AFC36645C1F4655A09F6070530ADBD1D6FB5937D1FC9965C7AAC932DBB06A0FF47F31BCB6D4717EAA81613E
                                              Malicious:false
                                              Preview:..........F.j.@F..k.OF..l.ZF..n.bF..o.gF..p.tF..q.zF..r..F..s..F..t..F..v..F..w..F..y..F..z..F..|..F..}..F.....F.....F.....G.....G.....G.....G....%G....,G....-G.....G....gG....xG.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H....-H....FH....MH....PH....QH....[H....eH....yH.....H.....H.....H.....H.....H.....H.....H..*..H..+..I..,..I.././I..0.7I..1.\I..2.jI..3.sI..4..I..5..I..6..J..7..J..>.*J..?.2J..N.GJ..g.RJ..i.UJ..j.YJ..k.bJ..l.hJ...]uJ...].J...].J...]{K...].K...].K...].K...].K...].L...],L...]%M...]<M...]CM...]IM...^fM...^sM...^.M...^.M...^VN...^.N...^.N...^.N...^.N...^.N...^.N...^.O...^.O...^2O...^mO...^{O...^.O..%^.O..&^.O..'^.O..)^.P..*^#P..+^4P..,^DP..-^JP...^mP../^.P..0^.Q..1^.Q..2^TR..3^kR..4^.R..5^.R..8^.R..9^SS..:^!T..;^0T..<^LT..>^tT..?^.T..@^ZU..A^aU..B^lU..C^.U..D^.V..E^.W..F^.W..G^.X..I^)X..K^2X..L^@X..M^IX..N^XX..O^.X..T^.X..U^.Y..V^.Y..W^.Y..X^.Y..Y^.Y..Z^2Z..[^.Z..\^.Z..]^.[..b^.[..d^.[..e^.[..f^.[..g^.[..h^.[..i^.\..j^.\..k^#\..l^&\..o^>\..p^h\..q^.\..r^.\

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\el.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):235472
                                              Entropy (8bit):4.928800315357694
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:DC334C39FA35F04D554FD6BF4D6301BE
                                              SHA1:8F83F39B41447E479E1DE761721FC35B22A1F227
                                              SHA-256:168FDC777570FA85C16EE7A701BEF28FE6D7EB943A674AD8681A2F9FCEDD2635
                                              SHA-512:E4F0FE4AC83DF9F106D60DE2D4563519512D1B088ABB0FD52D4D459CCF093397C5F56E41958111AD67AB9A19DC2A9DD6870356BE2E344559DEAF757D3B96B7A1
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..G..w..G..y..G..z.*G..|.0G..}.BG....JG....OG....WG...._G....gG....nG....uG....|G....}G....~G.....G.....H....+H....eH.....H.....H.....H.....H.....H.....H.....I....2I...._I.....I.....I.....I.....I.....I.....I.....I.....I.....J.....J...."J....2J.....J.....J..*..J..+..K..,. K../.pK..0..K..1..L..2.2L..3.JL..4..L..5..L..6.TM..7.|M..>..M..?..M..N..M..g..M..i..N..j..N..k..N..l..N...].N...]tN...].N...].O...].O...]CP...]jP...].P...].Q...]0Q...].R...].S...].S...]#S...^WS...^iS...^.S...^.S...^/U...^.U...^.U...^.V...^)V...^]V...^mV...^.V...^.V...^.V...^oW...^.W...^.W..%^.W..&^.W..'^.X..)^.X..*^.X..+^.Y..,^.Y..-^FY...^.Y../^.Y..0^.Z..1^.[..2^.\..3^.\..4^:]..5^a]..8^.]..9^.^..:^;`..;^V`..<^z`..>^.`..?^.a..@^sb..A^.b..B^.b..C^.b..D^.d..E^.e..F^.f..G^Qg..I^.g..K^.g..L^.g..M^.g..N^.g..O^8h..T^.h..U^.i..V^.i..W^Wj..X^xj..Y^.j..Z^.k..[^Ll..\^.m..]^jm..b^.n..c^.n..d^.n..e^.n..f^.n..g^.n..h^.o..i^3o..j^4o..k^So..l^Vo..o^.o..p^.o..q^.o

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\en-GB.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):112584
                                              Entropy (8bit):5.476085642762499
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:998947B55A25776181CC11110902F6D7
                                              SHA1:A93272EB26EB9977833FB809DF593759F2533570
                                              SHA-256:FCBCDFB71363750A9E404A365A00F196C9ED4FE149532580F149811475B45636
                                              SHA-512:A58B9B8BF6C2C2B14F870FDD3557B18AA002F5CC8C270EB0D35A1AAB3CB864CF472328F0515039515879C9B355569B7D049CA1A1569304CF347B40B5815B726F
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..G..t..G..v."G..w./G..y.5G..z.DG..|.JG..}.\G....dG....iG....qG....yG.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H.....H.....H....(H....8H....MH....bH....iH....lH....mH....uH....}H.....H.....H.....H.....H.....H.....H.....H.....H..*..H..+..H..,..I../..I..0.!I..1.UI..2.cI..3.iI..4.}I..5..I..6..I..7..I..>..I..?..I..N..J..g..J..i..J..j..J..k..J..l..J...]#J...]DJ...]SJ...].J...].J...].J...].J...].J...]"K...]/K...].K...].K...].K...].K...^.L...^.L...^.L...^=L...^.L...^.L...^.L...^.L...^.L...^.L...^.L...^.M...^(M...^5M...^mM...^wM...^.M..%^.M..&^.M..'^.M..)^.M..*^.N..+^.N..,^.N..-^.N...^*N../^PN..0^.N..1^.N..2^UO..3^dO..4^.O..5^.O..8^.O..9^(P..:^.P..;^.P..<^.P..>^.Q..?^{Q..@^.Q..A^.Q..B^.Q..C^.R..D^.R..E^wS..F^.S..G^.T..I^8T..K^>T..L^HT..M^OT..N^ZT..O^vT..T^.T..U^.T..V^,U..W^@U..X^PU..Y^tU..Z^.U..[^.V..\^OV..]^sV..b^.V..c^.V..d^.W..e^.W..f^.W..g^.W..h^2W..i^EW..j^FW..k^QW..l^TW..o^kW..p^.W..q^.W

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\en-US.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):113481
                                              Entropy (8bit):5.470392531977106
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:5CC884BF0EC1C702240173B35A421D1B
                                              SHA1:19BDFB0B31DC4A75E7C135D1A8EF76F5F6CC3A31
                                              SHA-256:9F0C75C84381360677055D6197812C7A6C42DBFC6134EB8212D8A60ED1CA1601
                                              SHA-512:48772F50F6B0D846084A0CFB0D6433F2FBF73677B557B022D0D73D04790636C0C40ED873C32FD037013E943FB7C24816EFDCDE38429520895C00C2D85A17EA5C
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..G..r..G..s."G..t.+G..v.@G..w.MG..y.SG..z.bG..|.hG..}.zG.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H.....H....!H....%H....,H....6H....FH....VH....kH.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H..*..I..+..I..,.%I../.6I..0.?I..1.rI..2..I..3..I..4..I..5..I..6..I..7..I..>..J..?..J..N..J..g.(J..i.+J..j./J..k.4J..l.;J...]@J...]aJ...]pJ...].J...].J...].J...].K...].K...]?K...]LK...].L...].L...]"L...](L...^1L...^9L...^KL...^jL...^.L...^.L...^.L...^.M...^.M...^.M...^&M...^9M...^UM...^bM...^.M...^.M...^.M..%^.M..&^.M..'^.M..)^.N..*^-N..+^7N..,^CN..-^GN...^VN../^xN..0^.N..1^.O..2^yO..3^.O..4^.O..5^.O..8^.O..9^OP..:^.P..;^.Q..<^.Q..>^>Q..?^.Q..@^.R..A^.R..B^'R..C^@R..D^5S..E^.S..F^:T..G^kT..I^.T..K^.T..L^.T..M^.T..N^.T..O^.T..T^.U..U^+U..V^.U..W^.U..X^.U..Y^.U..Z^%V..[^gV..\^.V..]^.V..b^PW..c^WW..d^]W..e^bW..f^fW..g^xW..h^.W..i^.W..j^.W..k^.W..l^.W..o^.W..p^.W..q^.X

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\es-419.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):135123
                                              Entropy (8bit):5.373057629573399
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:10B1D1097987EA050A5791ECEB5EABDA
                                              SHA1:C0812FBC16592A39CD1600196E62D0000B22BD73
                                              SHA-256:04B24396CC017E1DBB0BCA7371D7CAE10CAD2350DA661A8A035B572AA76CBD49
                                              SHA-512:F2A6767EAE2D5EEBFF35F6B7D3A932FFD797FDFB48023C75B3C98B1CED5B3695EC12E642D68582DA1AACAC1C59B0D3A2F029C702D0DF02D7B08430384D40E178
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..G..v..G..w.)G..y./G..z.>G..|.DG..}.VG....^G....cG....kG....sG....{G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H.....H.....H....!H....2H....EH....XH....pH.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....I....5I..*.@I..+.CI..,.aI../..I..0..I..1..I..2..I..3..I..4..J..5.*J..6.qJ..7..J..>..J..?..J..N..J..g..J..i..J..j..J..k..J..l..J...].J...].K...]3K...].K...].K...].L...]!L...]4L...]hL...]wL...]TM...]uM...]~M...].M...^.M...^.M...^.M...^.M...^.N...^.N...^.N...^.N...^.N...^&O...^/O...^AO...^UO...^cO...^.O...^.O...^.O..%^.O..&^.O..'^.O..)^4P..*^hP..+^xP..,^.P..-^.P...^.P../^.P..0^EQ..1^.Q..2^SR..3^sR..4^.R..5^.R..8^.R..9^_S..:^)T..;^@T..<^UT..>^.T..?^.U..@^yU..A^.U..B^.U..C^.U..D^.V..E^.W..F^.W..G^.W..I^.X..K^.X..L^)X..M^4X..N^BX..O^hX..T^.X..U^.X..V^JY..W^jY..X^}Y..Y^.Y..Z^.Z..[^jZ..\^.Z..]^.Z..b^.[..c^.[..d^.[..e^.[..f^.[..g^.[..h^.\..i^.\..j^.\..k^*\..l^-\..o^T\..p^.\..q^.\

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\es.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):136317
                                              Entropy (8bit):5.340572969000703
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:460ED6807D7A0E5DDE909D706B4F267C
                                              SHA1:D4948B217B8A2E620E7AAC7A04C2E8483AA84B3C
                                              SHA-256:665E93CA25DE6050A4FBC1F343D67496D6E1E296DBBCC9EDF3DAB7BBCF1035DB
                                              SHA-512:FA6C57DCFDB6E53FA13FBB353C3C581C3DFBD4D34AE7612B1F780F4DA944DA253767FE86AB3C5A3EAE918A339649828643FD50B9F66BB943F29924E713891D98
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..G..t..G..v..G..w.+G..y.1G..z.@G..|.FG..}.XG....`G....eG....mG....uG....}G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H.....H....!H..../H....@H....SH....fH....~H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....I....>I..*.II..+.LI..,.jI../..I..0..I..1..I..2..I..3..I..4..J..5. J..6.lJ..7.}J..>..J..?..J..N..J..g..J..i..J..j..J..k..J..l..J...].J...].K...]"K...].K...].K...].K...].L...].L...]?L...]NL...]%M...]@M...]IM...]OM...^`M...^nM...^.M...^.M...^YN...^.N...^.N...^.N...^.N...^.O...^.O...^!O...^:O...^HO...^.O...^.O...^.O..%^.O..&^.O..'^.O..)^)P..*^]P..+^mP..,^.P..-^.P...^.P../^.P..0^GQ..1^.Q..2^6R..3^VR..4^.R..5^.R..8^.R..9^5S..:^.S..;^.S..<^.T..>^HT..?^.T..@^.U..A^$U..B^6U..C^[U..D^VV..E^.V..F^JW..G^.W..I^.W..K^.W..L^.W..M^.W..N^.W..O^'X..T^yX..U^.X..V^.Y..W^?Y..X^RY..Y^.Y..Z^.Z..[^eZ..\^.Z..]^.Z..b^.[..c^.[..d^.[..e^.[..f^.[..g^.[..h^.[..i^.\..j^.\..k^.\..l^.\..o^1\..p^V\..q^y\

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\et.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):123538
                                              Entropy (8bit):5.464890802945206
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:9EB930ED036C2828877BBEAED94071B2
                                              SHA1:B410F1CBD1774FD2036C5E8424022554B1FC61F9
                                              SHA-256:502AB41D852C69EA961DF20B79480FD9D38F99BBAD07A4D1B5E7143BA1F7BDC3
                                              SHA-512:86A0C8C6ED19C801705D0CD07A5634C6D234329D4A3AFC10F2E221ABE6A21DEA0F3CB808E2DAF94BDF113B64B7ACDE6AC836BA238D9F8B5F7BB355DA1346E402
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..G..t..G..v..G..w.;G..y.AG..z.PG..|.VG..}.hG....pG....uG....}G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H....#H....%H....)H....5H....AH....JH....ZH....iH....~H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....I.....I..*.'I..+.*I..,.HI../.bI..0.oI..1..I..2..I..3..I..4..I..5..I..6..J..7.5J..>.NJ..?.VJ..N.eJ..g.oJ..i.rJ..j.vJ..k.}J..l..J...].J...].J...].J...]}K...].K...].K...].K...].K...].L...] L...].L...].M...].M...].M...^-M...^3M...^MM...^tM...^.M...^ N...^%N...^UN...^dN...^.N...^.N...^.N...^.N...^.N...^.N...^.O...^.O..%^.O..&^1O..'^?O..)^.O..*^.O..+^.O..,^.O..-^.O...^.O../^.P..0^tP..1^.P..2^LQ..3^^Q..4^.Q..5^.Q..8^.Q..9^(R..:^.R..;^.R..<^.R..>^$S..?^.S..@^.T..A^.T..B^.T..C^FT..D^>U..E^.U..F^.V..G^RV..I^lV..K^tV..L^.V..M^.V..N^.V..O^.V..T^.W..U^+W..V^.W..W^.W..X^.W..Y^.W..Z^AX..[^.X..\^.X..]^.X..b^gY..d^nY..e^qY..f^vY..g^.Y..h^.Y..i^.Y..j^.Y..k^.Y..l^.Y..o^.Y..p^.Z..q^DZ..r^.Z

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\fa.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):190789
                                              Entropy (8bit):5.232451563180468
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:993FFA47D0354C2A9B9B4D378026E653
                                              SHA1:416EF059058FAE7E91D79E94C0AE4CC56D604F3B
                                              SHA-256:309CEC5292EE0361D45796C2234CF40A064249DA09108B1DA75BF570963941A2
                                              SHA-512:D1ED53F52858090641058AD924E42BAD29610E8E7546279325335C4D8EB9F5830FFE32FA35DACB18040090078A4466199A586D3EA4E82247B73BAB02ECEB17C7
                                              Malicious:false
                                              Preview:..........P.j.,F..k.;F..l.FF..n.NF..o.SF..p.`F..q.fF..r.uF..s..F..t..F..v..F..w..F..y..F..z..F..|..F..}..F.....F.....F.....F.....F.....G.....G.....G.....G.....G....bG....|G.....G.....G.....G.....G.....G.....G.....H....$H....JH....gH.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....I.....I....oI.....I..*..I..+..I..,..I../..I..0..J..1.GJ..2.VJ..3.iJ..4..J..5..J..6.,K..7.dK..>..K..?..K..N..K..g..K..i..K..j..K..k..K..l..K...].K...]CL...]nL...]lM...].M...].M...].M...].N...]lN...].N...]YP...].P...].P...].P...^.P...^.P...^"Q...^kQ...^GR...^.R...^.R...^.R...^.S...^>S...^HS...^pS...^.S...^.S...^.T...^)T...^GT..%^QT..&^mT..'^.T..)^.T..*^(U..+^CU..,^_U..-^gU...^.U../^.U..0^.V..1^.W..2^.X..3^.X..4^.X..5^.Y..8^)Y..9^.Z..:^K[..;^l[..<^.[..>^.[..?^.\..@^.]..A^.]..B^.]..C^.]..D^_`..E^Ua..F^Kb..G^.b..K^.b..L^.c..M^.c..N^)c..O^nc..T^.c..U^Kd..V^.d..W^.e..X^*e..Y^he..Z^.e..[^rf..\^.f..]^'g..b^.g..d^.g..e^.h..f^.h..g^3h..h^Qh..i^rh..j^sh..k^.h..l^.h..o^.h..p^.h..q^-i..r^.i..s^.i..t^.j..v^!j

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\fi.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):125760
                                              Entropy (8bit):5.447273613792246
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:DD7E21B02BDCED910A171D592FAE0B18
                                              SHA1:CC28F1B8F0B06E71DAC3802EE26F644837982FA5
                                              SHA-256:9E1C20ECDBE9D15386ED493D0AC839612CC91A2284D5A97D9DC38EA2C90A3DC1
                                              SHA-512:12B3FD4BA110087074D5BEF6237EEBA96EDEFBCC31BB701142DA058034AF591A627B7B07550670689733A32C747991AE4555884796D29631B7865D06B13E90F7
                                              Malicious:false
                                              Preview:..........#.j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..F..w..G..y..G..z. G..|.&G..}.8G....@G....EG....MG....UG....]G....dG....kG....rG....sG....tG.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H....%H....7H....FH....UH....\H...._H....`H....iH....qH....xH....}H.....H.....H.....H.....H.....H.....H..*..H..+..H..,..I../.)I..0.7I..1.oI..2.}I..3..I..4..I..5..I..6..I..7..J..>.;J..?.DJ..N.cJ..g.nJ..i.qJ..j.uJ..k.zJ..l..J...].J...].J...].J...]gK...]lK...].K...].K...].K...].K...].L...].L...].M...].M...].M...^!M...^*M...^=M...^mM...^.M...^.N...^.N...^2N...^@N...^_N...^dN...^sN...^.N...^.N...^.N...^.N...^.N..%^.N..&^.O..'^.O..)^VO..*^{O..+^.O..,^.O..-^.O...^.O../^.O..0^VP..1^.P..2^.Q..3^+Q..4^UQ..5^bQ..8^.Q..9^.R..:^.R..;^.R..<^.R..>^"S..?^.S..@^.S..A^.S..B^.T..C^*T..D^.U..E^.U..F^.V..G^5V..I^UV..K^YV..L^gV..M^sV..N^.V..O^.V..T^.V..U^.W..V^`W..W^rW..X^.W..Y^.W..Z^.W..[^>X..\^.X..]^.X..b^.Y..d^ Y..e^(Y..f^-Y..g^DY..h^[Y..i^qY..j^rY..k^.Y..l^.Y..o^.Y..p^.Y..q^.Y..r^.Z

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\fil.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):140356
                                              Entropy (8bit):5.190245344679947
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:9F3A970C8FED49AC50BDDBF09DD9A950
                                              SHA1:E8B986D42D4A79C513BF2DA3D3314FBF55A2A960
                                              SHA-256:7A4C4822516F47CDBABC4B9EF45B710B057A056BC29D3A4A270A22E963E257D3
                                              SHA-512:4533A05B38E45F8CEDFFDECEFB77ED9AF44ABA799F030A770B616EC7867FD0D7893DE67528A611D1002D18E3EE7F8799944804E008EC8217CBF59E03A19139B5
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..G..s..G..t..G..v.0G..w.=G..y.CG..z.RG..|.XG..}.jG....rG....wG.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H....!H....#H....'H....-H....7H....@H....WH....pH.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H....2I....YI..*.gI..+.jI..,..I../..I..0..I..1..I..2..I..3..I..4..J..5.5J..6.nJ..7..J..>..J..?..J..N..J..g..J..i..J..j..J..k..J..l..J...].J...].K...]0K...].K...].K...].K...].K...].L...]EL...]ZL...].M...].M...].M...].M...^.M...^.M...^.M...^&N...^.N...^.N...^.N...^.O...^.O...^)O...^3O...^MO...^fO...^zO...^.O...^.O...^.O..%^.O..&^.O..'^.O..)^EP..*^gP..+^wP..,^.P..-^.P...^.P../^.P..0^>Q..1^.Q..2^.R..3^5R..4^fR..5^~R..8^.R..9^,S..:^.S..;^.T..<^.T..>^JT..?^.T..@^YU..A^eU..B^yU..C^.U..D^.W..E^.W..F^vX..G^.X..I^.X..K^.X..L^.X..M^.Y..N^.Y..O^;Y..T^.Y..U^.Y..V^.Z..W^2Z..X^IZ..Y^yZ..Z^.Z..[^1[..\^.[..]^.[..b^X\..c^c\..d^k\..e^p\..f^t\..g^.\..h^.\..i^.\..j^.\..k^.\..l^.\..o^.\..p^ ]..q^?]

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\fr.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):145490
                                              Entropy (8bit):5.383401113888468
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:B7AD524464A61CFE4A5BE1D41C069D4B
                                              SHA1:9EB5C98999D5EA3B0BE56DDEC39BAF58BA5EB078
                                              SHA-256:5B9951426B8783B203B8ED44EBAB916CA8AF020B9E0A32F7249ED9021CCE1C3C
                                              SHA-512:9B6B3274A98097E79DA946B90DA8B0A50575D202A8D76A07868CE03BCAC69C1B848A9A28A55814683E44C8760E5D7A0F25CFF18C974349FB393B9BDAAAADA8E4
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..G..w..G..y..G..z.(G..|..G..}.@G....HG....MG....UG....]G....eG....lG....sG....zG....{G....|G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H....7H....NH....fH....mH....pH....qH....yH.....H.....H.....H.....H.....H.....H.....H.....H.....I..*..I..+..I..,.9I../.PI..0.^I..1..I..2..I..3..I..4..I..5..I..6.BJ..7.SJ..>.kJ..?.vJ..N..J..g..J..i..J..j..J..k..J..l..J...].J...].J...].J...].K...].K...].K...].K...].K...]4L...]HL...]jM...]}M...].M...].M...^.M...^.M...^.M...^.N...^.N...^.N...^.N...^.N...^.O...^%O...^.O...^EO...^hO...^.O...^.O...^.O...^.O..%^.O..&^.P..'^ P..)^sP..*^.P..+^.P..-^.P...^.P../^.Q..0^.Q..1^2R..2^.R..3^.R..4^.S..5^.S..8^6S..9^.S..:^.T..;^.T..<^.T..>^.T..?^.U..@^?V..A^RV..B^oV..C^.V..D^SX..E^$Y..F^.Y..G^)Z..K^UZ..L^hZ..M^rZ..N^.Z..O^.Z..T^.[..U^2[..V^.[..W^.[..X^.[..Y^.\..Z^.\..[^.\..\^Z]..]^.]..b^H^..c^Q^..d^X^..e^\^..f^b^..g^{^..h^.^..i^.^..j^.^..k^.^..l^.^..o^.^..p^._..q^0_..r^s_..s^._

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\gu.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):265683
                                              Entropy (8bit):4.514931934952092
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:45943AE45049D9B7D76068D3721D6C8F
                                              SHA1:0BC3F9B24F0C8CA0078AC7780A21F623B8D7F9E6
                                              SHA-256:AA885CBBF8A13FB95405CC3DCA6677545FD51E303A65897D14ED019955C040DA
                                              SHA-512:7CD2BEC685CE103DCB0900BE832C472BCD1619F549FFC2864A2AE61B60B06565ACC95DC25222521E192362F8D3C4F8816BD1C3438AF7BAD826561247326CBA99
                                              Malicious:false
                                              Preview:..........2.j.hF..k.wF..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..F..w..F..y..F..z..G..|..G..}..G...."G....'G..../G....7G....?G....FG....MG....TG....UG....VG.....G.....G.....H....BH....zH....|H.....H.....H.....H.....H.....I....+I....XI....|I.....I.....I.....I.....I.....I.....I.....I.....J....$J....0J....RJ.....J.....J..*..K..+..K..,.-K../.aK..0..K..1..K..2..L..3.$L..4.XL..5..L..6..L..7.%M..>..M..?..M..N..M..g..M..i..M..j..M..k..M..l..M...].M...]FN...].N...].O...].O...]&P...]iP...].P...]>Q...]dQ...]4T...]\T...]eT...]zT...^.T...^.T...^/U...^.U...^.V...^.V...^.W...^^W...^zW...^.W...^.W...^.W...^4X...^`X...^.Y...^0Y...^aY..%^pY..&^.Y..'^.Y..)^\Z..*^.Z..+^.Z..,^.Z..-^.[...^E[../^.[..0^.\..1^.]..2^.^..3^.^..4^%_..5^N_..8^._..9^.`..:^.b..;^.b..<^.b..>^ic..?^.d..@^.e..A^.e..B^.f..C^.f..D^&j..E^.k..F^.l..G^em..I^.m..K^.m..L^.m..M^.n..N^+n..O^.n..T^6o..U^.o..V^.p..W^.p..X^.p..Y^Vq..Z^?r..[^.s..\^.s..]^.t..b^Vu..c^ru..d^.u..e^.u..f^.u..g^.u..h^]v..i^.v..j^.v..k^.v..l^.v..o^Bw..p^.w..q^.w

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\he.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):167370
                                              Entropy (8bit):4.897123170448971
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:3716C23FA0D68B698F5FD41153757622
                                              SHA1:800CC99237FD8C2151C90E01D6C78978617C0F27
                                              SHA-256:45E428FE527BCC746039A9822DB7F5DF12FD651452209A8746182383C2C004EC
                                              SHA-512:D738DA7FBB6BDA597F2C381C533BA70B8E0A8417E943A17FC91AF455492B04E7607CDD89EB3CB6D2D70F0B87BF89BFBD6FD96DF18603F0FAE485FEE9C7FFFD70
                                              Malicious:false
                                              Preview:..........=.j.RF..k.aF..l.lF..n.tF..o.yF..p..F..q..F..r..F..s..F..t..F..v..F..w..F..y..F..z..F..|..F..}..G.....G.....G.....G....!G....)G....0G....7G....>G....?G....@G.....G.....G.....G.....G.....G.....G.....G.....H....,H....?H....VH....iH.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....I....TI....{I..*..I..+..I..,..I../..I..0..I..1..J..2..J..3.*J..4.NJ..5.}J..6..J..7..J..>..J..?..K..N..K..g.&K..i.)K..j.-K..k.2K..l.:K...]?K...]tK...].K...]cL...]pL...].L...].L...].L...]GM...]cM...].O...].O...].O...].P...^$P...^0P...^[P...^.P...^[Q...^.Q...^.Q...^.Q...^.R...^:R...^BR...^QR...^uR...^.R...^.R...^.R...^.R..%^.S..&^$S..'^;S..)^.S..*^.S..+^.S..,^.S..-^.T...^-T../^iT..0^.T..1^.U..2^/V..3^GV..4^yV..5^.V..8^.V..9^`W..:^OX..;^lX..<^.X..>^.X..?^xY..@^fZ..A^xZ..B^.Z..C^.Z..D^T]..E^~^..F^._..G^.`..I^5`..K^?`..L^V`..M^c`..N^x`..O^.`..T^.a..U^Aa..V^.a..W^.a..X^.b..Y^Zb..Z^.b..[^%c..\^.c..]^.c..b^od..c^yd..d^.d..e^.d..f^.d..g^.d..h^.d..i^.d..j^.d..k^.e..l^.e..o^6e..p^pe..q^.e

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\hi.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):273942
                                              Entropy (8bit):4.493588587563909
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:0CE87D6655517DCB4D74E5130F235C89
                                              SHA1:0A61C0E385523BC55B3AB2435E7D1231548D3BD2
                                              SHA-256:79FC8A24C93E19ED052DDC0F158E516198A10DF7280265CCB769EE196A438CD7
                                              SHA-512:18ED9D0D354CD8DE96A54A6F793E6C59FF476F02106F7C3CA309175DFBDB00271AA3290BA9805F1B9484E7FAF2CC44E3AC93AA69B7D30C8E99EE31E29D7E4808
                                              Malicious:false
                                              Preview:..........A.j.JF..k.YF..l.dF..n.lF..o.qF..p.~F..q..F..r..F..s..F..t..F..v..F..w..F..y..F..z..F..|..F..}..F.....G.....G.....G.....G....!G....(G..../G....6G....7G....8G.....G.....G.....H....<H....mH....oH....sH.....H.....H.....H.....H.....I....FI....pI....wI....zI....|I.....I.....I.....I.....I.....J....*J....CJ....YJ.....J.....J..*..K..+..K..,.-K../.mK..0..K..1..L..2.#L..3.CL..4..L..5..L..6..M..7.YM..>..M..?..M..N..M..g..N..i..N..j..N..k. N..l..N...]3N...].N...]SO...].Q...].Q...].R...]FR...].R...]2S...]^S...].V...].V...].V...].V...^TW...^fW...^.W...^!X...^.Y...^8Z...^NZ...^.[...^:[...^.[...^.[...^.\...^c\...^.\...^:]...^^]...^z]..%^.]..&^.]..'^.]..)^.^..*^.^..+^._..,^G_..-^W_...^._../^.`..0^.a..1^.a..2^.b..3^.c..4^^c..5^.c..8^.c..9^.e..:^.f..;^.f..<^.g..>^.g..?^.h..@^.i..A^$j..B^Uj..C^.j..D^.m..E^.o..F^Ap..G^.p..I^.q..K^.q..L^;q..M^Mq..N^lq..O^.r..T^?s..U^.s..V^.t..W^.t..X^.t..Y^2u..Z^.v..[^.v..\^.w..]^Dx..b^xy..d^.y..e^.y..f^.y..g^.y..h^Bz..i^.z..j^.z..k^.z..l^.z..o^#{..p^.{..q^I|..r^.|

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\hr.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):133955
                                              Entropy (8bit):5.502579129345829
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:B8A77FDFDF62A844C90FE62DE0B6858A
                                              SHA1:B601AB105FCB328AF4B17B3E1DBEBF94ECDDAB33
                                              SHA-256:AD13BAB195D7619C58494D592CB11C22DDDCF3B2735804BE60F951F87DDD734B
                                              SHA-512:164122955B11EAF5E88BC61366C473B7A67C12B858BDAB407C189DC74ACA75C406075BFC0BD5877FA0B3857BA5DAD81C9795EB55D3DBE7EADA67B03D1BFAA442
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..G..v..G..w.#G..y.)G..z.8G..|.>G..}.PG....XG....]G....eG....mG....uG....|G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H....%H....8H....NH....dH....kH....nH....oH....zH.....H.....H.....H.....H.....H.....H.....H.....H.....I..*..I..+..I..,.4I../.MI..0.SI..1..I..2..I..3..I..4..I..5..I..6.%J..7.>J..>.XJ..?.aJ..N.rJ..g.{J..i.~J..j..J..k..J..l..J...].J...].J...].J...]xK...].K...].K...].K...].K...].K...].L...].M...].M...].M...].M...^.M...^.M...^.N...^>N...^.N...^.N...^.O...^,O...^<O...^oO...^vO...^.O...^.O...^.O...^.O...^.O...^.O..%^.P..&^ P..'^1P..)^yP..*^.P..+^.P..,^.P..-^.P...^.P../^.Q..0^.Q..1^.Q..2^LR..3^`R..4^.R..5^.R..8^.R..9^%S..:^.S..;^.S..<^.T..>^BT..?^.T..@^zU..A^.U..B^.U..C^.U..D^.W..E^.X..F^yY..G^.Y..I^.Y..K^.Y..L^.Y..M^.Y..N^.Z..O^1Z..T^pZ..U^.Z..V^.Z..W^.[..X^-[..Y^U[..Z^.[..[^.\..\^Z\..]^.\..b^.]..d^.]..e^"]..f^(]..g^@]..h^U]..i^g]..j^h]..k^{]..l^~]..o^.]..p^.]..q^.^..r^H^

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\hu.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):144547
                                              Entropy (8bit):5.634145281802686
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:873CA729BBFEAB336795E1696289B191
                                              SHA1:BEF9CC201BCA2D433E2DC183C96425A542BC3F01
                                              SHA-256:D7C29C66D265129EDE1019C708BD0A358D6B820366509845834752EC2EF705DA
                                              SHA-512:2973C94779893C1F4D8725677355D71EDEA2599077EEFE7DAD6D4E4392AB036C0633440D2578A2D51947007ADF9DFE859F9B50E39CE7D7482992D5A3790CFDC4
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..G..w..G..y..G..z..G..|.4G..}.FG....NG....SG....[G....cG....kG....rG....yG.....G.....G.....G.....G.....G.....G.....G.....H.....H.....H...."H....)H....>H....SH....mH.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....I.....I.....I....QI....sI..*.|I..+..I..,..I../..I..0..I..1..I..2..I..3..J..4.%J..5.GJ..6..J..7..J..>..J..?..J..N..J..g..J..i..J..j..J..k..J..l..J...].K...]2K...]TK...].L...]"L...]TL...]vL...].L...].L...].L...].M...].N...].N...].N...^+N...^9N...^LN...^yN...^.O...^DO...^MO...^xO...^.O...^.O...^.O...^.O...^.O...^.O...^)P...^9P...^KP..%^RP..&^dP..'^tP..)^.P..*^.P..+^.P..,^.P..-^.Q...^ Q../^@Q..0^.Q..1^$R..2^.R..3^.R..4^.R..5^.R..8^.S..9^.S..:^sT..;^.T..<^.T..>^.T..?^dU..@^.U..A^.U..B^.U..C^.V..D^.W..E^.W..F^.X..G^XX..I^.X..K^.X..L^.X..M^.X..N^.X..O^.X..T^CY..U^lY..V^.Y..W^.Y..X^.Z..Y^UZ..Z^.Z..[^ [..\^.[..]^.[..b^o\..c^}\..d^.\..e^.\..f^.\..g^.\..h^.\..i^.\..j^.\..k^.\..l^.\..o^.]..p^P]..q^.]

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\id.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):121818
                                              Entropy (8bit):5.360373815575629
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:E61A4D062CD61972A534A5E86E49C34D
                                              SHA1:C19BE8F744B956753CE40D91A34F0DA02F699FFA
                                              SHA-256:D00C7EE5EDEB1BD1493C49CF2D124FFDF47405D21D8D43C1A41C8749CE5C86A3
                                              SHA-512:7DE4453B0793DDE96503E762D4E9A77835DDBB1D75D35F012D24E8453A90AC85F87B0A62D95AD68393901A8AC3FCB147CF2B7BD468DFFA62D959133528AF15F9
                                              Malicious:false
                                              Preview:..........$.j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..F..w..G..y..G..z..G..|.$G..}.6G....>G....CG....KG....SG....[G....bG....iG....pG....qG....rG.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H....4H....IH....PH....SH....TH....\H....dH....lH....qH....wH.....H.....H.....H.....H.....H..*..H..+..H..,..I../..I..0..I..1.II..2.[I..3.eI..4..I..5..I..6..I..7..I..>..I..?..I..N..J..g..J..i..J..j..J..k.!J..l.)J...].J...]VJ...]pJ...].K...].K...],K...];K...]jK...]yK...]hL...].L...].L...].L...^.L...^.L...^.L...^.L...^^M...^.M...^.M...^.M...^.M...^.M...^.M...^.N...^.N...^*N...^iN...^rN...^.N..%^.N..&^.N..'^.N..)^.N..*^.N..+^.O..,^.O..-^.O...^4O../^fO..0^.O..1^;P..2^.P..3^.P..4^.P..5^.P..8^.Q..9^.Q..:^SR..;^bR..<^tR..>^.R..?^.S..@^qS..A^.S..B^.S..C^.S..D^.T..E^.U..F^{U..G^.U..I^.U..K^.U..L^.U..M^.U..N^.V..O^.V..T^^V..U^.V..V^.V..W^.V..X^.W..Y^+W..Z^.W..[^.W..\^.X..]^=X..b^.X..c^.X..d^.X..e^.X..f^.X..g^.X..h^.Y..i^&Y..j^'Y..k^5Y..l^8Y..o^QY..p^uY..q^.Y..r^.Y

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\it.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):134374
                                              Entropy (8bit):5.276015939200961
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:A2E2D2B990CFFD395772D2F146084775
                                              SHA1:30EB2B67223104E72FD4CBD3448B01442928FC56
                                              SHA-256:27C74ECE0AA92E15D2F26628C4E132AF03A6DB5384E24504932C45912ABA7268
                                              SHA-512:8D874A43DC7FD2933CE4B81C8CB8D17C709E1947CCA8867614F726A34600F8B59689FB7DF50C7502FC21CC99785074723E4502622C677E5239D598CAC8962E00
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..G..w..G..y.%G..z.4G..|.:G..}.LG....TG....YG....aG....iG....qG....xG.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H.....H.....H.....H....CH....VH....nH.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....I....+I..*.7I..+.:I..,.XI../.iI..0.nI..1..I..2..I..3..I..4..I..5..J..6.`J..7.pJ..>..J..?..J..N..J..g..J..i..J..j..J..k..J..l..J...].J...].J...].K...].K...].K...].K...].K...].L...]ZL...]gL...]NM...]tM...]|M...].M...^.M...^.M...^.M...^.N...^.N...^.N...^.N...^.N...^.O...^.O...^%O...^9O...^VO...^gO...^.O...^.O...^.O..%^.O..&^.O..'^.O..)^)P..*^SP..+^`P..,^qP..-^uP...^.P../^.P..0^.Q..1^.Q..2^.R..3^#R..4^NR..5^`R..8^zR..9^.S..:^.S..;^.S..<^.T..>^BT..?^.T..@^%U..A^0U..B^AU..C^rU..D^.V..E^.W..F^.W..G^.W..K^.X..L^"X..M^,X..N^9X..O^^X..T^.X..U^.X..V^@Y..W^fY..X^wY..Y^.Y..Z^.Z..[^pZ..\^.Z..]^.Z..b^.[..c^.[..d^.[..e^.[..f^.[..g^.[..h^.[..i^.[..j^.[..k^.\..l^.\..o^0\..p^Q\..q^p\..r^.\

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\ja.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):159139
                                              Entropy (8bit):5.873398037642396
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:0553C4D65C38A5AFB98A0EE8F420A207
                                              SHA1:C6011AB07BC0B1E036BF564BE6F4D65C24E7D3E4
                                              SHA-256:C2BAD3C397CC41210E1D5D1D04A7185F9287C670E285D30C66235F5807B39FCF
                                              SHA-512:F3B9636A93BA77C1BD00D491710ADB221F570A30D1B5ADC50B8E263165B81A17C062ACA1CB656314140A512CD7E69F583DA781EE4C8929A1305E743361A3B030
                                              Malicious:false
                                              Preview:..........h.j..E..k..F..l..F..m..F..o.3F..p.@F..q.FF..v.UF..w.bF..y.hF..z.wF..|.}F..}..F.....F.....F.....F.....F.....F.....F.....F.....F.....F.....F.....F.....F....&G....?G....]G....~G.....G.....G.....G.....G.....G.....G.....G.....G...."H....KH....RH....UH....^H....gH....mH....vH.....H.....H.....H.....H.....H.....I..*. I..+.#I..,.EI../.aI..0.jI..1..I..2..I..3..I..4..I..5..J..6.oJ..7..J..>..J..?..J..N..J..g..J..i..J..j..J..k..J..l..J...].J...];K...]bK...]:L...]@L...]pL...].L...].L...].L...]<N...]QN...]WN...]fN...^{N...^.N...^.N...^.N...^.O...^.O...^)P...^AP...^\P...^bP...^.P...^.P...^.P...^.Q...^.Q...^(Q..%^.Q..&^OQ..'^aQ..)^.Q..*^.Q..+^.R..,^%R..-^+R...^LR../^vR..0^.S..1^.S..2^.T..3^.T..4^VT..5^eT..8^zT..9^.U..:^.U..;^.U..<^.V..>^oV..?^.W..@^~W..A^.W..B^.W..C^.W..D^.X..E^sY..F^.Y..G^LZ..I^sZ..K^.Z..L^.Z..M^.Z..N^.Z..O^.Z..T^>[..U^n[..V^.[..W^.\..X^.\..Y^;\..Z^.\..[^.\..\^W]..]^.]..b^)^..d^/^..e^2^..f^5^..g^Y^..h^w^..i^.^..j^.^..k^.^..l^.^..o^.^..p^*_..q^Y_..r^._..s^._..t^._..v^._..x^.`

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\kn.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):299517
                                              Entropy (8bit):4.421440980554494
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:33BC5AC34A95379D58F9C42CB21A92E4
                                              SHA1:0F4EF0A9A40E9042F3B744B5B87FCF00C08FD7E1
                                              SHA-256:99C8C57A808C63088D3E7B83DCF7CF80FB2A648D678A7C9473F2B5CC0BEF8152
                                              SHA-512:62DB9B5781B6C218E39BF7D4E47614FAF2EDB496A51E0B4E802047D57639890F13A4B4F84B6326FBDF6218B8991A0456DC5BB1473436CC74AF4E54283BB3BF13
                                              Malicious:false
                                              Preview:........../.j.nF..k.}F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..F..w..F..y..F..z..G..|..G..}. G....(G....-G....5G....=G....EG....LG....SG....ZG....[G....\G.....G....%H....\H.....H.....H.....H.....H.....I....-I....^I.....I.....I.....J....@J....GJ....JJ....LJ....dJ.....J.....J.....J.....J.....J.....K....%K.....K.....K..*..K..+..L..,. L../.QL..0.oL..1..M..2..M..3.4M..4..M..5..M..6.RN..7..N..>..N..?..N..N.1O..g.MO..i.PO..j.TO..k.YO..l.gO...]lO...].O...]=P...].Q...].Q...]5R...]xR...].R...]%S...]qS...]WV...].V...].V...].V...^.V...^.W...^hW...^.W...^2Y...^.Y...^.Y...^+Z...^JZ...^.Z...^.Z...^.Z...^.[...^D[...^!\...^J\...^u\..%^.\..&^.\..'^.\..)^.]..*^.]..+^.^..,^X^..-^p^...^.^../^?_..0^z`..1^~a..2^.b..3^.b..4^ c..5^Tc..8^.c..9^Ce..:^Tg..;^kg..<^.g..>^Sh..?^.i..@^.j..A^Wk..B^.k..C^.k..D^.o..E^kq..F^.r..G^.s..K^.s..L^.t..M^@t..N^qt..O^.t..T^.u..U^Av..V^fw..W^.w..X^.w..Y^bx..Z^_y..[^?z..\^#{..]^.{..b^.|..c^.}..d^$}..e^6}..f^B}..g^.}..h^.}..i^/~..j^0~..k^h~..l^k~..o^.~..p^....q^m...r^1.

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\ko.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):134295
                                              Entropy (8bit):6.191082491321746
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:7FF011AE4E5FFD05736F99888AE9A8CB
                                              SHA1:544BF65AB5FE462FAADCDA88E2E5DB0009169123
                                              SHA-256:5BA83651D941CB9F87B961F735D5BFB0E249878255129BE1D8E8D6BA5D903D76
                                              SHA-512:BAA72F1A5561FD67A047309255CA799A55365D6D755324313E86E26AE9F3A8209AF7AF24C1A9BA83FAA441CF49FB843D9AD1FAB4B76354B0800EDFD9A2AE21F7
                                              Malicious:false
                                              Preview:..........o.j..E..k..E..l..F..m..F..o..F..p..F..q..F..r.-F..s.>F..t.GF..y.\F..z.kF..|.qF..}..F.....F.....F.....F.....F.....F.....F.....F.....F.....F.....F.....G.....G....'G....:G....JG....LG....PG....\G....cG....yG.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H.....H....XH....jH..*.wH..+.zH..,..H../..H..0..H..1..I..2.#I..3./I..4.NI..5.vI..6..I..7..I..>..I..?..I..N..I..g..J..i..J..j..J..k..J..l."J...]'J...]SJ...]}J...].K...].K...]CK...]TK...].K...].K...].L...].L...].L...].L...^.L...^.L...^.L...^.M...^.M...^.M...^.M...^.N...^.N...^/N...^5N...^BN...^ON...^_N...^.N...^.N...^.N..%^.N..&^.N..'^.O..)^NO..*^.O..+^.O..,^.O..-^.O...^.O../^.O..0^tP..1^.P..2^lQ..3^.Q..4^.Q..5^.Q..8^.Q..9^yR..:^tS..;^.S..<^.S..>^.S..?^PT..@^.T..A^.T..B^.T..C^.T..D^.V..E^.V..F^.W..G^aW..K^.W..L^.W..M^.W..N^.W..O^.W..T^<X..U^oX..V^.X..W^.X..X^.Y..Y^5Y..Z^.Y..[^.Y..\^3Z..]^XZ..d^.Z..e^.Z..f^.Z..g^.[..h^,[..i^F[..j^G[..k^Z[..l^][..o^q[..p^.[..q^.[..r^.\..s^.\..t^S\..v^\\..x^p\..y^v\..z^.\

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\lt.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):146763
                                              Entropy (8bit):5.624470493823786
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:90847DC4F0387C80DD00BAD7B001A879
                                              SHA1:B7543FA3A3185201EACB2CBEB1F6EF667CCA10B1
                                              SHA-256:FB5BB8AA591D3D8D7557FB296317C30DB3C4D5C9F438FE0A43A94B974B9286A1
                                              SHA-512:19ED2F2B9D71F00A81EE93C776EE9B2D4D6283CB5ADB280A30EB8ADB9BE53A2D007D267DD8143FE7EB98AB909DBC88B16BC7E4167717D3F4EEC3B1C7DCEB8B1B
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..G..v..G..w.#G..y.)G..z.8G..|.>G..}.PG....XG....]G....eG....mG....uG....|G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H.....H....,H....?H....QH....iH.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....I....-I..*.:I..+.=I..,.[I../..I..0..I..1..I..2..I..3..I..4..I..5.%J..6.tJ..7..J..>..J..?..J..N..J..g..J..i..J..j..J..k..J..l..K...].K...];K...]OK...].K...].K...]#L...]4L...]DL...].L...].L...].O...])O...]2O...]JO...^]O...^gO...^.O...^.O...^BP...^jP...^rP...^.P...^.P...^.P...^.P...^.P...^.Q...^.Q...^TQ...^^Q...^rQ..%^|Q..&^.Q..'^.Q..)^.Q..*^.R..+^2R..,^CR..-^JR...^gR../^.R..0^.S..1^.S..2^(T..3^BT..4^rT..5^.T..8^.T..9^5U..:^.U..;^.V..<^#V..>^LV..?^.V..@^.W..A^.W..B^.W..C^.X..D^HZ..E^.[..F^.\..G^.\..I^.]..K^!]..L^7]..M^@]..N^S]..O^.]..T^.]..U^.^..V^s^..W^.^..X^.^..Y^._..Z^u_..[^._..\^&`..]^f`..b^1a..d^<a..e^Ba..f^Ga..g^_a..h^sa..i^.a..j^.a..k^.a..l^.a..o^.a..p^.a..q^.b..r^Db

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\lv.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):145384
                                              Entropy (8bit):5.624257022055004
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:61EE8D708739FB4BB33F37BFFBA745AE
                                              SHA1:7173073DDDD29E4688B922297EEC471AE8B0FDF9
                                              SHA-256:F944E3DBBE9694EF7C111E1A0BF91F5B0229B7C3CA221F54C253276242C281F8
                                              SHA-512:25FDFC2EBBF7D408D9570DA3D55D9722C912B2995DE9E73449B8CDE8C0EBB3C25B38E70F66681CBF39D791F151194C85146D95EF59A7B43E7E64B0169B49E2A7
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..G..s..G..t..G..v.0G..w.=G..y.CG..z.RG..|.XG..}.jG....rG....wG.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H....#H....%H....)H....0H....;H....KH....^H....pH.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....I....OI..*.\I..+._I..,.}I../..I..0..I..1..I..2..I..3..J..4..J..5.@J..6.{J..7..J..>..J..?..J..N..J..g..J..i..J..j..J..k..J..l..J...].J...].K...]/K...].K...].K...].L...].L...]<L...]zL...].L...]eN...]{N...].N...].N...^.N...^.N...^.N...^.O...^.O...^.O...^.O...^.O...^.P...^&P...^/P...^DP...^_P...^.P...^.P...^.P...^.P..%^.P..&^.P..'^.Q..)^NQ..*^xQ..+^.Q..,^.Q..-^.Q...^.Q../^.Q..0^gR..1^.R..2^KS..3^kS..4^.S..5^.S..8^.S..9^QT..:^.U..;^/U..<^RU..>^.U..?^.U..@^.V..A^.V..B^.V..C^.W..D^.Y..E^.Z..F^.Z..G^.[..I^0[..K^6[..L^D[..M^O[..N^\[..O^.[..T^.[..U^.[..V^U\..W^r\..X^.\..Y^.\..Z^.]..[^`]..\^.]..]^.]..b^`^..c^l^..d^v^..e^~^..f^.^..g^.^..h^.^..i^.^..j^.^..k^.^..l^.^..o^._..p^L_..q^m_

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\ml.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):315496
                                              Entropy (8bit):4.438433180200473
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:6183544A4F554D40A211C8E0376C95AA
                                              SHA1:A9E855BBD03CFEB96DAE4C52E6A577B9F0374184
                                              SHA-256:2B5C12D6628B1835D5658085C04F9DCF0D792DB603A034264E70D86F8D43E044
                                              SHA-512:7C517702F24C92B708DD4EE1D6D5A911213062CFA5AE05C12DA9B2CD4DEC06ED9B218CE88A75AE9A7C9177AF100169F61056B1ECCB9AB3F10811B6E6C99CC86E
                                              Malicious:false
                                              Preview:............j.pF..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..F..w..F..y..F..z..G..|..G..}."G....*G..../G....7G....?G....GG....NG....UG....\G....]G....^G.....G.....H....IH.....H.....H.....H.....H.....I.....I....?I.....I.....I.....I....(J..../J....2J....4J....UJ....sJ.....J.....J.....J.....K....0K....NK....)L....TL..*..L..+..L..,..L../..L..0..L..1..M..2..M..3..M..4.+N..5..N..6.%O..7.mO..>..O..?..P..N.5P..g.WP..i.ZP..j.^P..k.cP..l.wP...]|P...].Q...]NQ...]9S...]WS...].S...].S...]%T...].T...].T...].V...]0W...]9W...]ZW...^.W...^.W...^.W...^|X...^.Z...^oZ...^.Z...^.[...^1[...^y[...^.[...^.[...^&\...^M\...^.\...^.]...^A]..%^e]..&^.]..'^.]..)^x^..*^.^..+^._..,^B_..-^i_...^._../^0`..0^ga..1^.b..2^.c..3^.d..4^.d..5^.d..8^.e..9^.f..:^.h..;^.h..<^%i..>^.i..?^.k..@^%l..A^ll..B^.l..C^.m..D^.o..E^.p..F^.q..G^.r..I^.r..K^.s..L^1s..M^Ls..N^.s..O^.s..T^.u..U^.u..V^.v..W^.v..X^7w..Y^.w..Z^.x..[^cy..\^Fz..]^.z..b^e|..d^.|..e^.|..f^.|..g^.|..h^F}..i^.}..j^.}..k^.}..l^.}..o^-~..p^.~..q^.~..r^..

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\mr.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):260776
                                              Entropy (8bit):4.505268866905645
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:80B49D820F83133B9EFB9AC2CA102C83
                                              SHA1:6E2D370C74891BEF70768F051E4BA0483D6B5C1E
                                              SHA-256:DF72EACF4938F4912F5BAE563DBE7E81A758A7E8FFD49F14502F6D0B5DAB6F27
                                              SHA-512:AFD58A2ADA72E96423CA1F9E1869C8E1621C22E72A13B90FEC5FD2DBE662D2D9280E3277018D426196AD63CD74CE7406975BD134F577B6B3E5864DA7F0831936
                                              Malicious:false
                                              Preview:..........D.j.DF..k.SF..l.^F..n.fF..o.kF..p.xF..q.~F..r..F..s..F..t..F..v..F..w..F..y..F..z..F..|..F..}..F.....F.....G.....G.....G.....G...."G....)G....0G....1G....2G.....G.....G.....G.....H...._H....aH....eH.....H.....H.....H.....H.....I.....I....RI....YI....\I....^I....qI.....I.....I.....I.....I.....I.....J.....J....pJ.....J..*..J..+..J..,..J../.*K..0.7K..1..K..2..K..3..K..4..L..5.TL..6..L..7..L..>.>M..?.QM..N..M..g..M..i..M..j..M..k..M..l..M...].M...].N...]yN...].O...].O...]7P...]dP...].P...].P...].R...].R...].R...].S...^@S...^XS...^.S...^.S...^.T...^QU...^`U...^.U...^.U...^.V...^.V...^FV...^.V...^.V...^2W...^IW...^kW..%^.W..&^.W..'^.W..)^.X..*^.Y..+^/Y..,^mY..-^.Y...^.Y../^3Z..0^;[..1^2\..2^,]..3^Z]..4^.]..5^.]..8^*^..9^._..:^Xa..;^oa..<^.a..>^-b..?^}c..@^od..A^.d..B^.d..C^@e..D^.g..E^.h..F^|i..G^.j..I^fj..K^|j..L^.j..M^.j..N^.j..O^6k..T^.k..U^Rl..V^Hm..W^.m..X^.m..Y^An..Z^-o..[^.o..\^.p..]^*q..b^ur..c^.r..d^.r..e^.r..f^.r..g^.s..h^[s..i^.s..j^.s..k^.s..l^.s..o^.t..p^Xt..q^.t..r^.u

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\ms.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):125611
                                              Entropy (8bit):5.26463363101804
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:0CDA98188CCC97E932408BED970E2CE1
                                              SHA1:91595881665CC51FBC013EC0A1D212DEA9F70CB5
                                              SHA-256:18C1CD2F95F5C029F308C53774F49E4B718BC94B78FC3029F95457BCC58281D7
                                              SHA-512:4CF8A939ADF3B79537051016D52A0E2C3C10135DC2A652B68D5EA7BB338DAC422D3AD814DDA1902C393083DB55168E12822DD51151302D5770FE599C0B395AB4
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..G..w..G..y..G..z..G..|.4G..}.FG....NG....SG....[G....cG....kG....rG....yG.....G.....G.....G.....G.....G.....G.....G.....H.....H.....H.....H.....H....1H....EH....WH....pH.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....I.....I..*.%I..+.(I..,.FI../.WI..0.aI..1..I..2..I..3..I..4..I..5..I..6..J..7.2J..>.NJ..?.VJ..N.kJ..g.tJ..i.wJ..j.{J..k..J..l..J...].J...].J...].J...]\K...]dK...].K...].K...].K...].K...].L...].L...].L...].L...^.L...^.L...^.M...^3M...^.M...^.M...^.M...^.M...^.N...^.N...^%N...^3N...^QN...^^N...^.N...^.N...^.N..%^.N..&^.N..'^.N..)^+O..*^FO..+^RO..,^ZO..-^aO...^zO../^.O..0^.P..1^lP..2^.P..3^.P..4^.Q..5^.Q..8^2Q..9^.Q..:^cR..;^rR..<^.R..>^.R..?^.S..@^tS..A^.S..B^.S..C^.S..D^.T..E^,U..F^.U..G^.U..I^.U..K^.U..L^.V..M^.V..N^.V..O^8V..T^.V..U^.V..V^.V..W^.W..X^.W..Y^KW..Z^.W..[^.W..\^DX..]^fX..b^.X..d^.Y..e^.Y..f^.Y..g^.Y..h^5Y..i^KY..j^LY..k^ZY..l^]Y..o^uY..p^.Y..q^.Y..r^.Z..s^%Z

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\nb.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):124135
                                              Entropy (8bit):5.430025230496119
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:00F1A382F8F5E0950CB9BA4A4F3FD478
                                              SHA1:BBA2DE6051BDD9B596F66312F2E2296C370E2D93
                                              SHA-256:E42E748F28E944F9A3A7FAD19E686B856BC60B3E0128DE94E6CD7619A7D24071
                                              SHA-512:2D8F502F51FCF066BF8C420CA2C86FE4EC6274AB0DA5A5266293225910C9A0DFB6D5C529A9FD0DA6FF4952BAC385FCE2885757DE81A4DB2D7F5C10CDDD539C0E
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..G..w..G..y..G..z.(G..|..G..}.@G....HG....MG....UG....]G....eG....lG....sG....zG....{G....|G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H.....H.....H....>H....EH....HH....IH....PH....XH....cH....gH....nH....yH.....H.....H.....H.....H..*..H..+..H..,..H../..I..0..I..1.6I..2.BI..3.SI..4.mI..5..I..6..I..7..I..>..I..?..I..N..I..g..J..i..J..j..J..k..J..l..J...]!J...]LJ...]pJ...].K...].K...]=K...]MK...]\K...].K...].K...]@L...]RL...]YL...]bL...^xL...^.L...^.L...^.L...^nM...^.M...^.M...^.M...^.M...^.M...^.M...^.N...^.N...^%N...^`N...^hN...^{N..%^.N..&^.N..'^.N..)^.N..*^.O..+^.O..,^)O..-^/O...^DO../^jO..0^.O..1^NP..2^.P..3^.P..4^.P..5^.P..8^.Q..9^oQ..:^.R..;^.R..<^)R..>^UR..?^.R..@^.S..A^/S..B^<S..C^XS..D^FT..E^.T..F^*U..G^oU..I^.U..K^.U..L^.U..M^.U..N^.U..O^.U..T^.V..U^EV..V^.V..W^.V..X^.V..Y^)W..Z^.W..[^.W..\^.X..]^FX..b^.X..d^.X..e^.X..f^.X..g^.Y..h^(Y..i^9Y..j^:Y..k^IY..l^LY..o^eY..p^.Y..q^.Y..r^.Y

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\nl.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):128369
                                              Entropy (8bit):5.355883393524085
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:2D4BBBF2E9459992252D62AB1A152D30
                                              SHA1:78E696C8B30F2B4A113B72A92C0A011AA7D777BE
                                              SHA-256:4D450B5659EA7BB907728E2B8F48D77A43DC18024E2A15E749F5A760D4144571
                                              SHA-512:3325DBCF891A55E06D2D106046D0E0589DAE5E437B4437B929672150735B38DCF39AFCCF0FADB2C43DD1484F3726ECF9B0EE1641BDE7BB31A84B88790E9CAD55
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..G..v..G..w.#G..y.)G..z.8G..|.>G..}.PG....XG....]G....eG....mG....uG....|G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H....)H....=H....PH....kH.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....I.....I..*.#I..+.&I..,.DI../.UI..0._I..1..I..2..I..3..I..4..I..5..I..6..J..7.7J..>.TJ..?.aJ..N.pJ..g.}J..i..J..j..J..k..J..l..J...].J...].J...].J...]eK...]mK...].K...].K...].K...].K...].K...].L...].L...].L...].L...^.M...^.M...^:M...^[M...^.M...^"N...^*N...^UN...^^N...^xN...^.N...^.N...^.N...^.N...^.N...^.N...^.N..%^.O..&^.O..'^.O..)^ZO..*^xO..+^.O..,^.O..-^.O...^.O../^.O..0^HP..1^.P..2^.Q..3^"Q..4^OQ..5^^Q..8^rQ..9^.Q..:^.R..;^.R..<^.R..>^.R..?^`S..@^.S..A^.S..B^.S..C^.S..D^.U..E^.U..F^.V..G^KV..I^nV..K^wV..L^.V..M^.V..N^.V..O^.V..T^.W..U^:W..V^.W..W^.W..X^.W..Y^.X..Z^lX..[^.X..\^.X..]^(Y..b^.Y..c^.Y..d^.Y..e^.Y..f^.Y..g^.Y..h^.Z..i^.Z..j^.Z..k^&Z..l^)Z..o^GZ..p^qZ..q^.Z

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\pl.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):139797
                                              Entropy (8bit):5.7397990834880295
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:999ED3F4123A1479D43AB2DC9028EDE9
                                              SHA1:346A3C515D01929A4FE3B33C42A3AAD5FE731843
                                              SHA-256:4174B220824334D04BAD161309D342A647433FAE7C353432E34EAF49EC8787CB
                                              SHA-512:ABFB66F0826E88AD2E1C5850C14AD03A9DAF96239E1B675C7442659B9851F202F73B4BA98FF494719683E5C4EEA5CE8756533AF609218E83A47D61730F28E9A6
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..G..v..G..w.)G..y./G..z.>G..|.DG..}.VG....^G....cG....kG....sG....{G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H.....H.....H.....H....3H....AH....PH....fH....}H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....I....'I..*.2I..+.5I..,.SI../.|I..0..I..1..I..2..I..3..I..4..I..5..J..6.CJ..7.\J..>.uJ..?.~J..N..J..g..J..i..J..j..J..k..J..l..J...].J...].J...].J...].K...].K...].K...].K...].K...].L...]=L...].M...].M...].M...].M...^.N...^.N...^0N...^eN...^.N...^.O...^.O...^FO...^UO...^{O...^.O...^.O...^.O...^.O...^.O...^.P..%^.P..&^ P..'^-P..)^yP..*^.P..+^.P..,^.P..-^.P...^.P../^.Q..0^.Q..1^.Q..2^bR..3^.R..4^.R..5^.R..8^.R..9^VS..:^.T..;^.T..<^(T..>^`T..?^.T..@^.U..A^.U..B^.U..C^.U..D^.W..E^.X..F^?Y..G^xY..I^.Y..K^.Y..L^.Y..M^.Y..N^.Y..O^.Y..T^3Z..U^WZ..V^.Z..W^.Z..X^.Z..Y^.[..Z^e[..[^.[..\^.[..]^"\..b^.\..c^.\..d^.\..e^.\..f^.\..g^.\..h^.\..i^.]..j^.]..k^%]..l^(]..o^=]..p^e]..q^.]..r^.]

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\pt-BR.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):133496
                                              Entropy (8bit):5.415308981100393
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:31556D02BA0EE812EBDA678E3B70B1F7
                                              SHA1:A2468245936DCE8B2944A66C7562EF4745F64FF7
                                              SHA-256:9D93FDB7F9D0D7833EBEF8EA7016F952301075E714A4918C6A3D5338FEC08FFE
                                              SHA-512:3B6EF3AD2D0115E9694A879E127ECF067D8DF03F0875EBED4427BC674C0C9CC0DEB591FEDA9DF120062C3A59D65FE952727B2A59F352A096887449A0745C8FE5
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..G..v..G..w.%G..y.+G..z.:G..|.@G..}.RG....ZG...._G....gG....oG....wG....~G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H.....H.....H....&H....0H....BH....SH....iH.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....I.....I..*.)I..+.,I..,.JI../.[I..0.dI..1..I..2..I..3..I..4..I..5..I..6.$J..7.8J..>.PJ..?.[J..N.pJ..g.|J..i..J..j..J..k..J..l..J...].J...].J...].J...]gK...]oK...].K...].K...].K...].K...].K...]UM...]mM...]uM...]{M...^.M...^.M...^.M...^.M...^LN...^rN...^yN...^.N...^.N...^.N...^.N...^.N...^.N...^.O...^9O...^=O...^SO..%^YO..&^hO..'^vO..)^.O..*^.O..+^.O..,^.O..-^.P...^'P../^VP..0^.P..1^4Q..2^.Q..3^.Q..4^.Q..5^.Q..8^.R..9^.R..:^.S..;^.S..<^.S..>^.S..?^ST..@^.T..A^.T..B^.T..C^.U..D^.V..E^]W..F^.X..G^ZX..I^.X..K^.X..L^.X..M^.X..N^.X..O^.X..T^.Y..U^CY..V^.Y..W^.Y..X^.Y..Y^.Y..Z^`Z..[^.Z..\^.[..]^<[..b^.[..d^.[..e^.[..f^.[..g^.[..h^.\..i^&\..j^'\..k^8\..l^;\..o^]\..p^.\..q^.\..r^.\

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\pt-PT.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):133827
                                              Entropy (8bit):5.406788102503695
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:B7456478AB25DA7A037689ECF9FC39B1
                                              SHA1:6CACB9E84AF6ADB490B92CAA6A24DEF7114266AD
                                              SHA-256:F07D58C568707C6DE882A19E260C9F97751BF750237FC0BF3556BA95995F5442
                                              SHA-512:9F71AC8F21C64E4B8C93ECDA70C47CC697395E0E67D8B4A8AB4D2C1F95F4D5644AEC87DF2E058526534BD4D65130D600443D3BAAF6AD32BCCE5BB994C506159B
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..G..t..G..v..G..w.+G..y.1G..z.@G..|.FG..}.XG....`G....eG....mG....uG....}G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H.....H.....H...."H....,H....@H....TH....kH.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....I....'I..*./I..+.2I..,.PI../.gI..0.rI..1..I..2..I..3..I..4..I..5..J..6.MJ..7.aJ..>.wJ..?..J..N..J..g..J..i..J..j..J..k..J..l..J...].J...].J...].K...].K...].K...].K...].K...].K...](L...]8L...]EM...]]M...]gM...]mM...^}M...^.M...^.M...^.M...^iN...^.N...^.N...^.N...^.N...^.N...^.N...^.N...^.O...^,O...^cO...^qO...^.O..%^.O..&^.O..'^.O..)^.P..*^+P..+^;P..,^IP..-^SP...^vP../^.P..0^.Q..1^.Q..2^.R..3^.R..4^IR..5^WR..8^sR..9^.S..:^.S..;^.T..<^!T..>^bT..?^.T..@^DU..A^`U..B^xU..C^.U..D^.V..E^5W..F^.W..G^.W..I^%X..K^-X..L^9X..M^BX..N^QX..O^.X..T^.X..U^.Y..V^tY..W^.Y..X^.Y..Y^.Y..Z^OZ..[^.Z..\^.Z..]^)[..b^.[..c^.[..d^.[..e^.[..f^.[..g^.[..h^.\..i^.\..j^.\..k^'\..l^*\..o^@\..p^p\..q^.\

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\ro.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):136702
                                              Entropy (8bit):5.445627159958296
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:B665411D1B5570903F8E4C2501F977D5
                                              SHA1:CB8D98CF3E053C278F8B93D734FD2B1A42B6F322
                                              SHA-256:8DA674ABE460D1E2824A13338D29344BAE2F092FD94082D71EE91389F8822D69
                                              SHA-512:BDCB8E626DB816C1DB5C60489064D4BA4720381889A36E3D80D00E9988332EC6529107D9B3EF062B9BCC2AFDFE75EC55C8F08BA06D908B07D772D2547C7B4CF1
                                              Malicious:false
                                              Preview:..........).j.zF..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..F..w..F..y..G..z..G..|..G..}.,G....4G....9G....AG....IG....QG....XG...._G....fG....gG....hG.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H....,H....GH....eH....lH....oH....pH....|H.....H.....H.....H.....H.....H.....H.....H.....H.....I..*.$I..+.'I..,.EI../._I..0.pI..1..I..2..I..3..I..4..I..5..I..6.5J..7.JJ..>.aJ..?.iJ..N.xJ..g..J..i..J..j..J..k..J..l..J...].J...].J...].J...]mK...]tK...].K...].K...].K...].L...]"L...]eM...]zM...].M...].M...^.M...^.M...^.M...^.M...^.N...^.N...^.N...^.N...^.N...^%O...^.O...^@O...^SO...^dO...^.O...^.O...^.O..%^.O..&^.O..'^.O..)^ P..*^AP..+^UP..,^kP..-^sP...^.P../^.P..0^/Q..1^.Q..2^.Q..3^.R..4^<R..5^LR..8^cR..9^.R..:^.S..;^.S..<^.S..>^.S..?^[T..@^.T..A^.T..B^.U..C^'U..D^.V..E^CW..F^.W..G^.X..K^6X..L^DX..M^LX..N^[X..O^.X..T^.X..U^.X..V^aY..W^|Y..X^.Y..Y^.Y..Z^.Z..[^\Z..\^.Z..]^.Z..b^`[..d^k[..e^p[..f^r[..g^.[..h^.[..i^.[..j^.[..k^.[..l^.[..o^.[..p^.\..q^(\..r^a\..s^y\

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\ru.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):213507
                                              Entropy (8bit):5.024482756621217
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:848ED63D29215F8B7D002F8D731DB13C
                                              SHA1:1A33D0ABFC5F4237E63440AB04A698AC4F230EC6
                                              SHA-256:CF4D6FA2C4A8F828FB11D464F504DDBBFF5ABAB9CC78CBA326BB8EAFCFCDF812
                                              SHA-512:2A1F75D2AAC4075DD43F816FA0B5D7949B1591E53BC711A69DD5540A3A6AD502648F7C6681DB7632B869553FF24EA43AB7CB4CE4B646C022FB88F0ACE97A3C7F
                                              Malicious:false
                                              Preview:..........J.j.8F..k.GF..l.RF..n.ZF..o._F..p.lF..q.rF..r..F..s..F..t..F..v..F..w..F..y..F..z..F..|..F..}..F.....F.....F.....F.....G.....G.....G.....G....$G....%G....&G....~G.....G.....G.....G.....G.....G.....G.....H...."H....4H....SH....vH.....H.....H.....H.....H.....H.....H.....H.....H.....I.... I....8I....BI....NI.....I.....I..*..I..+..I..,..J../.%J..0.6J..1..J..2..J..3..J..4..J..5.'K..6..K..7..K..>..K..?..K..N..L..g.'L..i.*L..j..L..k.7L..l.CL...]HL...].L...].L...].M...].M...].N...]:N...]^N...].N...].N...].R...].R...].S...].S...^-S...^?S...^iS...^.S...^.T...^.T...^.T...^.U...^OU...^.U...^.U...^.U...^.U...^.U...^\V...^yV...^.V..%^.V..&^.V..'^.V..)^OW..*^.W..+^.W..-^.W...^.W../^%X..0^.Y..1^.Y..2^.Z..3^.Z..4^.Z..5^.Z..8^D[..9^0\..:^p]..;^.]..<^.]..>^.]..?^.^..@^"`..A^/`..B^I`..C^.`..D^.d..E^.e..F^]g..G^.g..K^.g..L^.h..M^0h..N^Ih..O^.h..T^.i..U^Ui..V^.i..W^%j..X^Sj..Y^.j..Z^*k..[^.k..\^$l..]^ll..b^Am..d^Wm..e^am..f^gm..g^.m..h^.m..i^.m..j^.m..k^.n..l^!n..o^]n..p^.n..q^.n..r^,o..s^Ro..t^~o

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\sk.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):141995
                                              Entropy (8bit):5.773757591863307
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:0B9599388DEC973FFEC68A5738A848F4
                                              SHA1:0A0AAF4F9618CF867A1BF1E5BC6B8B21B46C4870
                                              SHA-256:E7038A23BE62E4A476960B935A6C528AAEFB781B28FDB7E24B3D830B5C02F10E
                                              SHA-512:5EE7AEAAF1BE25DDC86694A16CA595872F2A9DCF1E48D0189D3A1EEF425629ABDC814FF32A8B288B468AB4F263953618C4363D033EF7AEC2BAE0072129DD1F9A
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..G..t..G..v. G..w.-G..y.3G..z.BG..|.HG..}.ZG....bG....gG....oG....wG.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H.....H.....H....$H....8H....FH....WH....gH....zH.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....I....'I..*.1I..+.4I..,.RI../.cI..0.mI..1..I..2..I..3..I..4..I..5..I..6.6J..7.KJ..>.bJ..?.lJ..N..J..g..J..i..J..j..J..k..J..l..J...].J...].J...].J...].K...].K...].K...].K...].L...]EL...]UL...].N...].N...].N...]%N...^=N...^GN...^iN...^.N...^&O...^RO...^WO...^.O...^.O...^.O...^.O...^.O...^.O...^.P...^BP...^OP...^bP..%^jP..&^yP..'^.P..)^.P..*^.P..+^.Q..,^.Q..-^ Q...^7Q../^fQ..0^.Q..1^LR..2^.R..3^.R..4^.R..5^.S..8^%S..9^.S..:^pT..;^.T..<^.T..>^.T..?^OU..@^.U..A^.V..B^$V..C^EV..D^.X..E^.Y..F^.Y..G^>Z..I^_Z..K^gZ..L^vZ..M^.Z..N^.Z..O^.Z..T^"[..U^J[..V^.[..W^.[..X^.[..Y^.\..Z^h\..[^.\..\^.\..]^%]..b^.]..c^.]..d^.]..e^.]..f^.]..g^.]..h^.]..i^.^..j^.^..k^,^..l^/^..o^K^..p^.^..q^.^..r^.^

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\sl.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):135567
                                              Entropy (8bit):5.468430155460571
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:3BF6C4AA2129B4B535637AA6727FB1E9
                                              SHA1:569BCFAB7176BB9833A02B5853BBBEB3165538CC
                                              SHA-256:CBFF2DBB38D4D95FE7C811E0ABDB0B92AAD621E5C2C1EEDA3C394DCE5CF1D34F
                                              SHA-512:779CED23ADC89AF08F43531056B7195D253B7EA021439F73F0C9F9B49969153A2044E90ACC0BDA3C14D3B3E68F772F5CF8611F954B5B9CB0370D252A484CA36E
                                              Malicious:false
                                              Preview:..........!.j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..G..w..G..y..G..z.$G..|.*G..}.<G....DG....IG....QG....YG....aG....hG....oG....vG....wG....xG.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H.....H....-H....BH....YH....`H....cH....dH....oH....wH....}H.....H.....H.....H.....H.....H.....H.....H..*..H..+..H..,..I../.?I..0.II..1.zI..2..I..3..I..4..I..5..I..6..J..7..J..>.4J..?.>J..N.LJ..g.XJ..i.[J..j._J..k.fJ..l.nJ...]sJ...].J...].J...]cK...]iK...].K...].K...].K...].K...].K...].M...].M...].M...].N...^2N...^<N...^bN...^.N...^'O...^UO...^\O...^.O...^.O...^.O...^.O...^.O...^.O...^&P...^/P...^KP..%^QP..&^jP..'^xP..)^.P..*^.P..+^.P..,^.Q..-^.Q...^/Q../^SQ..0^.Q..1^/R..2^.R..3^.R..4^.R..5^.R..8^.R..9^gS..:^.T..;^.T..<^)T..>^\T..?^.T..@^.U..A^.U..B^.U..C^.U..D^.X..E^.Y..F^.Z..G^.Z..I^.Z..K^.Z..L^.[..M^.[..N^#[..O^C[..T^.[..U^.[..V^.\..W^.\..X^'\..Y^a\..Z^.\..[^.\..\^A]..]^a]..b^.]..c^.]..d^.]..e^.]..f^.]..g^.^..h^&^..i^8^..j^9^..k^K^..l^N^..o^n^..p^.^..q^.^..r^._

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\sr.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):202805
                                              Entropy (8bit):4.966841321768272
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:9F9570670D844A1B14B256A7584665E8
                                              SHA1:5B5CF46415662CC1CE4D93B876F4C45389AEDFC2
                                              SHA-256:ABCEE52DEB7382D84DE334C3228711A62A7D21D9A2CE506385805EEA0ED716F4
                                              SHA-512:D38FCA2D639E32F5EF90DFAAC04AEF0CCFBCC409619ACEC6535B5401502B7141F6EB24F574DB97A7ABC550B8E35E93CBC62A4A0F7494C56537FB670F19E02F8E
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..G..t..G..v.$G..w.1G..y.7G..z.FG..|.LG..}.^G....fG....kG....sG....{G.....G.....G.....G.....G.....G.....G.....G.....H....6H....[H.....H.....H.....H.....H.....H.....H.....H.....I....8I....VI....]I....`I....aI....kI....wI.....I.....I.....I.....I.....I.....I....1J....dJ..*.yJ..+.|J..,..J../..J..0..J..1.*K..2.AK..3.ZK..4..K..5..K..6.3L..7.[L..>..L..?..L..N..L..g..L..i..L..j..L..k..L..l..L...].L...]>M...].M...].N...].N...].N...].N...].O...]wO...].O...]7R...]sR...].R...].R...^.R...^.R...^.R...^MS...^PT...^.T...^.T...^.T...^.U...^oU...^.U...^.U...^.U...^.U...^QV...^aV...^.V..%^.V..&^.V..'^.V..)^_W..*^.W..+^.W..,^.W..-^.X...^7X../^{X..0^9Y..1^.Y..2^}Z..3^.Z..4^.Z..5^.Z..8^.[..9^.[..:^.\..;^.\..<^.]..>^v]..?^L^..@^]_..A^s_..B^._..C^._..D^.b..E^,d..F^.e..G^.f..I^<f..K^Hf..L^ef..M^uf..N^.f..O^.f..T^4g..U^.g..V^&h..W^Oh..X^th..Y^.h..Z^Li..[^.i..\^Jj..]^xj..b^Mk..c^[k..d^mk..e^wk..f^.k..g^.k..h^.k..i^.k..j^.k..k^.l..l^.l..o^Il..p^.l..q^.l

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\sv.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):124359
                                              Entropy (8bit):5.508086107251322
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:C0EB9DC359EAD97302591D09A4D80C81
                                              SHA1:5569C326861E80DD05AA49A74D77815364915AF1
                                              SHA-256:B34E855F518A2041E4BBD7B5C269E35E7DFAA431FDD876FC0AAC38B887E65AFF
                                              SHA-512:B488831AA6219A246D0CDC370DC7B95FC07754702447964737EB53B9D5F64092E8873032BC40E8AF9270388BB1B655B4F06D6DE304B85B32FDD297959534D06D
                                              Malicious:false
                                              Preview:..........#.j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..F..w..G..y..G..z. G..|.&G..}.8G....@G....EG....MG....UG....]G....dG....kG....rG....sG....tG.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H.....H....1H....BH....IH....LH....MH....UH....]H....hH....nH....vH.....H.....H.....H.....H.....H..*..H..+..H..,..H../..I..0..I..1.HI..2.RI..3.]I..4..I..5..I..6..I..7..I..>..I..?..I..N..J..g..J..i..J..j..J..k.$J..l.)J...].J...]]J...].J...].K...].K...]@K...]PK...]bK...].K...].K...]uL...].L...].L...].L...^.L...^.L...^.L...^"M...^.M...^.M...^.M...^.M...^.M...^.N...^.N...^#N...^;N...^IN...^.N...^.N...^.N..%^.N..&^.N..'^.N..)^.O..*^0O..+^BO..,^NO..-^SO...^qO../^.O..0^.P..1^eP..2^.P..3^.P..4^.Q..5^)Q..8^CQ..9^.Q..:^lR..;^~R..<^.R..>^.R..?^2S..@^.S..A^.S..B^.S..C^.S..D^.T..E^&U..F^.U..G^.U..I^.V..K^.V..L^.V..M^$V..N^0V..O^WV..T^.V..U^.V..V^%W..W^;W..X^KW..Y^qW..Z^.W..[^.X..\^RX..]^yX..b^.X..c^.X..d^.Y..e^.Y..f^.Y..g^'Y..h^=Y..i^XY..j^YY..k^iY..l^lY..o^.Y..p^.Y..q^.Y

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\sw.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):128671
                                              Entropy (8bit):5.3456626209237825
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:9CD6230B42F2F99D9580F7EF84508F9C
                                              SHA1:4F9D82E3C39F2B0D3B0CC32733254AAF38E811B2
                                              SHA-256:FE18B3E9E275D7330706DD19F4AF603A8AD899138374BFCBA8E2C6764F94C190
                                              SHA-512:46A07A61EE7A70B4D261C16D2FEF6F0E8A35CAF371E33E05CA1DC3BDC7F3D304C1DBDB34DDBA7B6BC573A6A58E170D9250CB1B6A4AD8AE6E255704416C022607
                                              Malicious:false
                                              Preview:..........".j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..G..w..G..y..G..z."G..|.(G..}.:G....BG....GG....OG....WG...._G....fG....mG....tG....uG....vG.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H....(H....;H....OH....eH....lH....oH....pH....wH....|H.....H.....H.....H.....H.....H.....H.....H.....H..*..I..+..I..,.+I../.KI..0.NI..1..I..2..I..3..I..4..I..5..I..6..J..7.,J..>.HJ..?.QJ..N.lJ..g.xJ..i.{J..j..J..k..J..l..J...].J...].J...].J...].K...].K...].K...].K...].L...]*L...]LM...]_M...]cM...]qM...^.M...^.M...^.M...^.M...^aN...^.N...^.N...^.N...^.N...^.O...^.O...^#O...^FO...^UO...^.O...^.O...^.O..%^.O..&^.O..'^.O..)^-P..*^_P..+^pP..,^|P..-^.P...^.P../^.P..0^2Q..1^.Q..2^$R..3^;R..4^kR..5^zR..8^.R..9^5S..:^.S..;^.T..<^.T..>^QT..?^.T..@^$U..A^5U..B^HU..C^lU..D^zV..E^.W..F^gW..G^.W..I^.W..K^.W..L^.W..M^.W..N^.W..O^.X..T^cX..U^.X..V^.X..W^.Y..X^.Y..Y^IY..Z^.Y..[^.Y..\^>Z..]^aZ..b^.Z..d^.Z..e^.Z..f^.[..g^.[..h^/[..i^B[..j^C[..k^\[..l^_[..o^|[..p^.[..q^.[..r^.\..s^&\

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\ta.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):313562
                                              Entropy (8bit):4.239267478834166
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:AFBB6F8A11ECB993E73A530E2682848C
                                              SHA1:950D0FA6CD4338084B5FFA72EB49F79B07830466
                                              SHA-256:3D16A99568173AD5760BF195B047C8850E39EC8D308A94F6C81CF7BA733F6F5F
                                              SHA-512:74EE545CDCE2E263BC33279325E0C72336575B36DE7DFE145897964CDE7EB57429CDFF082EC5A06E7F46F75E9BC6D5C4CC3DCA395745E990092CDAC27E56F129
                                              Malicious:false
                                              Preview:..........<.j.TF..k.cF..l.nF..n.vF..o.{F..p..F..q..F..r..F..s..F..t..F..v..F..w..F..y..F..z..F..|..F..}..G.....G.....G.....G....#G....+G....2G....9G....@G....AG....BG.....G.....H....8H....xH.....H.....H.....H.....H.....I....;I....{I.....I.....I....'J.....J....1J....2J....PJ....nJ.....J.....J.....J.....J.....J.... K.....K.....K..*..L..+..L..,.5L../.lL..0..L..1..M..2.JM..3.rM..4..M..5.QN..6..N..7.+O..>..O..?..O..N..O..g..O..i..O..j..O..k..O..l..P...].P...].P...].P...].R...].R...].R...]7S...].S...]ZT...].T...]9W...]mW...].W...].W...^.W...^.W...^SX...^.X...^.Z...^.Z...^.Z...^.Z...^.[...^c[...^u[...^.[...^.[...^.\...^.\...^.\...^.\..%^.\..&^1]..'^V]..)^$^..*^y^..+^.^..,^.^..-^._...^k_../^._..0^.a..1^.b..2^.c..3^.d..4^.d..5^.d..8^1e..9^.f..:^.h..;^.h..<^#i..>^.i..?^'k..@^)l..A^.l..B^.l..C^Lm..D^.o..E^.q..F^!r..G^!s..I^ws..K^.s..L^.s..M^.s..N^.t..O^qt..T^Eu..U^.u..V^.v..W^.v..X^Rw..Y^.w..Z^.y..[^.y..\^.z..]^,{..b^.|..c^.|..d^.}..e^.}..f^)}..g^i}..h^.}..i^.}..j^.}..k^.~..l^.~..o^.~..p^.~..q^<.

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\te.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):292506
                                              Entropy (8bit):4.456018055206471
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:5F441DE15CED6697594E8BC066297348
                                              SHA1:33C64379EC7297404E8AA4A4BA5A7155CD69DC90
                                              SHA-256:4AB6FBF03177BD7AD0908318D5AFFD0CAD142EC5E9ED560043E6B76E590BA995
                                              SHA-512:DAC2982DD5E9337FC3443A87D5DCBBFF46F0FEFDF9E163624BBA1ACD1528F543C84E2A088A83A749543E7B764607C16F1AB1C6C4F9504EFF48180A30681570F3
                                              Malicious:false
                                              Preview:..........".j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..G..w..G..y..G..z."G..|.(G..}.:G....BG....GG....OG....WG...._G....fG....mG....tG....uG....vG.....G....-H....aH.....H.....H.....H.....H.....I....<I....mI.....I.....I.....I.....J....!J....$J....&J....MJ....tJ.....J.....J.....J.....J.....K.....K.....K.....K..*. L..+.#L..,.AL../.xL..0..L..1.-M..2.PM..3.yM..4..M..5..N..6..N..7..N..>.#O..?.6O..N.sO..g..O..i..O..j..O..k..O..l..O...].O...]0P...].P...]=R...]XR...].R...].R...]/S...].S...].T...].U...].V...].V...](V...^oV...^.V...^.V...^KW...^.X...^.Y...^$Y...^.Y...^.Y...^6Z...^TZ...^.Z...^.Z...^.[...^.[...^.[...^!\..%^@\..&^|\..'^.\..)^s]..*^.]..+^.^..,^G^..-^e^...^.^../^._..0^.`..1^:a..2^cb..3^.b..4^.b..5^.c..8^mc..9^$e..:^%g..;^<g..<^.g..>^.h..?^fi..@^@j..A^|j..B^.j..C^.k..D^Qm..E^<n..F^.o..G^.o..I^Hp..K^jp..L^.p..M^.p..N^.p..O^Pq..T^'r..U^.r..V^.s..W^.s..X^?t..Y^.t..Z^.u..[^Gv..\^.w..]^gw..b^.x..c^.x..d^.x..e^.x..f^.x..g^Ly..h^.y..i^.y..j^.y..k^)z..l^,z..o^.z..p^.z..q^-{

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\th.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):246816
                                              Entropy (8bit):4.526207320870026
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:F0A3CE8609D1CEA58D4D0DFC47D433F9
                                              SHA1:9F0497E31AC881960C2B9CE3F75FAC98D6EE300B
                                              SHA-256:31F31B2985C2AB430D373DD3D79821DB0674EDEE163B4AE74DC362051CCC1491
                                              SHA-512:0A722FE6373F0F64A844A8BD79CFF66707E158A908292DB8F5EE883E4732FC55864B06554988836A07039BEFC4020CB837883851DA0455F070BCB63DF390D919
                                              Malicious:false
                                              Preview:..........b.j..F..k..F..l..F..o.%F..p.2F..q.8F..r.GF..s.XF..t.aF..v.vF..w..F..y..F..z..F..|..F..}..F.....F.....F.....F.....F.....F.....F.....F.....F.....F.....F.....F....GG....kG.....G.....G.....H....0H....4H....FH....^H.....H.....H.....H.....H.....I.....I.....I....5I....VI....hI....qI.....I.....I.....I.....I....BJ....wJ..*..J..+..J..,..J../..J..0..J..1.sK..2..K..3..K..4..K..5.>L..6..L..7..L..>."M..?.SM..N.kM..g.~M..i..M..j..M..k..M..l..M...].M...].N...]HN...]]O...]oO...].O...].O...]SP...].P...]cR...].R...].R...].R...^.S...^ S...^kS...^.S...^.T...^.U...^.U...^.U...^.U...^.U...^.U...^.V...^IV...^jV...^.V...^.W...^lW..%^~W..&^.W..'^.W..)^aX..*^.X..+^.X..,^.X..-^.Y...^DY../^.Y..0^.Z..1^.[..2^.\..3^.]..4^Y]..5^w]..8^.]..9^.^..:^.`..;^.`..<^.`..>^Qa..?^&b..@^.b..A^.c..B^:c..C^.c..D^.f..E^.f..F^.g..G^Ph..I^.h..K^.h..L^.h..M^.h..N^.h..O^<i..T^.i..U^.j..V^.k..W^-k..X^Kk..Y^.k..Z^Xl..[^.m..\^.m..]^.m..b^.o..d^,o..e^;o..f^Ao..g^qo..h^.o..i^.o..j^.o..k^.p..l^.p..o^Ap..p^pp..q^.p..r^.q..s^)q..t^tq

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\tr.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):131303
                                              Entropy (8bit):5.614477997540201
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:FE23B2095B245AE359C449CF3AE2D4C4
                                              SHA1:56AF0705886551389DEDB9BA1D9BECC682321977
                                              SHA-256:48B76D081B4398C7AF10BE207751EF3BF67720700C35B17196A4AA0C94526208
                                              SHA-512:94B81F5469620BB7545F3CCDA35845861E92FF7D29351A7F562AC861F718454D3D8DFF324CFC904E484F5551D952BC338F24E284F585A714FFFFF5F3A5445F64
                                              Malicious:false
                                              Preview:............j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..G..v..G..w.'G..y.-G..z.<G..|.BG..}.TG....\G....aG....iG....qG....yG.....G.....G.....G.....G.....G.....G.....G.....G.....H....(H....*H.....H....5H....?H....OH...._H....qH.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....H.....I....1I..*.7I..+.:I..,.XI../.oI..0.xI..1..I..2..I..3..I..4..I..5..J..6.<J..7.YJ..>.~J..?..J..N..J..g..J..i..J..j..J..k..J..l..J...].J...].J...].K...].K...].K...].K...].K...].L...]OL...]VL...]KM...]dM...]kM...]qM...^.M...^.M...^.M...^.M...^.N...^.N...^.N...^.O...^.O...^)O...^1O...^<O...^VO...^gO...^.O...^.O...^.O..%^.O..&^.O..'^.O..)^=P..*^cP..+^rP..,^.P..-^.P...^.P../^.P..0^=Q..2^.Q..3^.Q..4^.Q..5^.Q..8^.R..9^.R..:^aS..;^rS..<^.S..>^.S..?^9T..@^.T..A^.T..B^.T..C^.T..D^ V..E^.V..F^.V..G^.W..I^MW..K^SW..L^dW..M^mW..N^{W..O^.W..T^.W..U^.X..V^rX..W^.X..X^.X..Y^.X..Z^DY..[^.Y..\^.Y..]^.Z..b^.Z..c^.Z..d^.Z..e^.Z..f^.Z..g^.Z..h^.Z..i^.Z..j^.Z..k^.Z..l^.[..o^#[..p^N[..q^k[..r^.[

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\uk.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):216199
                                              Entropy (8bit):5.057813342706528
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:6027526062E6F51A7C99FEEBC9AE1947
                                              SHA1:10D7346A8D6A4DADB48BF7720303EF39F76A564A
                                              SHA-256:5DDF9212CBC6696941547B2E57B02092517BFF6E70529F2EE14D0F593610E14F
                                              SHA-512:52178A648747F3247E32183CDB36ECC9A6314B2BEFA91CAE28D5110C479F5D1FF59AD2C802A75288C17650DE5A2EBCF369E04E760259015FF855FF8299DD9F3D
                                              Malicious:false
                                              Preview:..........%.j..F..k..F..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..F..w..G..y..G..z..G..|."G..}.4G....<G....AG....IG....QG....YG....`G....gG....nG....oG....pG.....G.....G.....H....6H....xH....zH....~H.....H.....H.....H.....H.....I....'I....II....PI....SI....TI....dI....vI.....I.....I.....I.....I.....I.....I....,J....\J..*.mJ..+.pJ..,..J../..J..0..J..1.EK..2.^K..3.|K..4..K..5..K..6.<L..7._L..>..L..?..L..N..L..g..L..i..L..j..L..k..L..l..L...].L...]?M...]nM...].N...].N...].N...].O...];O...].O...].O...];S...]_S...]mS...]{S...^.S...^.S...^.S...^4T...^1U...^.U...^.U...^.U...^.U...^"V...^6V...^UV...^sV...^.V...^.V...^.W...^ W..%^0W..&^NW..'^kW..)^.W..*^9X..+^XX..,^yX..-^.X../^.X..0^]Y..1^.Z..2^.Z..3^.[..4^`[..5^.[..8^.[..9^.\..:^.]..;^.]..<^.^..>^s^..?^C_..@^.`..A^.`..B^.a..C^Ia..D^re..E^rg..F^.h..G^Ii..I^wi..K^.i..L^.i..M^.i..N^.i..O^"j..T^.j..U^.j..V^.k..W^.k..X^.k..Y^Hl..Z^.l..[^fm..\^.m..]^1n..b^(o..d^>o..e^Jo..f^Po..g^.o..h^.o..i^.o..j^.o..k^.o..l^.o..o^%p..p^np..q^.p..r^'q..s^Sq

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\vi.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):155363
                                              Entropy (8bit):5.800734141236524
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:8D1DE53FF78406C42FE554ACC82B5983
                                              SHA1:1B80F071914C9A2F071355973DA7FF3D9508298B
                                              SHA-256:314FF8E069D132D43566143FFE0F5CEBC990A015AC32ED550AC687A4FF78D56F
                                              SHA-512:D027A534F8DDAC3C953D81BA635A8A3FE452E7295FB2AA7D8B9D5A718FFF7CD619323E3914DD6A17EACECB0C6D6F5129C9E793B2925F65DABEC83B9389DB295D
                                              Malicious:false
                                              Preview:..........2.j.hF..k.wF..l..F..n..F..o..F..p..F..q..F..r..F..s..F..t..F..v..F..w..F..y..F..z..G..|..G..}..G...."G....'G..../G....7G....?G....FG....MG....TG....UG....VG....yG.....G.....G.....G.....G.....G.....G.....G.....G.....H....%H....CH....SH....kH....rH....uH....vH.....H.....H.....H.....H.....H.....H.....H.....H.....I....#I..*..I..+.1I..,.OI../.kI..0.xI..1..I..2..I..3..I..4..I..5..I..6./J..7.LJ..>.wJ..?..J..N..J..g..J..i..J..j..J..k..J..l..J...].J...].J...].K...].K...].K...].L...]3L...]uL...].L...].M...].M...].M...].M...^.N...^!N...^ON...^.N...^2O...^rO...^zO...^.O...^.O...^.P...^.P...^$P...^FP...^VP...^.P...^.P...^.P..%^.P..&^.P..'^.Q..)^lQ..*^.Q..+^.Q..,^.Q..-^.Q...^.Q../^!R..0^.R..1^.S..2^.S..3^.S..4^.S..5^.T..8^!T..9^.T..:^.U..;^.U..<^.U..>^/V..?^.V..@^.W..A^.W..B^?W..C^aW..D^.X..E^-Y..F^.Y..G^.Y..I^.Z..K^.Z..L^&Z..M^9Z..N^CZ..O^mZ..T^.Z..U^.Z..V^h[..W^y[..X^.[..Y^.[..Z^E\..[^.\..\^.]..]^1]..b^.^..c^&^..d^/^..e^5^..f^9^..g^S^..h^~^..i^.^..j^.^..k^.^..l^.^..o^.^..p^._..q^#_..r^._

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\zh-CN.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):114748
                                              Entropy (8bit):6.7174096339004095
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:B2E2087F9C688DC3EC45A55742BEDB6A
                                              SHA1:8EFD0726B46FC67CDA9FDC9989C707C23C7B031C
                                              SHA-256:2B255293F6C85ABB09162C825AEA120C3E695156EB952D26D1E5F505BA324B37
                                              SHA-512:2382B2B4D56831BD25D5A3535936D8A1039E00A287BD5AF05628C1A6FC54715FC8AD68AD3F207D6E073A588A66D5FA181E124125E7D1F00A5DE54ED658E5C33E
                                              Malicious:false
                                              Preview:..........b.j..F..k..F..l..F..m.&F..o.,F..p.1F..q.7F..r.FF..s.WF..t.`F..v.uF..w..F..|..F..}..F.....F.....F.....F.....F.....F.....F.....F.....F.....F.....F.....G.... G....,G....>G....PG....RG....VG....\G....hG....tG.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H....1H....EH..*.NH..+.QH..,.~H../..H..0..H..1..H..2..H..3..H..4..H..5..I..6.UI..7.jI..>..I..?..I..N..I..g..I..i..I..j..I..k..I..l..I...].I...].I...].J...]yJ...].J...].J...].J...].J...].J...].K...].K...].K...].K...^.K...^.K...^.L...^@L...^.L...^.L...^.L...^.L...^.M...^#M...^)M...^5M...^PM...^bM...^.M...^.M...^.M..%^.M..&^.M..'^.M..)^-N..*^\N..+^kN..,^wN..-^}N...^.N../^.N..0^-O..1^.O..2^9P..3^HP..4^kP..5^wP..8^.P..9^.Q..:^.Q..;^.Q..<^.Q..>^.R..?^tR..@^.R..A^.R..B^.S..C^.S..D^.S..E^^T..F^.T..G^.T..I^.U..K^.U..L^.U..M^.U..N^%U..O^[U..T^.U..U^.U..V^.V..W^EV..X^ZV..Y^.V..Z^.V..[^HW..\^.W..]^.W..b^bX..c^hX..d^nX..e^qX..f^tX..g^.X..h^.X..i^.X..j^.X..k^.X..l^.X..o^.X..p^!Y..q^;Y..r^.Y..s^.Y..t^.Y

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\locales\zh-TW.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):114042
                                              Entropy (8bit):6.719449431220688
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:32F600C44C8A26FDF518FAFFBCE56B71
                                              SHA1:7481922ABB60EE20F6FAFF9AE4DC4A55F6E6224E
                                              SHA-256:1710CEA2EB84E4FEED749E9E497D01E16B1B244D1A621D380226B8AE7CCE07C6
                                              SHA-512:DA145697AC8D7CE6E8CDF3F6E190C23F9791F4FDC2C1EED2DBC10E8C6377298C4D02DF464752277CD7EC429297860FFE50E7B9DE79632699DD2202B7324F55FE
                                              Malicious:false
                                              Preview:..........c.j..F..k..F..l. F..n.(F..o.-F..p.5F..q.;F..r.JF..s.[F..t.dF..v.yF..w..F..y..F..z..F..|..F..}..F.....F.....F.....F.....F.....F.....F.....F.....F.....G....(G....4G....CG....RG....VG....ZG....`G....iG....uG.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....G.....H.....H.....H....;H....OH..*.XH..+.[H..,..H../..H..0..H..1..H..2..H..3..H..4..I..5.#I..6.aI..7.vI..>..I..?..I..N..I..g..I..i..I..j..I..k..I..l..I...].I...].I...].J...].J...].J...].J...].J...].J...]%K...]1K...].K...].L...].L...] L...^/L...^5L...^ML...^zL...^.L...^.M...^.M...^?M...^QM...^lM...^rM...^~M...^.M...^.M...^.M...^.M...^.N..%^.N..&^#N..'^/N..)^.N..*^.N..+^.N..,^.N..-^.N...^.N../^.O..0^.O..1^.O..2^vP..3^.P..4^.P..5^.P..8^.P..9^TQ..:^.Q..;^.R..<^ R..>^MR..?^.R..@^.S..A^(S..B^4S..C^LS..D^.T..E^.T..F^.T..G^.U..I^/U..K^5U..L^AU..M^GU..N^SU..O^.U..T^.U..U^.U..V^FV..W^eV..X^tV..Y^.V..Z^.V..[^FW..\^.W..]^.W..b^DX..c^JX..d^PX..e^SX..f^VX..g^nX..h^.X..i^.X..j^.X..k^.X..l^.X..o^.X..p^.Y..q^.Y..r^]Y..s^qY

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\resources.pak

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):5113713
                                              Entropy (8bit):7.996602002236813
                                              Encrypted:true
                                              SSDEEP:
                                              MD5:A1E5AAFE5A1509EF461D584C98484FF7
                                              SHA1:455A36FFF7A12989D0D1FC944A3C8840141D865A
                                              SHA-256:DD0CDD9201C5966DCC8B3AC3F587FDB05CAD09547E267E0D16B8B1A3CFF14772
                                              SHA-512:F98E33FE7E89A7798C6C274B4220C7C5262A2CEDD0C0A04C7821634679F71145ECA78C7A36A9F576712A00FFBABFABF58C958483D2D69FA9960178A7C3581946
                                              Malicious:false
                                              Preview:............f.....h..&.....&.....&.....*.....0.....0.....0.....0...0.0...0,9...0.;...07M...0nV...0.^...0.`...0Wg...0.i...0.l...0.l...0.n...0.o...0.p...0.u...0Yz...0.....0k....0.....0h....0.....0f....0.....0....0$....0d....0.....0.....0;....0.....0.....0J....0.....0Z....1z....1w....1.....1.....1F3..(7O6..-7.A...7.B../7.E..07sJ..17'T..27.U..37.W..47?l..57.q..67....77...87....97\...:7....;7....<7....=7....>7....?7....@7X...A7....B7Z...C7....D7....E7....F7....G7....H7....j7X...k7....l7....m7H...n7....o7....p7....q7....r7.,..s7.7..t7.d..u7vl..v7L...w7e...x7u...y7!...z7....{7....|7Y...}7...~7u....72....7.....7....7.....7.....7....7....7U....7e....7"....;d....;.....;.....;.....;G....;U....<O....<*....<.....<.....<.....<O....<.....<.....<.....<.....<(2...<.5...<.k...<yp...<.x...<M....<.....<.....<.....<.....<....<.....<.....<j....<.....<O....H.(...H.-...H.2...H.3...H.7...H.J...H.S...H.V...H_Y...Hma...H.f...H,l...H.v...H.|...H=....HR....H.....H.....H.....Hi....H.....H.....H0....H.....H..

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\resources\app.asar

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):35557128
                                              Entropy (8bit):6.210627062782269
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:05E228EF13DA21E56C55E2772CE7110B
                                              SHA1:87D351581604D4638C1031ABE52118E207C1B86B
                                              SHA-256:6360D47E3903450C6647E0AE15423A70242E70E714114666FF58A105FE1F29D2
                                              SHA-512:8268F55BC6A421803E6597F9CA75711A9DB2F3DD11863E41606A5F698243F68CAE8F0B9073ABD8447366ADCF5853F89E82F26114F79ABDDA43F4C75EB90171EE
                                              Malicious:false
                                              Preview:....8...4.......{"files":{"icon.ico":{"size":270398,"integrity":{"algorithm":"SHA256","hash":"85db7f849c7a0a41bb581446f773437ef2175b2952ed9224f00c6abbc9543c0f","blockSize":4194304,"blocks":["85db7f849c7a0a41bb581446f773437ef2175b2952ed9224f00c6abbc9543c0f"]},"offset":"0"},"package.json":{"size":1372,"integrity":{"algorithm":"SHA256","hash":"85cce53211667127ebd8aa37ac383a0cf0d1b4fe918509a6df5d0a2c91afa116","blockSize":4194304,"blocks":["85cce53211667127ebd8aa37ac383a0cf0d1b4fe918509a6df5d0a2c91afa116"]},"offset":"270398"},"src.rar":{"size":1390923,"integrity":{"algorithm":"SHA256","hash":"fd786f9c88d4b6534e2e263ebbd27101a3df5f6e579b02b2e98652c1fb1a6998","blockSize":4194304,"blocks":["fd786f9c88d4b6534e2e263ebbd27101a3df5f6e579b02b2e98652c1fb1a6998"]},"offset":"271770"},"src":{"files":{"alien.png":{"size":184182,"integrity":{"algorithm":"SHA256","hash":"61d672610d6b7e83fe83142c2f90b355343f8c9b14ba76efb829d855d0df33c9","blockSize":4194304,"blocks":["61d672610d6b7e83fe83142c2f90b355343f8c9

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\resources\elevate.exe

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:PE32 executable (console) Intel 80386, for MS Windows
                                              Category:dropped
                                              Size (bytes):107520
                                              Entropy (8bit):6.442687067441468
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:792B92C8AD13C46F27C7CED0810694DF
                                              SHA1:D8D449B92DE20A57DF722DF46435BA4553ECC802
                                              SHA-256:9B1FBF0C11C520AE714AF8AA9AF12CFD48503EEDECD7398D8992EE94D1B4DC37
                                              SHA-512:6C247254DC18ED81213A978CCE2E321D6692848C64307097D2C43432A42F4F4F6D3CF22FB92610DFA8B7B16A5F1D94E9017CF64F88F2D08E79C0FE71A9121E40
                                              Malicious:false
                                              Antivirus:
                                              • Antivirus: ReversingLabs, Detection: 0%
                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......B..O..............h.......j.q.....k.....e......e......e.......zR........._...h......h.f.............h......Rich....................PE..L......W............................l........0....@.......................................@....................................P.......x.......................T.......p...............................@............0..$............................text............................... ..`.rdata...k...0...l..................@..@.data...............................@....gfids..............................@..@.rsrc...x...........................@..@.reloc..T...........................@..B........................................................................................................................................................................................................................................................

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\snapshot_blob.bin

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):405456
                                              Entropy (8bit):3.3151721500305027
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:F14A9115EDBCC4697515DB49CDAF5B08
                                              SHA1:9C43D69BA11A03278885DC7F285584278DE9CA11
                                              SHA-256:F25DDF52F68DE295BF1CDBD4F7FC6AA9D8F882A16A2F97B4E08E322B6B90546E
                                              SHA-512:3C646B258A2BA7CD3E1D878D3009D181302D790F324C4C2B10A9EEEBBEAB9C49AB43B15B3154AE99749410DEBB2F3AD8D121979EC11E44AD074E1F675CF05DC0
                                              Malicious:false
                                              Preview:........#..<10.0.139.17-electron.0..........................................h....n......M.......a........a........a........at.......a........a.......... ....9.`H...D..W.....W.....W...D. ..Y.`H...D..W.....W.....W...D. ..`H...D..W.....W.....W...D. ....`H...D..W.....W.....W...D. ....`....D..W.....W.....W...D. ..).`H...D..W.....W.....W...D. ....`H...D..W.....W.....W...D. ..`H...D..W.....W.....W...D. ..`H...D..W.....W.....W...D. ..Y.`H...D..W.....W.....W...D. ..`H...D..W.....W.....W...D.(Jb....!.....@..F^.....U`....`.....(Jb....B.....@..F^...`.....D...IDa........D`....D`....D`.......`.....D].......D`.......VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa............L`.....HD...%.D...L.....................................................................................................................................

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\swiftshader\libEGL.dll

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                              Category:dropped
                                              Size (bytes):459776
                                              Entropy (8bit):6.292318384263477
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:29AE8BEF0CF8B6A26F4BEBC5A20900DA
                                              SHA1:515ABE76943288D531B35C1B4C764D1DBDB281DB
                                              SHA-256:711CF342B3A008C9116F6138358A67007A29D281D09CF23D20A5E17AA503EE9B
                                              SHA-512:99981E7074B580ACE154C36D0AA1542DCDB979F36476B680EF19C3FD8A9126B5A808E6E1CF2224D20BA22C328B9A621C280C4FFA74638E358297809001D737AD
                                              Malicious:false
                                              Antivirus:
                                              • Antivirus: ReversingLabs, Detection: 0%
                                              Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d.....{b.........." ......................................................................`A........................................`.......q#..P....p...........=..............p...............................(....3..0............&..(............................text...f........................... ..`.rdata..L.... ......................@..@.data....M....... ..................@....pdata...=.......>..................@..@.00cfg..(....@......................@..@.tls.........P......................@..._RDATA.......`......................@..@.rsrc........p......................@..@.reloc..p...........................@..B................................................................................................................................................................................................................................................................

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\swiftshader\libGLESv2.dll

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                              Category:dropped
                                              Size (bytes):3189760
                                              Entropy (8bit):6.423659291721246
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:DC060F0BE506DC5B48402C2FFD62C3A1
                                              SHA1:3988BB810D92B2E317767F8E25D3D1E43F0A6F68
                                              SHA-256:A97834A44A1E28B574C967F1CB93B97CD19E26616439133C11C9DDA4B26D605B
                                              SHA-512:04CF84033462A521C45B71F31AB007F712C6B2F5CFBFC97CE7DBF60074D525933AF6388D9EDE366A00A0983BA4E34A1B318A759CFBBB520ED621DF9979BB315B
                                              Malicious:false
                                              Antivirus:
                                              • Antivirus: ReversingLabs, Detection: 0%
                                              Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d.....{b.........." .....R+..V.......]'.......................................6...........`A............................................. ......d.....5.......4...............5.x1..<...........................(.....+.0............................................text....P+......R+................. ..`.rdata..<....p+......V+.............@..@.data........./.. ...p/.............@....pdata........4......./.............@..@.00cfg..(.....5......p0.............@..@.tls....).....5......r0.............@..._RDATA........5......t0.............@..@.rsrc.........5......v0.............@..@.reloc..x1....5..2...z0.............@..B................................................................................................................................................................................................................................................................

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\v8_context_snapshot.bin

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):726296
                                              Entropy (8bit):4.668258384826135
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:DD0D4997DFAB65B96AAD66D035F6029C
                                              SHA1:65FAA1DBB7CCD902F1F1AF544F6941234FF679D3
                                              SHA-256:F033FB86FA92DF1BE464DE590AA312CC016BC5D6BEA26672C896BF4D3F1261CD
                                              SHA-512:86B06BD0F91F50BD13B3AF179F3F498F10A225D25BA5CA32258F75567E601C3F48F7A3FB436C3B0D2BA53CC9EAAA8F74C95B44458628B0EA716563694A3C7002
                                              Malicious:false
                                              Preview:.........lrz10.0.139.17-electron.0..........................................x....v...C......P...M.......a........a........aR.......at.......a........a.......... ....9.`H...D..W.....W.....W...D. ..Y.`H...D..W.....W.....W...D. ..`H...D..W.....W.....W...D. ....`H...D..W.....W.....W...D. ....`....D..W.....W.....W...D. ..).`H...D..W.....W.....W...D. ....`H...D..W.....W.....W...D. ..`H...D..W.....W.....W...D. ..`H...D..W.....W.....W...D. ..Y.`H...D..W.....W.....W...D. ..`H...D..W.....W.....W...D.(Jb....!.....@..F^.....U`....`.....(Jb....B.....@..F^...`.....D...IDa........D`....D`....D`.......`.....D].......D`.......VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa...........VIa............L`.....HD...%.D...L.............................................................................................................................

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\vk_swiftshader.dll

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                              Category:dropped
                                              Size (bytes):4654592
                                              Entropy (8bit):6.2751649857298615
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:6B40CE4AF617399536D0EA6EDC84BAAD
                                              SHA1:55C91309FE49AF121DD3DE9C24F60B8CFEA680F1
                                              SHA-256:C64B87D7CEBDAEE8B779859059A6C63FB47C8102A4F7311D678895F87B825C59
                                              SHA-512:9C4CADDB2F6BA7D17683D662A1D9ECD2EFCDF1FC081E0127260F0266EDA78B42C684BCAD5BCCBDC03A06619B9AE4960CCEA67472D7650C53E67A5A70BE6E36C6
                                              Malicious:false
                                              Antivirus:
                                              • Antivirus: ReversingLabs, Detection: 0%
                                              Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d.....{b.........." .....":......... .2.......................................H...........`A........................................xeD.....o.D.P.....H.......F..1............H.Pi...6D......................5D.(....S:.0.............D.H............................text....!:......":................. ..`.rdata..L....@:......&:.............@..@.data....,...`E..&...8E.............@....pdata...1....F..2...^E.............@..@.00cfg..(.....G.......F.............@..@.tls....A.....G.......F.............@..._RDATA........G.......F.............@..@.rsrc.........H.......F.............@..@.reloc..Pi....H..j....F.............@..B................................................................................................................................................................................................................................................................

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\vk_swiftshader_icd.json

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:JSON data
                                              Category:dropped
                                              Size (bytes):106
                                              Entropy (8bit):4.724752649036734
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:8642DD3A87E2DE6E991FAE08458E302B
                                              SHA1:9C06735C31CEC00600FD763A92F8112D085BD12A
                                              SHA-256:32D83FF113FEF532A9F97E0D2831F8656628AB1C99E9060F0332B1532839AFD9
                                              SHA-512:F5D37D1B45B006161E4CEFEEBBA1E33AF879A3A51D16EE3FF8C3968C0C36BBAFAE379BF9124C13310B77774C9CBB4FA53114E83F5B48B5314132736E5BB4496F
                                              Malicious:false
                                              Preview:{"file_format_version": "1.0.0", "ICD": {"library_path": ".\\vk_swiftshader.dll", "api_version": "1.0.5"}}

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\7z-out\vulkan-1.dll

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                              Category:dropped
                                              Size (bytes):850432
                                              Entropy (8bit):6.547858375062584
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:4783D34314EF4FEB241F4FDF36499521
                                              SHA1:89296D6AC36CD005045DB7307BF31005D0CF29A7
                                              SHA-256:6E8BEB4E9DA77313F40E75C4FFAEEAA522B6F054FD792631EC1EFCF8248CA63B
                                              SHA-512:7EF1B0E89590B4AF20F182BED9D82D5175D1C8C675FC3D05DC0EB2F834052124C877135FC68B2988683CF35E8B25870E45F7C126349D28125C021C8EEB4998AC
                                              Malicious:false
                                              Antivirus:
                                              • Antivirus: ReversingLabs, Detection: 0%
                                              Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d.....{b.........." ......... .......n....................................................`A........................................X...@!......P....p..........|e.............................................(.......0............................................text...v........................... ..`.rdata.............................@..@.data....M....... ...\..............@....pdata..|e.......f...|..............@..@.00cfg..(....@......................@..@.tls.........P......................@..._RDATA.......`......................@..@.rsrc........p......................@..@.reloc..............................@..B................................................................................................................................................................................................................................................................

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\System.dll

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                              Category:dropped
                                              Size (bytes):12288
                                              Entropy (8bit):5.719859767584478
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:0D7AD4F45DC6F5AA87F606D0331C6901
                                              SHA1:48DF0911F0484CBE2A8CDD5362140B63C41EE457
                                              SHA-256:3EB38AE99653A7DBC724132EE240F6E5C4AF4BFE7C01D31D23FAF373F9F2EACA
                                              SHA-512:C07DE7308CB54205E8BD703001A7FE4FD7796C9AC1B4BB330C77C872BF712B093645F40B80CE7127531FE6746A5B66E18EA073AB6A644934ABED9BB64126FEA9
                                              Malicious:false
                                              Antivirus:
                                              • Antivirus: ReversingLabs, Detection: 0%
                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......qr*.5.D.5.D.5.D...J.2.D.5.E.!.D.....2.D.a0t.1.D.V1n.4.D..3@.4.D.Rich5.D.........PE..L....~.\...........!....."...........).......@...............................p............@..........................B.......@..P............................`.......................................................@..X............................text.... .......".................. ..`.rdata..c....@.......&..............@..@.data...x....P.......*..............@....reloc.......`.......,..............@..B................................................................................................................................................................................................................................................................................................................................................................................................

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\app-64.7z

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:7-zip archive data, version 0.4
                                              Category:dropped
                                              Size (bytes):64183521
                                              Entropy (8bit):7.999990117864593
                                              Encrypted:true
                                              SSDEEP:
                                              MD5:05A4F696BE023A221398BB88B61B2213
                                              SHA1:28B8D308B02454754BED9CDC4A9B45BC7273A31C
                                              SHA-256:6CADFED0B64C26160D069AABB21D5946DAF19F6F9AF043AC884E83D78AA7F435
                                              SHA-512:815393565B2B367D2580B74065008EFE95D8D9BA6C74974B0FC6EDA127CD6A1E0CEE4109E27FE07371B1D49ED0F8380E8458F1D65D75B580C33DF9EFB4E95B25
                                              Malicious:false
                                              Preview:7z..'...nh!..\......%................]...6...7p.........l.{e/-X,.7..7.......uN...4.G\.q......pWE......'.....<}...%w..1b......F.Ze.-.D..*....i.K.)..J.h:...&..:Hyo\.~...8w.1.X.Bm.$d..k..3:.....T.-Z'....E9.O#.@od.j:..s....!.......M.C..*L....08!v...^....kk......rRm....|D. }SdeO.cpw.N.5'...*s.~T.F.\u.L2.c<.....*..H.K.?m..,..1A.C....]wK..$......+...a.`..@.....~~K..g.Dq..9G."......u.c...A....z.Qh.m..r..W.). ..R.a.x......O....< ...lT..2.Q......+.I...Q.=uQ..3e.....u.d!X..<z.=..q0.'ys..%..Y-..fQ(_..Y.d.2.I-.nq>BIS...._ .]h.6d.+..[el...)BL`.....gW.?.`S...J..Yn.7.-di........ .J.Qw.!m...#..r...kM.I....'<.Z..../....H.Xi..vd.y..:..._.;b...9C.jf..O.O...H."......c.d....)/ML...(F...*.*4......m...M.a.&..[l..^..j..e.4......... ....m.bg.{.m.>......q..t....B..FmI..Df....`c...3J5+....R....>.@..........jF..*|...l.q..V...I...C..WU...r~. .<Xy?.dv.MP+..Rf...3T.ivK....{.I4....:~...a[E...]q.1V{.......W...Z.8i."....^|....$w...[..D......Tz.j.$.....S....;.C..S..T.g..-

                                              C:\Users\user\AppData\Local\Temp\nso54DD.tmp\nsis7z.dll

                                              Download File
                                              Process:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                              Category:dropped
                                              Size (bytes):434176
                                              Entropy (8bit):6.584811966667578
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:80E44CE4895304C6A3A831310FBF8CD0
                                              SHA1:36BD49AE21C460BE5753A904B4501F1ABCA53508
                                              SHA-256:B393F05E8FF919EF071181050E1873C9A776E1A0AE8329AEFFF7007D0CADF592
                                              SHA-512:C8BA7B1F9113EAD23E993E74A48C4427AE3562C1F6D9910B2BBE6806C9107CF7D94BC7D204613E4743D0CD869E00DAFD4FB54AAD1E8ADB69C553F3B9E5BC64DF
                                              Malicious:false
                                              Antivirus:
                                              • Antivirus: ReversingLabs, Detection: 0%
                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......L.6a..X2..X2..X2m.[3..X2m.]3..X2Z.]3+.X2Z.\3..X2Z.[3..X2m.\3..X2m.Y3..X2..Y2..X2..\3#.X2..]3..X2..X3..X2...2..X2...2..X2..Z3..X2Rich..X2........PE..L.....\...........!......................... ...............................@............@..........................6.......7..d................................E.....................................@............ ...............................text............................... ..`.rdata..8"... ...$..................@..@.data........P... ...6..............@....rsrc................V..............@..@.reloc...E.......F...Z..............@..B........................................................................................................................................................................................................................................................................................

                                              C:\Users\user\AppData\Roaming\GalacticShooter\04b16f74-0b7a-4849-97de-6efe4a288cee.tmp

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:JSON data
                                              Category:dropped
                                              Size (bytes):389
                                              Entropy (8bit):5.590794480114179
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:0082A334231E182833B702DAF5F26A18
                                              SHA1:598298596ACD6E68C521E5C97F65CC84A885318C
                                              SHA-256:856CE0C2657FADBDE6EC99906EAD5708BFFDD93B1C98F24AEFF7ACE9422E5465
                                              SHA-512:91E782A8641922E8C4207EC5EB98E84CBC8E037F8480F4B02FF804E2BBB1EBA53FE2D12BFE0BB971BA79F9A8B998279621D943C5DFEBCFD4DF6ADBDA17CF2AEB
                                              Malicious:false
                                              Preview:{"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAC2mpM6QsfrTYgH1P4q0jk2AAAAAAIAAAAAABBmAAAAAQAAIAAAAGn4tyr4wpkDE2QAqFtgSt9RKUhleTMQo5ykFOxF9reLAAAAAA6AAAAAAgAAIAAAAFSmmIwgsJubo2O8D/BzsHZtu1MJNFJlQvKq5Pth2ZLWMAAAALAKymVbaw1hkof6BUzJWcBrGbGoeIsUmwyzH/Wg+UZZnRwWUdrek506+gMoxR03xEAAAAAwNYe0LQu4r5New+lK8DrpRHdn3bvj6bWPY6eIerK+pHfU7zA3BhqoXZOXRCH/kkgi62xgLOAlrVlprVgL6RRz"}}

                                              C:\Users\user\AppData\Roaming\GalacticShooter\981b4b6b-0325-4e85-a9c7-b40f50e02316.tmp

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:JSON data
                                              Category:modified
                                              Size (bytes):57
                                              Entropy (8bit):4.283088322451805
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:58127C59CB9E1DA127904C341D15372B
                                              SHA1:62445484661D8036CE9788BAEABA31D204E9A5FC
                                              SHA-256:BE4B8924AB38E8ACF350E6E3B9F1F63A1A94952D8002759ACD6946C4D5D0B5DE
                                              SHA-512:8D1815B277A93AD590FF79B6F52C576CF920C38C4353C24193F707D66884C942F39FF3989530055D2FADE540ADE243B41B6EB03CD0CC361C3B5D514CCA28B50A
                                              Malicious:false
                                              Preview:{"spellcheck":{"dictionaries":["en-US"],"dictionary":""}}

                                              C:\Users\user\AppData\Roaming\GalacticShooter\Cache\Cache_Data\data_0

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):45056
                                              Entropy (8bit):0.012052649008071722
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:CAC3ECEC68ACF4E3C4BC622E5EDAE0D5
                                              SHA1:844E416D507C052FCD62D17BBED4763E511D898F
                                              SHA-256:0B4B7E9D255C93B4FB1D05957E47B9168096EF5EFB8CA6647AFE9885628D33E3
                                              SHA-512:A6F6D6EFFEED1ACF493128EB32C607C777807E271FF62077A4C37F83F9BA2427E512361D96DB6379B40CFB3064C3A12C394045FEF369E1BAEA5A03137C4188C9
                                              Malicious:false
                                              Preview:............$...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                              C:\Users\user\AppData\Roaming\GalacticShooter\Cache\Cache_Data\data_1

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):270336
                                              Entropy (8bit):0.006517850155918223
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:5F69A4D788B8D9DDD014E19202A25367
                                              SHA1:3CE23F7A16E17DD6F4448291DE800463959700B5
                                              SHA-256:D0E3E5709457AD903EE614EB75726B51FF83B084E0988E760A0662867A55EC02
                                              SHA-512:8833862E042863C4D11203E3669E93A3D76652710E239884DBC4501246B530AF1DCC595F0CA99D29BDA158CA20CB262662F10B9208F466F17BA01FCE8399EC4D
                                              Malicious:false
                                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                              C:\Users\user\AppData\Roaming\GalacticShooter\Cache\Cache_Data\data_2

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):8192
                                              Entropy (8bit):0.011852361981932763
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:0962291D6D367570BEE5454721C17E11
                                              SHA1:59D10A893EF321A706A9255176761366115BEDCB
                                              SHA-256:EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7
                                              SHA-512:F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED
                                              Malicious:false
                                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                              C:\Users\user\AppData\Roaming\GalacticShooter\Cache\Cache_Data\data_3

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):8192
                                              Entropy (8bit):0.012340643231932763
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:41876349CB12D6DB992F1309F22DF3F0
                                              SHA1:5CF26B3420FC0302CD0A71E8D029739B8765BE27
                                              SHA-256:E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
                                              SHA-512:E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E
                                              Malicious:false
                                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                              C:\Users\user\AppData\Roaming\GalacticShooter\Cache\Cache_Data\index

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:FoxPro FPT, blocks size 512, next free block index 3284796353, field type 0
                                              Category:dropped
                                              Size (bytes):524656
                                              Entropy (8bit):5.027445846313988E-4
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:F452F1441516FDA83A05BDF8A1E24325
                                              SHA1:555132FA6759EADB61DBDD4EC142498EFDCD53C3
                                              SHA-256:F8E7969369CB2F699E075BD352E0CDD40DC88682FA77DE712725A9CF5A2201FB
                                              SHA-512:CEFC9ECC014FF77295B2B87301BF78AD3E467CF030408699C815A9FAAFC5ACEF0DF4EE618B32009AD22F78C64A7833EFB1EC18E0A0EACEF5180F25F4BAA60FC9
                                              Malicious:false
                                              Preview:............................................X/.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                              C:\Users\user\AppData\Roaming\GalacticShooter\Code Cache\js\index

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):24
                                              Entropy (8bit):2.1431558784658327
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:54CB446F628B2EA4A5BCE5769910512E
                                              SHA1:C27CA848427FE87F5CF4D0E0E3CD57151B0D820D
                                              SHA-256:FBCFE23A2ECB82B7100C50811691DDE0A33AA3DA8D176BE9882A9DB485DC0F2D
                                              SHA-512:8F6ED2E91AED9BD415789B1DBE591E7EAB29F3F1B48FDFA5E864D7BF4AE554ACC5D82B4097A770DABC228523253623E4296C5023CF48252E1B94382C43123CB0
                                              Malicious:false
                                              Preview:0\r..m..................

                                              C:\Users\user\AppData\Roaming\GalacticShooter\Code Cache\js\index-dir\temp-index

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):48
                                              Entropy (8bit):2.9972243200613975
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:0947B189EAECB3AE383BB1C2F5A1226A
                                              SHA1:E423951FA46DDC1DF5F1D1D76E16EC7C0D7017BF
                                              SHA-256:9465D1ECE95732C4E00E6C2D2EF5E912348FBEE47ACAA99A18822DE6918D749F
                                              SHA-512:E0C3CA73FA780CB5AC7B6E7EC752EBBB6F2F11E51B924A6ED50A023D7823C714214BC2BE8FF293310BC418D32AFF01F1DB91B1B74F3795DF44C2C6592B6FE027
                                              Malicious:false
                                              Preview:(...}j..oy retne.........................Z..X/.

                                              C:\Users\user\AppData\Roaming\GalacticShooter\Code Cache\js\index-dir\the-real-index (copy)

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):48
                                              Entropy (8bit):2.9972243200613975
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:0947B189EAECB3AE383BB1C2F5A1226A
                                              SHA1:E423951FA46DDC1DF5F1D1D76E16EC7C0D7017BF
                                              SHA-256:9465D1ECE95732C4E00E6C2D2EF5E912348FBEE47ACAA99A18822DE6918D749F
                                              SHA-512:E0C3CA73FA780CB5AC7B6E7EC752EBBB6F2F11E51B924A6ED50A023D7823C714214BC2BE8FF293310BC418D32AFF01F1DB91B1B74F3795DF44C2C6592B6FE027
                                              Malicious:false
                                              Preview:(...}j..oy retne.........................Z..X/.

                                              C:\Users\user\AppData\Roaming\GalacticShooter\Code Cache\wasm\index

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):24
                                              Entropy (8bit):2.1431558784658327
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:54CB446F628B2EA4A5BCE5769910512E
                                              SHA1:C27CA848427FE87F5CF4D0E0E3CD57151B0D820D
                                              SHA-256:FBCFE23A2ECB82B7100C50811691DDE0A33AA3DA8D176BE9882A9DB485DC0F2D
                                              SHA-512:8F6ED2E91AED9BD415789B1DBE591E7EAB29F3F1B48FDFA5E864D7BF4AE554ACC5D82B4097A770DABC228523253623E4296C5023CF48252E1B94382C43123CB0
                                              Malicious:false
                                              Preview:0\r..m..................

                                              C:\Users\user\AppData\Roaming\GalacticShooter\Code Cache\wasm\index-dir\temp-index

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):48
                                              Entropy (8bit):2.9138909867280645
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:70D3D83EE8E811A72AAB2B0E1147FF59
                                              SHA1:A3599ABCA3EEE0DA1BB781601C02450EB576E89F
                                              SHA-256:DA26EE3FFDE5B381B94845B6BCD573DA4689B865B91C4CD5DAF8BB40C40E8C72
                                              SHA-512:C1766647870F10E98A81213A9F44A14C9EEDF552092C32D43E7AD9B5FC61549994CB6E1243E2F0493E529BDFF828BF2E1E0A07016A65B185151BCB08CE9A2B06
                                              Malicious:false
                                              Preview:(...i.tgoy retne............................X/.

                                              C:\Users\user\AppData\Roaming\GalacticShooter\Code Cache\wasm\index-dir\the-real-index (copy)

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):48
                                              Entropy (8bit):2.9138909867280645
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:70D3D83EE8E811A72AAB2B0E1147FF59
                                              SHA1:A3599ABCA3EEE0DA1BB781601C02450EB576E89F
                                              SHA-256:DA26EE3FFDE5B381B94845B6BCD573DA4689B865B91C4CD5DAF8BB40C40E8C72
                                              SHA-512:C1766647870F10E98A81213A9F44A14C9EEDF552092C32D43E7AD9B5FC61549994CB6E1243E2F0493E529BDFF828BF2E1E0A07016A65B185151BCB08CE9A2B06
                                              Malicious:false
                                              Preview:(...i.tgoy retne............................X/.

                                              C:\Users\user\AppData\Roaming\GalacticShooter\GPUCache\data_0

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
                                              Category:dropped
                                              Size (bytes):8192
                                              Entropy (8bit):0.01057775872642915
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:CF89D16BB9107C631DAABF0C0EE58EFB
                                              SHA1:3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B
                                              SHA-256:D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E
                                              SHA-512:8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0
                                              Malicious:false
                                              Preview:............$...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                              C:\Users\user\AppData\Roaming\GalacticShooter\GPUCache\data_1

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):270336
                                              Entropy (8bit):8.280239615765425E-4
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:D0D388F3865D0523E451D6BA0BE34CC4
                                              SHA1:8571C6A52AACC2747C048E3419E5657B74612995
                                              SHA-256:902F30C1FB0597D0734BC34B979EC5D131F8F39A4B71B338083821216EC8D61B
                                              SHA-512:376011D00DE659EB6082A74E862CFAC97A9BB508E0B740761505142E2D24EC1C30AA61EFBC1C0DD08FF0F34734444DE7F77DD90A6CA42B48A4C7FAD5F0BDDD17
                                              Malicious:false
                                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                              C:\Users\user\AppData\Roaming\GalacticShooter\GPUCache\data_2

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):8192
                                              Entropy (8bit):0.011852361981932763
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:0962291D6D367570BEE5454721C17E11
                                              SHA1:59D10A893EF321A706A9255176761366115BEDCB
                                              SHA-256:EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7
                                              SHA-512:F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED
                                              Malicious:false
                                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                              C:\Users\user\AppData\Roaming\GalacticShooter\GPUCache\data_3

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):8192
                                              Entropy (8bit):0.012340643231932763
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:41876349CB12D6DB992F1309F22DF3F0
                                              SHA1:5CF26B3420FC0302CD0A71E8D029739B8765BE27
                                              SHA-256:E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
                                              SHA-512:E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E
                                              Malicious:false
                                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                              C:\Users\user\AppData\Roaming\GalacticShooter\GPUCache\index

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:FoxPro FPT, blocks size 512, next free block index 3284796353, field type 0
                                              Category:dropped
                                              Size (bytes):262512
                                              Entropy (8bit):9.629307656487099E-4
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:9831DF8FDFF2D7B88DABD0210BED9ECE
                                              SHA1:E2DA2C2EAF55D5DC0D0DB6B1FBDADEBB1F13BC70
                                              SHA-256:37428EE152C4D1C9E2464EDEA367A5F7E57120744D8072FFB46581A6E0968D30
                                              SHA-512:3827E3080A1B66D24A89BE79F1600AD3156F76F6BEA89957B8915B4BDD99105D421BD6396F90BFA0E43977C33D8F93EFA81416250504264A5ECEC3AA4ECCEA77
                                              Malicious:false
                                              Preview:............................................X/.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                              C:\Users\user\AppData\Roaming\GalacticShooter\Local State (copy)

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:JSON data
                                              Category:dropped
                                              Size (bytes):389
                                              Entropy (8bit):5.590794480114179
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:0082A334231E182833B702DAF5F26A18
                                              SHA1:598298596ACD6E68C521E5C97F65CC84A885318C
                                              SHA-256:856CE0C2657FADBDE6EC99906EAD5708BFFDD93B1C98F24AEFF7ACE9422E5465
                                              SHA-512:91E782A8641922E8C4207EC5EB98E84CBC8E037F8480F4B02FF804E2BBB1EBA53FE2D12BFE0BB971BA79F9A8B998279621D943C5DFEBCFD4DF6ADBDA17CF2AEB
                                              Malicious:false
                                              Preview:{"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAC2mpM6QsfrTYgH1P4q0jk2AAAAAAIAAAAAABBmAAAAAQAAIAAAAGn4tyr4wpkDE2QAqFtgSt9RKUhleTMQo5ykFOxF9reLAAAAAA6AAAAAAgAAIAAAAFSmmIwgsJubo2O8D/BzsHZtu1MJNFJlQvKq5Pth2ZLWMAAAALAKymVbaw1hkof6BUzJWcBrGbGoeIsUmwyzH/Wg+UZZnRwWUdrek506+gMoxR03xEAAAAAwNYe0LQu4r5New+lK8DrpRHdn3bvj6bWPY6eIerK+pHfU7zA3BhqoXZOXRCH/kkgi62xgLOAlrVlprVgL6RRz"}}

                                              C:\Users\user\AppData\Roaming\GalacticShooter\Local Storage\leveldb\000001.dbtmp

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:ASCII text
                                              Category:dropped
                                              Size (bytes):16
                                              Entropy (8bit):3.2743974703476995
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:46295CAC801E5D4857D09837238A6394
                                              SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                              SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                              SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                              Malicious:false
                                              Preview:MANIFEST-000001.

                                              C:\Users\user\AppData\Roaming\GalacticShooter\Local Storage\leveldb\CURRENT (copy)

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:ASCII text
                                              Category:dropped
                                              Size (bytes):16
                                              Entropy (8bit):3.2743974703476995
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:46295CAC801E5D4857D09837238A6394
                                              SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                              SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                              SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                              Malicious:false
                                              Preview:MANIFEST-000001.

                                              C:\Users\user\AppData\Roaming\GalacticShooter\Local Storage\leveldb\LOG

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:ASCII text
                                              Category:dropped
                                              Size (bytes):263
                                              Entropy (8bit):5.222485302174003
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:391A7D6EDEE4A79945B681AE4962F9BD
                                              SHA1:2C235F9B2C879BF328AF01112FA48EEBB5CA9F4D
                                              SHA-256:63ECE46DBED93C927427847B2C3BB2D8FDA84E7C0E5887D48422D26CA2229DE9
                                              SHA-512:F22A4C3D775B05A8B945E1A5568BF4E13429FF6F3EDFF85AAB0755FCE8E9D9C4105EC0F5C388FB94ABF7287CDBF33E8E3EB643E6E87C19B1A832584F575FE145
                                              Malicious:false
                                              Preview:2023/04/16-15:06:31.035 101c Creating DB C:\Users\user\AppData\Roaming\GalacticShooter\Local Storage\leveldb since it was missing..2023/04/16-15:06:31.064 101c Reusing MANIFEST C:\Users\user\AppData\Roaming\GalacticShooter\Local Storage\leveldb/MANIFEST-000001.

                                              C:\Users\user\AppData\Roaming\GalacticShooter\Local Storage\leveldb\MANIFEST-000001

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:OpenPGP Secret Key
                                              Category:dropped
                                              Size (bytes):41
                                              Entropy (8bit):4.704993772857998
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                              SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                              SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                              SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                              Malicious:false
                                              Preview:.|.."....leveldb.BytewiseComparator......

                                              C:\Users\user\AppData\Roaming\GalacticShooter\Network\Cookies

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:SQLite 3.x database, last written using SQLite version 3037001, file counter 3, database pages 5, cookie 0x3, schema 4, UTF-8, version-valid-for 3
                                              Category:dropped
                                              Size (bytes):20480
                                              Entropy (8bit):0.5557756557013777
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:B0D885ED086A78B645F86FA166C5314D
                                              SHA1:5044E969D74CDB9DD452D3E4FFDF0C7FE9425E0E
                                              SHA-256:C25E600EA937DB69A718162D2678A12B7898BEAA81C4C7F2E20D6B4D7ED48710
                                              SHA-512:E547D496B9E7AEA401BC6AB580C7BBDD7F55C5E3C67CFBF9F0C0BFE299812A2C77B8DD7D7A0A0DA9D3A53A538A4D56124E7CA1BBA04A567ABDF6D4144647BE0A
                                              Malicious:false
                                              Preview:SQLite format 3......@ ..........................................................................WI.........g...E......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                              C:\Users\user\AppData\Roaming\GalacticShooter\Network\Network Persistent State (copy)

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:JSON data
                                              Category:dropped
                                              Size (bytes):59
                                              Entropy (8bit):4.619434150836742
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:2800881C775077E1C4B6E06BF4676DE4
                                              SHA1:2873631068C8B3B9495638C865915BE822442C8B
                                              SHA-256:226EEC4486509917AA336AFEBD6FF65777B75B65F1FB06891D2A857A9421A974
                                              SHA-512:E342407AB65CC68F1B3FD706CD0A37680A0864FFD30A6539730180EDE2CDCD732CC97AE0B9EF7DB12DA5C0F83E429DF0840DBF7596ACA859A0301665E517377B
                                              Malicious:false
                                              Preview:{"net":{"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

                                              C:\Users\user\AppData\Roaming\GalacticShooter\Network\cfdf9128-452c-4da5-8a6d-d058479a18be.tmp

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:JSON data
                                              Category:dropped
                                              Size (bytes):59
                                              Entropy (8bit):4.619434150836742
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:2800881C775077E1C4B6E06BF4676DE4
                                              SHA1:2873631068C8B3B9495638C865915BE822442C8B
                                              SHA-256:226EEC4486509917AA336AFEBD6FF65777B75B65F1FB06891D2A857A9421A974
                                              SHA-512:E342407AB65CC68F1B3FD706CD0A37680A0864FFD30A6539730180EDE2CDCD732CC97AE0B9EF7DB12DA5C0F83E429DF0840DBF7596ACA859A0301665E517377B
                                              Malicious:false
                                              Preview:{"net":{"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

                                              C:\Users\user\AppData\Roaming\GalacticShooter\Preferences (copy)

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:JSON data
                                              Category:dropped
                                              Size (bytes):57
                                              Entropy (8bit):4.283088322451805
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:58127C59CB9E1DA127904C341D15372B
                                              SHA1:62445484661D8036CE9788BAEABA31D204E9A5FC
                                              SHA-256:BE4B8924AB38E8ACF350E6E3B9F1F63A1A94952D8002759ACD6946C4D5D0B5DE
                                              SHA-512:8D1815B277A93AD590FF79B6F52C576CF920C38C4353C24193F707D66884C942F39FF3989530055D2FADE540ADE243B41B6EB03CD0CC361C3B5D514CCA28B50A
                                              Malicious:false
                                              Preview:{"spellcheck":{"dictionaries":["en-US"],"dictionary":""}}

                                              C:\Users\user\AppData\Roaming\Microsoft\Spelling\en-US\default.acl

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:Unicode text, UTF-16, little-endian text, with no line terminators
                                              Category:dropped
                                              Size (bytes):2
                                              Entropy (8bit):1.0
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:F3B25701FE362EC84616A93A45CE9998
                                              SHA1:D62636D8CAEC13F04E28442A0A6FA1AFEB024BBB
                                              SHA-256:B3D510EF04275CA8E698E5B3CBB0ECE3949EF9252F0CDC839E9EE347409A2209
                                              SHA-512:98C5F56F3DE340690C139E58EB7DAC111979F0D4DFFE9C4B24FF849510F4B6FFA9FD608C0A3DE9AC3C9FD2190F0EFAF715309061490F9755A9BFDF1C54CA0D84
                                              Malicious:false
                                              Preview:..

                                              C:\Users\user\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:Unicode text, UTF-16, little-endian text, with no line terminators
                                              Category:dropped
                                              Size (bytes):2
                                              Entropy (8bit):1.0
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:F3B25701FE362EC84616A93A45CE9998
                                              SHA1:D62636D8CAEC13F04E28442A0A6FA1AFEB024BBB
                                              SHA-256:B3D510EF04275CA8E698E5B3CBB0ECE3949EF9252F0CDC839E9EE347409A2209
                                              SHA-512:98C5F56F3DE340690C139E58EB7DAC111979F0D4DFFE9C4B24FF849510F4B6FFA9FD608C0A3DE9AC3C9FD2190F0EFAF715309061490F9755A9BFDF1C54CA0D84
                                              Malicious:false
                                              Preview:..

                                              C:\Users\user\AppData\Roaming\Microsoft\Spelling\en-US\default.exc

                                              Download File
                                              Process:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              File Type:Unicode text, UTF-16, little-endian text, with no line terminators
                                              Category:dropped
                                              Size (bytes):2
                                              Entropy (8bit):1.0
                                              Encrypted:false
                                              SSDEEP:
                                              MD5:F3B25701FE362EC84616A93A45CE9998
                                              SHA1:D62636D8CAEC13F04E28442A0A6FA1AFEB024BBB
                                              SHA-256:B3D510EF04275CA8E698E5B3CBB0ECE3949EF9252F0CDC839E9EE347409A2209
                                              SHA-512:98C5F56F3DE340690C139E58EB7DAC111979F0D4DFFE9C4B24FF849510F4B6FFA9FD608C0A3DE9AC3C9FD2190F0EFAF715309061490F9755A9BFDF1C54CA0D84
                                              Malicious:false
                                              Preview:..

                                              Static File Info

                                              General

                                              File type:PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
                                              Entropy (8bit):7.999391649323491
                                              TrID:
                                              • Win32 Executable (generic) a (10002005/4) 99.96%
                                              • Generic Win/DOS Executable (2004/3) 0.02%
                                              • DOS Executable Generic (2002/1) 0.02%
                                              • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                              File name:GalacticShooter (3).exe
                                              File size:64791841
                                              MD5:83024ea067ab552d39ffdb6e12a30817
                                              SHA1:23d6b96f806e1ca8a10dfa16e7f35b3f2801a489
                                              SHA256:f96f3a4f4cdab5176a055736464d979f7cbd902298c910cbbdb08e955695bf73
                                              SHA512:8c8341a179f30cc5a4c9cb3efd70f65a5e337e3ba948677014b9433361a70c84274a871dfe385612511d73a5356d1eda2c2ea3f1a50aecdb557bbf2aeae861f3
                                              SSDEEP:1572864:jtve1M4rkN1winHaBHNYV6vSAuZ8F0Pa7:jlSCpnq6xbPa7
                                              TLSH:04E7331CFA16AA17D593D8B78CE9C3E481AAE2811310D1A78764D7BC6F92D201DF097F
                                              File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1...Pf..Pf..Pf.*_9..Pf..Pg.LPf.*_;..Pf..sV..Pf..V`..Pf.Rich.Pf.........................PE..L......\.................h...8...@.

                                              File Icon

                                              Icon Hash:100c1232b2320c10

                                              Static PE Info

                                              General

                                              Entrypoint:0x40338f
                                              Entrypoint Section:.text
                                              Digitally signed:false
                                              Imagebase:0x400000
                                              Subsystem:windows gui
                                              Image File Characteristics:RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
                                              DLL Characteristics:DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                                              Time Stamp:0x5C157F86 [Sat Dec 15 22:26:14 2018 UTC]
                                              TLS Callbacks:
                                              CLR (.Net) Version:
                                              OS Version Major:4
                                              OS Version Minor:0
                                              File Version Major:4
                                              File Version Minor:0
                                              Subsystem Version Major:4
                                              Subsystem Version Minor:0
                                              Import Hash:b34f154ec913d2d2c435cbd644e91687

                                              Entrypoint Preview

                                              Instruction
                                              sub esp, 000002D4h
                                              push ebx
                                              push esi
                                              push edi
                                              push 00000020h
                                              pop edi
                                              xor ebx, ebx
                                              push 00008001h
                                              mov dword ptr [esp+14h], ebx
                                              mov dword ptr [esp+10h], 0040A2E0h
                                              mov dword ptr [esp+1Ch], ebx
                                              call dword ptr [004080A8h]
                                              call dword ptr [004080A4h]
                                              and eax, BFFFFFFFh
                                              cmp ax, 00000006h
                                              mov dword ptr [0047AEECh], eax
                                              je 00007F521CA40FC3h
                                              push ebx
                                              call 00007F521CA44275h
                                              cmp eax, ebx
                                              je 00007F521CA40FB9h
                                              push 00000C00h
                                              call eax
                                              mov esi, 004082B0h
                                              push esi
                                              call 00007F521CA441EFh
                                              push esi
                                              call dword ptr [00408150h]
                                              lea esi, dword ptr [esi+eax+01h]
                                              cmp byte ptr [esi], 00000000h
                                              jne 00007F521CA40F9Ch
                                              push 0000000Ah
                                              call 00007F521CA44248h
                                              push 00000008h
                                              call 00007F521CA44241h
                                              push 00000006h
                                              mov dword ptr [0047AEE4h], eax
                                              call 00007F521CA44235h
                                              cmp eax, ebx
                                              je 00007F521CA40FC1h
                                              push 0000001Eh
                                              call eax
                                              test eax, eax
                                              je 00007F521CA40FB9h
                                              or byte ptr [0047AEEFh], 00000040h
                                              push ebp
                                              call dword ptr [00408044h]
                                              push ebx
                                              call dword ptr [004082A0h]
                                              mov dword ptr [0047AFB8h], eax
                                              push ebx
                                              lea eax, dword ptr [esp+34h]
                                              push 000002B4h
                                              push eax
                                              push ebx
                                              push 00440208h
                                              call dword ptr [00408188h]
                                              push 0040A2C8h

                                              Rich Headers

                                              Programming Language:
                                              • [EXP] VC++ 6.0 SP5 build 8804

                                              Data Directories

                                              NameVirtual AddressVirtual Size Is in Section
                                              IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                              IMAGE_DIRECTORY_ENTRY_IMPORT0x86100xa0.rdata
                                              IMAGE_DIRECTORY_ENTRY_RESOURCE0x10b0000x42a48.rsrc
                                              IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                              IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                              IMAGE_DIRECTORY_ENTRY_BASERELOC0x00x0
                                              IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                              IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                              IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                              IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                              IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                              IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                              IMAGE_DIRECTORY_ENTRY_IAT0x80000x2b0.rdata
                                              IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                              IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                              IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                              Sections

                                              NameVirtual AddressVirtual SizeRaw SizeXored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                              .text0x10000x66270x6800False0.6646259014423077data6.450282348506287IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                              .rdata0x80000x14a20x1600False0.4405184659090909data5.025178929113415IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                              .data0xa0000x70ff80x600False0.5182291666666666data4.037117731448378IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                              .ndata0x7b0000x900000x0False0empty0.0IMAGE_SCN_CNT_UNINITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                              .rsrc0x10b0000x42a480x42c00False0.08933169475655431data3.042355000676531IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

                                              Resources

                                              NameRVASizeTypeLanguageCountry
                                              RT_ICON0x10b1d80x42028Device independent bitmap graphic, 256 x 512 x 32, image size 262144, resolution 39 x 39 px/mEnglishUnited States
                                              RT_DIALOG0x14d2000x100dataEnglishUnited States
                                              RT_DIALOG0x14d3000xf8dataEnglishUnited States
                                              RT_DIALOG0x14d3f80x60dataEnglishUnited States
                                              RT_GROUP_ICON0x14d4580x14dataEnglishUnited States
                                              RT_VERSION0x14d4700x298OpenPGP Public KeyEnglishUnited States
                                              RT_MANIFEST0x14d7080x33eXML 1.0 document, ASCII text, with very long lines (830), with no line terminatorsEnglishUnited States

                                              Imports

                                              DLLImport
                                              KERNEL32.dllSetEnvironmentVariableW, SetFileAttributesW, Sleep, GetTickCount, GetFileSize, GetModuleFileNameW, GetCurrentProcess, CopyFileW, SetCurrentDirectoryW, GetFileAttributesW, GetWindowsDirectoryW, GetTempPathW, GetCommandLineW, GetVersion, SetErrorMode, lstrlenW, lstrcpynW, GetDiskFreeSpaceW, ExitProcess, GetShortPathNameW, CreateThread, GetLastError, CreateDirectoryW, CreateProcessW, RemoveDirectoryW, lstrcmpiA, CreateFileW, GetTempFileNameW, WriteFile, lstrcpyA, MoveFileExW, lstrcatW, GetSystemDirectoryW, GetProcAddress, GetModuleHandleA, GetExitCodeProcess, WaitForSingleObject, lstrcmpiW, MoveFileW, GetFullPathNameW, SetFileTime, SearchPathW, CompareFileTime, lstrcmpW, CloseHandle, ExpandEnvironmentStringsW, GlobalFree, GlobalLock, GlobalUnlock, GlobalAlloc, FindFirstFileW, FindNextFileW, DeleteFileW, SetFilePointer, ReadFile, FindClose, lstrlenA, MulDiv, MultiByteToWideChar, WideCharToMultiByte, GetPrivateProfileStringW, WritePrivateProfileStringW, FreeLibrary, LoadLibraryExW, GetModuleHandleW
                                              USER32.dllGetSystemMenu, SetClassLongW, EnableMenuItem, IsWindowEnabled, SetWindowPos, GetSysColor, GetWindowLongW, SetCursor, LoadCursorW, CheckDlgButton, GetMessagePos, LoadBitmapW, CallWindowProcW, IsWindowVisible, CloseClipboard, SetClipboardData, EmptyClipboard, OpenClipboard, ScreenToClient, GetWindowRect, GetDlgItem, GetSystemMetrics, SetDlgItemTextW, GetDlgItemTextW, MessageBoxIndirectW, CharPrevW, CharNextA, wsprintfA, DispatchMessageW, PeekMessageW, ReleaseDC, EnableWindow, InvalidateRect, SendMessageW, DefWindowProcW, BeginPaint, GetClientRect, FillRect, DrawTextW, EndDialog, RegisterClassW, SystemParametersInfoW, CreateWindowExW, GetClassInfoW, DialogBoxParamW, CharNextW, ExitWindowsEx, DestroyWindow, GetDC, SetTimer, SetWindowTextW, LoadImageW, SetForegroundWindow, ShowWindow, IsWindow, SetWindowLongW, FindWindowExW, TrackPopupMenu, AppendMenuW, CreatePopupMenu, EndPaint, CreateDialogParamW, SendMessageTimeoutW, wsprintfW, PostQuitMessage
                                              GDI32.dllSelectObject, SetBkMode, CreateFontIndirectW, SetTextColor, DeleteObject, GetDeviceCaps, CreateBrushIndirect, SetBkColor
                                              SHELL32.dllSHGetSpecialFolderLocation, ShellExecuteExW, SHGetPathFromIDListW, SHBrowseForFolderW, SHGetFileInfoW, SHFileOperationW
                                              ADVAPI32.dllAdjustTokenPrivileges, RegCreateKeyExW, RegOpenKeyExW, SetFileSecurityW, OpenProcessToken, LookupPrivilegeValueW, RegEnumValueW, RegDeleteKeyW, RegDeleteValueW, RegCloseKey, RegSetValueExW, RegQueryValueExW, RegEnumKeyW
                                              COMCTL32.dllImageList_Create, ImageList_AddMasked, ImageList_Destroy
                                              ole32.dllOleUninitialize, OleInitialize, CoTaskMemFree, CoCreateInstance

                                              Possible Origin

                                              Language of compilation systemCountry where language is spokenMap
                                              EnglishUnited States

                                              Network Behavior

                                              Network Port Distribution

                                              TCP Packets

                                              TimestampSource PortDest PortSource IPDest IP
                                              Apr 16, 2023 15:06:32.219367981 CEST49698443192.168.2.3198.251.88.130
                                              Apr 16, 2023 15:06:32.219455004 CEST44349698198.251.88.130192.168.2.3
                                              Apr 16, 2023 15:06:32.219583035 CEST49698443192.168.2.3198.251.88.130
                                              Apr 16, 2023 15:06:32.220025063 CEST49699443192.168.2.3198.251.88.130
                                              Apr 16, 2023 15:06:32.220089912 CEST44349699198.251.88.130192.168.2.3
                                              Apr 16, 2023 15:06:32.220226049 CEST49699443192.168.2.3198.251.88.130
                                              Apr 16, 2023 15:06:32.249655962 CEST49698443192.168.2.3198.251.88.130
                                              Apr 16, 2023 15:06:32.249722958 CEST44349698198.251.88.130192.168.2.3
                                              Apr 16, 2023 15:06:32.251471043 CEST49699443192.168.2.3198.251.88.130
                                              Apr 16, 2023 15:06:32.251528025 CEST44349699198.251.88.130192.168.2.3
                                              Apr 16, 2023 15:06:32.406255960 CEST44349699198.251.88.130192.168.2.3
                                              Apr 16, 2023 15:06:32.407929897 CEST44349698198.251.88.130192.168.2.3
                                              Apr 16, 2023 15:06:32.430025101 CEST49698443192.168.2.3198.251.88.130
                                              Apr 16, 2023 15:06:32.430073023 CEST44349698198.251.88.130192.168.2.3
                                              Apr 16, 2023 15:06:32.430313110 CEST49699443192.168.2.3198.251.88.130
                                              Apr 16, 2023 15:06:32.430361032 CEST44349699198.251.88.130192.168.2.3
                                              Apr 16, 2023 15:06:32.432235003 CEST44349698198.251.88.130192.168.2.3
                                              Apr 16, 2023 15:06:32.432374954 CEST49698443192.168.2.3198.251.88.130
                                              Apr 16, 2023 15:06:32.433413982 CEST44349699198.251.88.130192.168.2.3
                                              Apr 16, 2023 15:06:32.433525085 CEST49699443192.168.2.3198.251.88.130
                                              Apr 16, 2023 15:06:32.440304995 CEST49698443192.168.2.3198.251.88.130
                                              Apr 16, 2023 15:06:32.440521955 CEST44349698198.251.88.130192.168.2.3
                                              Apr 16, 2023 15:06:32.440663099 CEST49698443192.168.2.3198.251.88.130
                                              Apr 16, 2023 15:06:32.443600893 CEST49699443192.168.2.3198.251.88.130
                                              Apr 16, 2023 15:06:32.443772078 CEST44349699198.251.88.130192.168.2.3
                                              Apr 16, 2023 15:06:32.444205999 CEST44349699198.251.88.130192.168.2.3
                                              Apr 16, 2023 15:06:32.444331884 CEST49699443192.168.2.3198.251.88.130
                                              Apr 16, 2023 15:06:32.444473028 CEST49699443192.168.2.3198.251.88.130
                                              Apr 16, 2023 15:06:32.498832941 CEST49700443192.168.2.334.117.59.81
                                              Apr 16, 2023 15:06:32.498893023 CEST4434970034.117.59.81192.168.2.3
                                              Apr 16, 2023 15:06:32.500597000 CEST49700443192.168.2.334.117.59.81
                                              Apr 16, 2023 15:06:32.506963015 CEST49700443192.168.2.334.117.59.81
                                              Apr 16, 2023 15:06:32.507008076 CEST4434970034.117.59.81192.168.2.3
                                              Apr 16, 2023 15:06:32.560295105 CEST4434970034.117.59.81192.168.2.3
                                              Apr 16, 2023 15:06:32.573565006 CEST49700443192.168.2.334.117.59.81
                                              Apr 16, 2023 15:06:32.573602915 CEST4434970034.117.59.81192.168.2.3
                                              Apr 16, 2023 15:06:32.574881077 CEST4434970034.117.59.81192.168.2.3
                                              Apr 16, 2023 15:06:32.574978113 CEST49700443192.168.2.334.117.59.81
                                              Apr 16, 2023 15:06:32.576071978 CEST49700443192.168.2.334.117.59.81
                                              Apr 16, 2023 15:06:32.576128006 CEST4434970034.117.59.81192.168.2.3
                                              Apr 16, 2023 15:06:32.576209068 CEST49700443192.168.2.334.117.59.81
                                              Apr 16, 2023 15:06:35.017570019 CEST49701443192.168.2.3162.159.128.233
                                              Apr 16, 2023 15:06:35.017640114 CEST44349701162.159.128.233192.168.2.3
                                              Apr 16, 2023 15:06:35.017801046 CEST49701443192.168.2.3162.159.128.233
                                              Apr 16, 2023 15:06:35.018439054 CEST49701443192.168.2.3162.159.128.233
                                              Apr 16, 2023 15:06:35.018477917 CEST44349701162.159.128.233192.168.2.3
                                              Apr 16, 2023 15:06:35.077136040 CEST44349701162.159.128.233192.168.2.3
                                              Apr 16, 2023 15:06:35.084970951 CEST49701443192.168.2.3162.159.128.233
                                              Apr 16, 2023 15:06:35.085016966 CEST44349701162.159.128.233192.168.2.3
                                              Apr 16, 2023 15:06:35.086241961 CEST44349701162.159.128.233192.168.2.3
                                              Apr 16, 2023 15:06:35.086333990 CEST49701443192.168.2.3162.159.128.233
                                              Apr 16, 2023 15:06:35.087644100 CEST49701443192.168.2.3162.159.128.233
                                              Apr 16, 2023 15:06:35.087691069 CEST44349701162.159.128.233192.168.2.3
                                              Apr 16, 2023 15:06:35.087778091 CEST49701443192.168.2.3162.159.128.233
                                              Apr 16, 2023 15:06:35.131103992 CEST49702443192.168.2.3162.159.128.233
                                              Apr 16, 2023 15:06:35.131184101 CEST44349702162.159.128.233192.168.2.3
                                              Apr 16, 2023 15:06:35.131302118 CEST49702443192.168.2.3162.159.128.233
                                              Apr 16, 2023 15:06:35.131921053 CEST49702443192.168.2.3162.159.128.233
                                              Apr 16, 2023 15:06:35.131958008 CEST44349702162.159.128.233192.168.2.3
                                              Apr 16, 2023 15:06:35.182737112 CEST44349702162.159.128.233192.168.2.3
                                              Apr 16, 2023 15:06:35.195162058 CEST49702443192.168.2.3162.159.128.233
                                              Apr 16, 2023 15:06:35.195223093 CEST44349702162.159.128.233192.168.2.3
                                              Apr 16, 2023 15:06:35.197704077 CEST44349702162.159.128.233192.168.2.3
                                              Apr 16, 2023 15:06:35.197807074 CEST49702443192.168.2.3162.159.128.233
                                              Apr 16, 2023 15:06:35.198807001 CEST49702443192.168.2.3162.159.128.233
                                              Apr 16, 2023 15:06:35.198904037 CEST44349702162.159.128.233192.168.2.3
                                              Apr 16, 2023 15:06:35.198983908 CEST49702443192.168.2.3162.159.128.233
                                              Apr 16, 2023 15:06:35.249875069 CEST49703443192.168.2.3162.159.128.233
                                              Apr 16, 2023 15:06:35.249914885 CEST44349703162.159.128.233192.168.2.3
                                              Apr 16, 2023 15:06:35.250030041 CEST49703443192.168.2.3162.159.128.233
                                              Apr 16, 2023 15:06:35.250682116 CEST49703443192.168.2.3162.159.128.233
                                              Apr 16, 2023 15:06:35.250704050 CEST44349703162.159.128.233192.168.2.3
                                              Apr 16, 2023 15:06:35.255192041 CEST49704443192.168.2.3162.159.128.233
                                              Apr 16, 2023 15:06:35.255239964 CEST44349704162.159.128.233192.168.2.3
                                              Apr 16, 2023 15:06:35.255342007 CEST49704443192.168.2.3162.159.128.233
                                              Apr 16, 2023 15:06:35.255891085 CEST49704443192.168.2.3162.159.128.233
                                              Apr 16, 2023 15:06:35.255923033 CEST44349704162.159.128.233192.168.2.3
                                              Apr 16, 2023 15:06:35.300378084 CEST44349703162.159.128.233192.168.2.3
                                              Apr 16, 2023 15:06:35.384037018 CEST44349704162.159.128.233192.168.2.3
                                              Apr 16, 2023 15:06:35.414685011 CEST49703443192.168.2.3162.159.128.233
                                              Apr 16, 2023 15:06:35.460887909 CEST49704443192.168.2.3162.159.128.233
                                              Apr 16, 2023 15:06:35.460942030 CEST44349704162.159.128.233192.168.2.3
                                              Apr 16, 2023 15:06:35.461251020 CEST49703443192.168.2.3162.159.128.233
                                              Apr 16, 2023 15:06:35.461271048 CEST44349703162.159.128.233192.168.2.3
                                              Apr 16, 2023 15:06:35.464987040 CEST44349704162.159.128.233192.168.2.3
                                              Apr 16, 2023 15:06:35.465125084 CEST49704443192.168.2.3162.159.128.233
                                              Apr 16, 2023 15:06:35.465123892 CEST44349704162.159.128.233192.168.2.3
                                              Apr 16, 2023 15:06:35.465162039 CEST44349703162.159.128.233192.168.2.3
                                              Apr 16, 2023 15:06:35.465246916 CEST44349703162.159.128.233192.168.2.3
                                              Apr 16, 2023 15:06:35.465253115 CEST49703443192.168.2.3162.159.128.233
                                              Apr 16, 2023 15:06:35.467820883 CEST49703443192.168.2.3162.159.128.233
                                              Apr 16, 2023 15:06:35.467920065 CEST44349703162.159.128.233192.168.2.3
                                              Apr 16, 2023 15:06:35.468019009 CEST49703443192.168.2.3162.159.128.233
                                              Apr 16, 2023 15:06:35.470164061 CEST49704443192.168.2.3162.159.128.233
                                              Apr 16, 2023 15:06:35.470294952 CEST44349704162.159.128.233192.168.2.3
                                              Apr 16, 2023 15:06:35.470392942 CEST49704443192.168.2.3162.159.128.233
                                              Apr 16, 2023 15:06:36.475824118 CEST49705443192.168.2.3162.159.138.232
                                              Apr 16, 2023 15:06:36.475910902 CEST44349705162.159.138.232192.168.2.3
                                              Apr 16, 2023 15:06:36.476020098 CEST49705443192.168.2.3162.159.138.232
                                              Apr 16, 2023 15:06:36.476874113 CEST49705443192.168.2.3162.159.138.232
                                              Apr 16, 2023 15:06:36.476923943 CEST44349705162.159.138.232192.168.2.3
                                              Apr 16, 2023 15:06:36.481513977 CEST49706443192.168.2.3162.159.130.233
                                              Apr 16, 2023 15:06:36.481576920 CEST44349706162.159.130.233192.168.2.3
                                              Apr 16, 2023 15:06:36.481719017 CEST49706443192.168.2.3162.159.130.233
                                              Apr 16, 2023 15:06:36.483067036 CEST49706443192.168.2.3162.159.130.233
                                              Apr 16, 2023 15:06:36.483104944 CEST44349706162.159.130.233192.168.2.3
                                              Apr 16, 2023 15:06:36.526047945 CEST44349705162.159.138.232192.168.2.3
                                              Apr 16, 2023 15:06:36.539072037 CEST44349706162.159.130.233192.168.2.3
                                              Apr 16, 2023 15:06:36.550163031 CEST49706443192.168.2.3162.159.130.233
                                              Apr 16, 2023 15:06:36.550208092 CEST44349706162.159.130.233192.168.2.3
                                              Apr 16, 2023 15:06:36.550776958 CEST49705443192.168.2.3162.159.138.232
                                              Apr 16, 2023 15:06:36.550833941 CEST44349705162.159.138.232192.168.2.3
                                              Apr 16, 2023 15:06:36.551537037 CEST44349706162.159.130.233192.168.2.3
                                              Apr 16, 2023 15:06:36.551616907 CEST49706443192.168.2.3162.159.130.233
                                              Apr 16, 2023 15:06:36.552809000 CEST49706443192.168.2.3162.159.130.233
                                              Apr 16, 2023 15:06:36.552877903 CEST44349706162.159.130.233192.168.2.3
                                              Apr 16, 2023 15:06:36.552978039 CEST49706443192.168.2.3162.159.130.233
                                              Apr 16, 2023 15:06:36.554193020 CEST44349705162.159.138.232192.168.2.3
                                              Apr 16, 2023 15:06:36.554306984 CEST49705443192.168.2.3162.159.138.232
                                              Apr 16, 2023 15:06:36.555227041 CEST49705443192.168.2.3162.159.138.232
                                              Apr 16, 2023 15:06:36.555327892 CEST44349705162.159.138.232192.168.2.3
                                              Apr 16, 2023 15:06:36.555412054 CEST49705443192.168.2.3162.159.138.232
                                              Apr 16, 2023 15:07:05.663041115 CEST49707443192.168.2.38.8.8.8
                                              Apr 16, 2023 15:07:05.663115978 CEST443497078.8.8.8192.168.2.3
                                              Apr 16, 2023 15:07:05.663254976 CEST49707443192.168.2.38.8.8.8
                                              Apr 16, 2023 15:07:05.667732000 CEST49707443192.168.2.38.8.8.8
                                              Apr 16, 2023 15:07:05.667792082 CEST443497078.8.8.8192.168.2.3
                                              Apr 16, 2023 15:07:05.729094028 CEST443497078.8.8.8192.168.2.3
                                              Apr 16, 2023 15:07:05.729898930 CEST49707443192.168.2.38.8.8.8
                                              Apr 16, 2023 15:07:05.729938984 CEST443497078.8.8.8192.168.2.3
                                              Apr 16, 2023 15:07:05.731717110 CEST443497078.8.8.8192.168.2.3
                                              Apr 16, 2023 15:07:05.731798887 CEST49707443192.168.2.38.8.8.8
                                              Apr 16, 2023 15:07:05.764811039 CEST49708443192.168.2.38.8.4.4
                                              Apr 16, 2023 15:07:05.764873028 CEST443497088.8.4.4192.168.2.3
                                              Apr 16, 2023 15:07:05.765003920 CEST49708443192.168.2.38.8.4.4
                                              Apr 16, 2023 15:07:05.765769005 CEST49708443192.168.2.38.8.4.4
                                              Apr 16, 2023 15:07:05.765809059 CEST443497088.8.4.4192.168.2.3
                                              Apr 16, 2023 15:07:05.840291023 CEST443497088.8.4.4192.168.2.3
                                              Apr 16, 2023 15:07:05.841083050 CEST49708443192.168.2.38.8.4.4
                                              Apr 16, 2023 15:07:05.841135025 CEST443497088.8.4.4192.168.2.3
                                              Apr 16, 2023 15:07:05.843148947 CEST443497088.8.4.4192.168.2.3
                                              Apr 16, 2023 15:07:05.843254089 CEST49708443192.168.2.38.8.4.4
                                              Apr 16, 2023 15:07:06.090526104 CEST49708443192.168.2.38.8.4.4
                                              Apr 16, 2023 15:07:06.090905905 CEST443497088.8.4.4192.168.2.3
                                              Apr 16, 2023 15:07:06.091123104 CEST49708443192.168.2.38.8.4.4
                                              Apr 16, 2023 15:07:06.091166019 CEST443497088.8.4.4192.168.2.3
                                              Apr 16, 2023 15:07:06.091463089 CEST49707443192.168.2.38.8.8.8
                                              Apr 16, 2023 15:07:06.091815948 CEST443497078.8.8.8192.168.2.3
                                              Apr 16, 2023 15:07:06.091840982 CEST49707443192.168.2.38.8.8.8
                                              Apr 16, 2023 15:07:06.134747982 CEST443497088.8.4.4192.168.2.3
                                              Apr 16, 2023 15:07:06.135102034 CEST49708443192.168.2.38.8.4.4
                                              Apr 16, 2023 15:07:06.135492086 CEST443497078.8.8.8192.168.2.3
                                              Apr 16, 2023 15:07:06.143244982 CEST49707443192.168.2.38.8.8.8
                                              Apr 16, 2023 15:07:06.143284082 CEST443497078.8.8.8192.168.2.3
                                              Apr 16, 2023 15:07:06.150783062 CEST49708443192.168.2.38.8.4.4
                                              Apr 16, 2023 15:07:06.150820971 CEST443497088.8.4.4192.168.2.3
                                              Apr 16, 2023 15:07:06.153176069 CEST443497078.8.8.8192.168.2.3
                                              Apr 16, 2023 15:07:06.155599117 CEST49707443192.168.2.38.8.8.8
                                              Apr 16, 2023 15:07:06.156075954 CEST49707443192.168.2.38.8.8.8
                                              Apr 16, 2023 15:07:06.156102896 CEST443497078.8.8.8192.168.2.3
                                              Apr 16, 2023 15:07:12.812341928 CEST49709443192.168.2.38.8.4.4
                                              Apr 16, 2023 15:07:12.812422037 CEST443497098.8.4.4192.168.2.3
                                              Apr 16, 2023 15:07:12.812709093 CEST49709443192.168.2.38.8.4.4
                                              Apr 16, 2023 15:07:12.813189030 CEST49709443192.168.2.38.8.4.4
                                              Apr 16, 2023 15:07:12.813225985 CEST443497098.8.4.4192.168.2.3
                                              Apr 16, 2023 15:07:12.889060020 CEST443497098.8.4.4192.168.2.3
                                              Apr 16, 2023 15:07:12.891490936 CEST49709443192.168.2.38.8.4.4
                                              Apr 16, 2023 15:07:12.891534090 CEST443497098.8.4.4192.168.2.3
                                              Apr 16, 2023 15:07:12.893166065 CEST443497098.8.4.4192.168.2.3
                                              Apr 16, 2023 15:07:12.897053003 CEST49709443192.168.2.38.8.4.4
                                              Apr 16, 2023 15:07:12.900132895 CEST49709443192.168.2.38.8.4.4
                                              Apr 16, 2023 15:07:12.900316000 CEST443497098.8.4.4192.168.2.3
                                              Apr 16, 2023 15:07:12.900676012 CEST49709443192.168.2.38.8.4.4
                                              Apr 16, 2023 15:07:12.942053080 CEST49709443192.168.2.38.8.4.4
                                              Apr 16, 2023 15:07:12.942094088 CEST443497098.8.4.4192.168.2.3
                                              Apr 16, 2023 15:07:12.949193954 CEST443497098.8.4.4192.168.2.3
                                              Apr 16, 2023 15:07:12.950025082 CEST49709443192.168.2.38.8.4.4
                                              Apr 16, 2023 15:07:12.950025082 CEST49709443192.168.2.38.8.4.4
                                              Apr 16, 2023 15:07:12.950918913 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:12.950954914 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:12.951466084 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:12.952375889 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:12.952400923 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.026238918 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.030303001 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.030330896 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.031611919 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.033552885 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.035437107 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.035537958 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.035600901 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.062134027 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.062222004 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.062325001 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.062398911 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.062467098 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.062485933 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.063146114 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.063214064 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.063257933 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.063270092 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.064606905 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.064666986 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.064685106 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.064821005 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.065865993 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.066463947 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.066476107 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.081182957 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.081252098 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.081873894 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.081953049 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.081967115 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.081985950 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.082392931 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.083137035 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.084482908 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.084549904 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.085598946 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.085618019 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.085848093 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.087156057 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.087229967 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.087229967 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.087259054 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.087470055 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.088546991 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.089740038 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.089819908 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.090992928 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.091078997 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.091430902 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.091448069 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.092263937 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.093209028 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.093225956 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.093482971 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.094351053 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.094362974 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.094727993 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.095431089 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.095444918 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.096044064 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.096545935 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.096558094 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.100334883 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.100631952 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.100650072 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.100893021 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.100955009 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.100965977 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.102179050 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.103064060 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.103080034 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.103247881 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.104301929 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.104383945 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.104391098 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.104417086 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.105004072 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.105004072 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.105304003 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.106384039 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.106458902 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.107429028 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.107444048 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.107536077 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.108623981 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.108639002 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.109586954 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.109597921 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.109695911 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.109939098 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.109950066 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.110750914 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.110867977 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.110882044 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.112339020 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.112416983 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.112649918 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.112663984 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.112874985 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.113329887 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.114319086 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.114398956 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.114487886 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.114504099 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.114660978 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.115343094 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.116106987 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.116185904 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.116234064 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.116245031 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.116723061 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.116947889 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.117196083 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.117319107 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.217510939 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.219043016 CEST49710443192.168.2.3142.250.184.106
                                              Apr 16, 2023 15:07:13.219074965 CEST44349710142.250.184.106192.168.2.3
                                              Apr 16, 2023 15:07:13.249406099 CEST49709443192.168.2.38.8.4.4
                                              Apr 16, 2023 15:07:13.249463081 CEST443497098.8.4.4192.168.2.3

                                              UDP Packets

                                              TimestampSource PortDest PortSource IPDest IP
                                              Apr 16, 2023 15:06:31.367501974 CEST5892153192.168.2.38.8.8.8
                                              Apr 16, 2023 15:06:31.396740913 CEST53589218.8.8.8192.168.2.3
                                              Apr 16, 2023 15:06:32.464438915 CEST6270453192.168.2.38.8.8.8
                                              Apr 16, 2023 15:06:32.493199110 CEST53627048.8.8.8192.168.2.3
                                              Apr 16, 2023 15:06:34.989296913 CEST4997753192.168.2.38.8.8.8
                                              Apr 16, 2023 15:06:35.015764952 CEST53499778.8.8.8192.168.2.3
                                              Apr 16, 2023 15:06:35.100373983 CEST5784053192.168.2.38.8.8.8
                                              Apr 16, 2023 15:06:35.129403114 CEST53578408.8.8.8192.168.2.3
                                              Apr 16, 2023 15:06:35.215573072 CEST5799053192.168.2.38.8.8.8
                                              Apr 16, 2023 15:06:35.242955923 CEST53579908.8.8.8192.168.2.3
                                              Apr 16, 2023 15:06:35.474283934 CEST5238753192.168.2.38.8.8.8
                                              Apr 16, 2023 15:06:35.487967968 CEST5692453192.168.2.38.8.8.8
                                              Apr 16, 2023 15:06:35.510051966 CEST53523878.8.8.8192.168.2.3
                                              Apr 16, 2023 15:06:35.522553921 CEST53569248.8.8.8192.168.2.3
                                              Apr 16, 2023 15:07:05.640110970 CEST5397553192.168.2.38.8.8.8
                                              Apr 16, 2023 15:07:05.655033112 CEST53539758.8.8.8192.168.2.3
                                              Apr 16, 2023 15:07:05.738176107 CEST5113953192.168.2.38.8.8.8
                                              Apr 16, 2023 15:07:05.761413097 CEST53511398.8.8.8192.168.2.3
                                              Apr 16, 2023 15:07:12.811026096 CEST57134443192.168.2.38.8.4.4
                                              Apr 16, 2023 15:07:12.835309982 CEST443571348.8.4.4192.168.2.3
                                              Apr 16, 2023 15:07:12.838529110 CEST57134443192.168.2.38.8.4.4
                                              Apr 16, 2023 15:07:12.849025965 CEST443571348.8.4.4192.168.2.3
                                              Apr 16, 2023 15:07:12.849085093 CEST443571348.8.4.4192.168.2.3
                                              Apr 16, 2023 15:07:12.854737997 CEST57134443192.168.2.38.8.4.4
                                              Apr 16, 2023 15:07:12.862173080 CEST443571348.8.4.4192.168.2.3
                                              Apr 16, 2023 15:07:12.862205982 CEST443571348.8.4.4192.168.2.3
                                              Apr 16, 2023 15:07:12.869147062 CEST57134443192.168.2.38.8.4.4
                                              Apr 16, 2023 15:07:12.908114910 CEST57134443192.168.2.38.8.4.4
                                              Apr 16, 2023 15:07:12.931694031 CEST443571348.8.4.4192.168.2.3
                                              Apr 16, 2023 15:07:12.940509081 CEST57134443192.168.2.38.8.4.4
                                              Apr 16, 2023 15:07:12.940510035 CEST57134443192.168.2.38.8.4.4
                                              Apr 16, 2023 15:07:12.964363098 CEST443571348.8.4.4192.168.2.3
                                              Apr 16, 2023 15:07:12.964394093 CEST443571348.8.4.4192.168.2.3
                                              Apr 16, 2023 15:07:12.964941978 CEST57134443192.168.2.38.8.4.4
                                              Apr 16, 2023 15:07:12.964941978 CEST57134443192.168.2.38.8.4.4
                                              Apr 16, 2023 15:07:12.990248919 CEST443571348.8.4.4192.168.2.3

                                              DNS Queries

                                              TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                              Apr 16, 2023 15:06:31.367501974 CEST192.168.2.38.8.8.80x6883Standard query (0)rentry.coA (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:06:32.464438915 CEST192.168.2.38.8.8.80x3da8Standard query (0)ipinfo.ioA (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:06:34.989296913 CEST192.168.2.38.8.8.80xca73Standard query (0)canary.discord.comA (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:06:35.100373983 CEST192.168.2.38.8.8.80x4cbeStandard query (0)canary.discord.comA (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:06:35.215573072 CEST192.168.2.38.8.8.80xd04dStandard query (0)canary.discord.comA (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:06:35.474283934 CEST192.168.2.38.8.8.80x88a3Standard query (0)discord.comA (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:06:35.487967968 CEST192.168.2.38.8.8.80x3c2cStandard query (0)cdn.discordapp.comA (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:07:05.640110970 CEST192.168.2.38.8.8.80x9747Standard query (0)dns.googleA (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:07:05.738176107 CEST192.168.2.38.8.8.80xbd52Standard query (0)dns.googleA (IP address)IN (0x0001)false

                                              DNS Answers

                                              TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                              Apr 16, 2023 15:06:31.396740913 CEST8.8.8.8192.168.2.30x6883No error (0)rentry.co198.251.88.130A (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:06:32.493199110 CEST8.8.8.8192.168.2.30x3da8No error (0)ipinfo.io34.117.59.81A (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:06:35.015764952 CEST8.8.8.8192.168.2.30xca73No error (0)canary.discord.com162.159.128.233A (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:06:35.015764952 CEST8.8.8.8192.168.2.30xca73No error (0)canary.discord.com162.159.135.232A (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:06:35.015764952 CEST8.8.8.8192.168.2.30xca73No error (0)canary.discord.com162.159.137.232A (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:06:35.015764952 CEST8.8.8.8192.168.2.30xca73No error (0)canary.discord.com162.159.136.232A (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:06:35.015764952 CEST8.8.8.8192.168.2.30xca73No error (0)canary.discord.com162.159.138.232A (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:06:35.129403114 CEST8.8.8.8192.168.2.30x4cbeNo error (0)canary.discord.com162.159.128.233A (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:06:35.129403114 CEST8.8.8.8192.168.2.30x4cbeNo error (0)canary.discord.com162.159.135.232A (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:06:35.129403114 CEST8.8.8.8192.168.2.30x4cbeNo error (0)canary.discord.com162.159.137.232A (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:06:35.129403114 CEST8.8.8.8192.168.2.30x4cbeNo error (0)canary.discord.com162.159.136.232A (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:06:35.129403114 CEST8.8.8.8192.168.2.30x4cbeNo error (0)canary.discord.com162.159.138.232A (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:06:35.242955923 CEST8.8.8.8192.168.2.30xd04dNo error (0)canary.discord.com162.159.128.233A (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:06:35.242955923 CEST8.8.8.8192.168.2.30xd04dNo error (0)canary.discord.com162.159.135.232A (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:06:35.242955923 CEST8.8.8.8192.168.2.30xd04dNo error (0)canary.discord.com162.159.137.232A (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:06:35.242955923 CEST8.8.8.8192.168.2.30xd04dNo error (0)canary.discord.com162.159.136.232A (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:06:35.242955923 CEST8.8.8.8192.168.2.30xd04dNo error (0)canary.discord.com162.159.138.232A (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:06:35.510051966 CEST8.8.8.8192.168.2.30x88a3No error (0)discord.com162.159.138.232A (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:06:35.510051966 CEST8.8.8.8192.168.2.30x88a3No error (0)discord.com162.159.137.232A (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:06:35.510051966 CEST8.8.8.8192.168.2.30x88a3No error (0)discord.com162.159.135.232A (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:06:35.510051966 CEST8.8.8.8192.168.2.30x88a3No error (0)discord.com162.159.136.232A (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:06:35.510051966 CEST8.8.8.8192.168.2.30x88a3No error (0)discord.com162.159.128.233A (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:06:35.522553921 CEST8.8.8.8192.168.2.30x3c2cNo error (0)cdn.discordapp.com162.159.130.233A (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:06:35.522553921 CEST8.8.8.8192.168.2.30x3c2cNo error (0)cdn.discordapp.com162.159.135.233A (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:06:35.522553921 CEST8.8.8.8192.168.2.30x3c2cNo error (0)cdn.discordapp.com162.159.129.233A (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:06:35.522553921 CEST8.8.8.8192.168.2.30x3c2cNo error (0)cdn.discordapp.com162.159.134.233A (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:06:35.522553921 CEST8.8.8.8192.168.2.30x3c2cNo error (0)cdn.discordapp.com162.159.133.233A (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:07:05.655033112 CEST8.8.8.8192.168.2.30x9747No error (0)dns.google8.8.8.8A (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:07:05.655033112 CEST8.8.8.8192.168.2.30x9747No error (0)dns.google8.8.4.4A (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:07:05.761413097 CEST8.8.8.8192.168.2.30xbd52No error (0)dns.google8.8.4.4A (IP address)IN (0x0001)false
                                              Apr 16, 2023 15:07:05.761413097 CEST8.8.8.8192.168.2.30xbd52No error (0)dns.google8.8.8.8A (IP address)IN (0x0001)false

                                              HTTP Request Dependency Graph

                                              • dns.google
                                              • ajax.googleapis.com

                                              HTTPS Proxied Packets

                                              Session IDSource IPSource PortDestination IPDestination PortProcess
                                              0192.168.2.3497088.8.4.4443C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              TimestampkBytes transferredDirectionData
                                              2023-04-16 13:07:06 UTC0OUTGET /dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/1.1
                                              Host: dns.google
                                              Connection: keep-alive
                                              Accept: application/dns-message
                                              Accept-Language: *
                                              User-Agent: Chrome
                                              Accept-Encoding: identity
                                              2023-04-16 13:07:06 UTC0INHTTP/1.1 200 OK
                                              X-Content-Type-Options: nosniff
                                              Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                              Access-Control-Allow-Origin: *
                                              Date: Sun, 16 Apr 2023 13:07:06 GMT
                                              Expires: Sun, 16 Apr 2023 13:07:06 GMT
                                              Cache-Control: private, max-age=300
                                              Content-Type: application/dns-message
                                              Server: HTTP server (unknown)
                                              Content-Length: 468
                                              X-XSS-Protection: 0
                                              X-Frame-Options: SAMEORIGIN
                                              Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                              Connection: close
                                              2023-04-16 13:07:06 UTC0INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 2c 00 04 8e fa b8 63 00 00 29 02 00 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                              Data Ascii: wwwgstaticcom,c)


                                              Session IDSource IPSource PortDestination IPDestination PortProcess
                                              1192.168.2.3497098.8.4.4443C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              TimestampkBytes transferredDirectionData
                                              2023-04-16 13:07:12 UTC1OUTGET /dns-query?dns=AAABAAABAAAAAAABBGFqYXgKZ29vZ2xlYXBpcwNjb20AAAEAAQAAKRAAAAAAAABQAAwATAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/1.1
                                              Host: dns.google
                                              Connection: keep-alive
                                              Accept: application/dns-message
                                              Accept-Language: *
                                              User-Agent: Chrome
                                              Accept-Encoding: identity
                                              2023-04-16 13:07:12 UTC1INHTTP/1.1 200 OK
                                              X-Content-Type-Options: nosniff
                                              Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                              Access-Control-Allow-Origin: *
                                              Date: Sun, 16 Apr 2023 13:07:12 GMT
                                              Expires: Sun, 16 Apr 2023 13:07:12 GMT
                                              Cache-Control: private, max-age=300
                                              Content-Type: application/dns-message
                                              Server: HTTP server (unknown)
                                              Content-Length: 468
                                              X-XSS-Protection: 0
                                              X-Frame-Options: SAMEORIGIN
                                              Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                              Connection: close
                                              2023-04-16 13:07:12 UTC2INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 04 61 6a 61 78 0a 67 6f 6f 67 6c 65 61 70 69 73 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 2c 00 04 8e fa b8 6a 00 00 29 02 00 00 00 00 00 01 94 00 0c 01 90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                              Data Ascii: ajaxgoogleapiscom,j)


                                              Session IDSource IPSource PortDestination IPDestination PortProcess
                                              2192.168.2.349710142.250.184.106443C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              TimestampkBytes transferredDirectionData
                                              2023-04-16 13:07:13 UTC2OUTGET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
                                              Host: ajax.googleapis.com
                                              Connection: keep-alive
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) GalacticShooter/1.0.0 Chrome/100.0.4896.143 Electron/18.2.3 Safari/537.36
                                              Accept: */*
                                              Sec-Fetch-Site: cross-site
                                              Sec-Fetch-Mode: no-cors
                                              Sec-Fetch-Dest: script
                                              Accept-Encoding: gzip, deflate, br
                                              Accept-Language: en-US
                                              2023-04-16 13:07:13 UTC2INHTTP/1.1 200 OK
                                              Accept-Ranges: bytes
                                              Access-Control-Allow-Origin: *
                                              Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
                                              Cross-Origin-Resource-Policy: cross-origin
                                              Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
                                              Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
                                              Timing-Allow-Origin: *
                                              Content-Length: 89501
                                              X-Content-Type-Options: nosniff
                                              Server: sffe
                                              X-XSS-Protection: 0
                                              Date: Wed, 12 Apr 2023 09:47:25 GMT
                                              Expires: Thu, 11 Apr 2024 09:47:25 GMT
                                              Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
                                              Last-Modified: Wed, 10 Mar 2021 14:28:09 GMT
                                              Content-Type: text/javascript; charset=UTF-8
                                              Vary: Accept-Encoding
                                              Age: 357588
                                              Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                              Connection: close
                                              2023-04-16 13:07:13 UTC3INData Raw: 2f 2a 21 20 6a 51 75 65 72 79 20 76 33 2e 36 2e 30 20 7c 20 28 63 29 20 4f 70 65 6e 4a 53 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 6f 74 68 65 72 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 20 7c 20 6a 71 75 65 72 79 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 65 2e 64 6f 63 75 6d 65 6e 74 3f 74 28 65 2c 21 30 29 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 21 65 2e 64 6f 63 75 6d 65 6e 74 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 6a 51 75
                                              Data Ascii: /*! jQuery v3.6.0 | (c) OpenJS Foundation and other contributors | jquery.org/license */!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQu
                                              2023-04-16 13:07:13 UTC4INData Raw: 65 6e 74 22 29 3b 72 65 74 75 72 6e 20 74 28 65 29 7d 3a 74 28 65 29 7d 28 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 3f 77 69 6e 64 6f 77 3a 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 43 2c 65 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 74 3d 5b 5d 2c 72 3d 4f 62 6a 65 63 74 2e 67 65 74 50 72 6f 74 6f 74 79 70 65 4f 66 2c 73 3d 74 2e 73 6c 69 63 65 2c 67 3d 74 2e 66 6c 61 74 3f 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 74 2e 66 6c 61 74 2e 63 61 6c 6c 28 65 29 7d 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 74 2e 63 6f 6e 63 61 74 2e 61 70 70 6c 79 28 5b 5d 2c 65 29 7d 2c 75 3d 74 2e 70 75 73 68 2c 69 3d 74 2e 69 6e 64 65 78 4f 66 2c 6e 3d 7b 7d 2c 6f 3d 6e 2e 74 6f 53 74 72 69
                                              Data Ascii: ent");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toStri
                                              2023-04-16 13:07:13 UTC5INData Raw: 7d 2c 65 61 63 68 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 53 2e 65 61 63 68 28 74 68 69 73 2c 65 29 7d 2c 6d 61 70 3a 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 70 75 73 68 53 74 61 63 6b 28 53 2e 6d 61 70 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 6e 2e 63 61 6c 6c 28 65 2c 74 2c 65 29 7d 29 29 7d 2c 73 6c 69 63 65 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 70 75 73 68 53 74 61 63 6b 28 73 2e 61 70 70 6c 79 28 74 68 69 73 2c 61 72 67 75 6d 65 6e 74 73 29 29 7d 2c 66 69 72 73 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 65 71 28 30 29 7d 2c 6c 61 73 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74
                                              Data Ascii: },each:function(e){return S.each(this,e)},map:function(n){return this.pushStack(S.map(this,function(e,t){return n.call(e,t,e)}))},slice:function(){return this.pushStack(s.apply(this,arguments))},first:function(){return this.eq(0)},last:function(){return t
                                              2023-04-16 13:07:13 UTC6INData Raw: 6a 65 63 74 5d 22 21 3d 3d 6f 2e 63 61 6c 6c 28 65 29 29 26 26 28 21 28 74 3d 72 28 65 29 29 7c 7c 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 28 6e 3d 76 2e 63 61 6c 6c 28 74 2c 22 63 6f 6e 73 74 72 75 63 74 6f 72 22 29 26 26 74 2e 63 6f 6e 73 74 72 75 63 74 6f 72 29 26 26 61 2e 63 61 6c 6c 28 6e 29 3d 3d 3d 6c 29 7d 2c 69 73 45 6d 70 74 79 4f 62 6a 65 63 74 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3b 66 6f 72 28 74 20 69 6e 20 65 29 72 65 74 75 72 6e 21 31 3b 72 65 74 75 72 6e 21 30 7d 2c 67 6c 6f 62 61 6c 45 76 61 6c 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 62 28 65 2c 7b 6e 6f 6e 63 65 3a 74 26 26 74 2e 6e 6f 6e 63 65 7d 2c 6e 29 7d 2c 65 61 63 68 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 2c 72 3d 30
                                              Data Ascii: ject]"!==o.call(e))&&(!(t=r(e))||"function"==typeof(n=v.call(t,"constructor")&&t.constructor)&&a.call(n)===l)},isEmptyObject:function(e){var t;for(t in e)return!1;return!0},globalEval:function(e,t,n){b(e,{nonce:t&&t.nonce},n)},each:function(e,t){var n,r=0
                                              2023-04-16 13:07:13 UTC7INData Raw: 75 65 28 29 2c 78 3d 75 65 28 29 2c 41 3d 75 65 28 29 2c 4e 3d 75 65 28 29 2c 6a 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 65 3d 3d 3d 74 26 26 28 6c 3d 21 30 29 2c 30 7d 2c 44 3d 7b 7d 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 2c 74 3d 5b 5d 2c 71 3d 74 2e 70 6f 70 2c 4c 3d 74 2e 70 75 73 68 2c 48 3d 74 2e 70 75 73 68 2c 4f 3d 74 2e 73 6c 69 63 65 2c 50 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 66 6f 72 28 76 61 72 20 6e 3d 30 2c 72 3d 65 2e 6c 65 6e 67 74 68 3b 6e 3c 72 3b 6e 2b 2b 29 69 66 28 65 5b 6e 5d 3d 3d 3d 74 29 72 65 74 75 72 6e 20 6e 3b 72 65 74 75 72 6e 2d 31 7d 2c 52 3d 22 63 68 65 63 6b 65 64 7c 73 65 6c 65 63 74 65 64 7c 61 73 79 6e 63 7c 61 75 74 6f 66 6f 63 75 73 7c 61 75 74 6f 70 6c 61 79 7c 63 6f 6e 74 72
                                              Data Ascii: ue(),x=ue(),A=ue(),N=ue(),j=function(e,t){return e===t&&(l=!0),0},D={}.hasOwnProperty,t=[],q=t.pop,L=t.push,H=t.push,O=t.slice,P=function(e,t){for(var n=0,r=e.length;n<r;n++)if(e[n]===t)return n;return-1},R="checked|selected|async|autofocus|autoplay|contr
                                              2023-04-16 13:07:13 UTC9INData Raw: 28 65 76 65 6e 7c 6f 64 64 7c 65 71 7c 67 74 7c 6c 74 7c 6e 74 68 7c 66 69 72 73 74 7c 6c 61 73 74 29 28 3f 3a 5c 5c 28 22 2b 4d 2b 22 2a 28 28 3f 3a 2d 5c 5c 64 29 3f 5c 5c 64 2a 29 22 2b 4d 2b 22 2a 5c 5c 29 7c 29 28 3f 3d 5b 5e 2d 5d 7c 24 29 22 2c 22 69 22 29 7d 2c 59 3d 2f 48 54 4d 4c 24 2f 69 2c 51 3d 2f 5e 28 3f 3a 69 6e 70 75 74 7c 73 65 6c 65 63 74 7c 74 65 78 74 61 72 65 61 7c 62 75 74 74 6f 6e 29 24 2f 69 2c 4a 3d 2f 5e 68 5c 64 24 2f 69 2c 4b 3d 2f 5e 5b 5e 7b 5d 2b 5c 7b 5c 73 2a 5c 5b 6e 61 74 69 76 65 20 5c 77 2f 2c 5a 3d 2f 5e 28 3f 3a 23 28 5b 5c 77 2d 5d 2b 29 7c 28 5c 77 2b 29 7c 5c 2e 28 5b 5c 77 2d 5d 2b 29 29 24 2f 2c 65 65 3d 2f 5b 2b 7e 5d 2f 2c 74 65 3d 6e 65 77 20 52 65 67 45 78 70 28 22 5c 5c 5c 5c 5b 5c 5c 64 61 2d 66 41 2d 46
                                              Data Ascii: (even|odd|eq|gt|lt|nth|first|last)(?:\\("+M+"*((?:-\\d)?\\d*)"+M+"*\\)|)(?=[^-]|$)","i")},Y=/HTML$/i,Q=/^(?:input|select|textarea|button)$/i,J=/^h\d$/i,K=/^[^{]+\{\s*\[native \w/,Z=/^(?:#([\w-]+)|(\w+)|\.([\w-]+))$/,ee=/[+~]/,te=new RegExp("\\\\[\\da-fA-F
                                              2023-04-16 13:07:13 UTC10INData Raw: 42 79 49 64 28 69 29 29 26 26 79 28 65 2c 61 29 26 26 61 2e 69 64 3d 3d 3d 69 29 72 65 74 75 72 6e 20 6e 2e 70 75 73 68 28 61 29 2c 6e 7d 65 6c 73 65 7b 69 66 28 75 5b 32 5d 29 72 65 74 75 72 6e 20 48 2e 61 70 70 6c 79 28 6e 2c 65 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 74 29 29 2c 6e 3b 69 66 28 28 69 3d 75 5b 33 5d 29 26 26 64 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 43 6c 61 73 73 4e 61 6d 65 26 26 65 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 43 6c 61 73 73 4e 61 6d 65 29 72 65 74 75 72 6e 20 48 2e 61 70 70 6c 79 28 6e 2c 65 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 43 6c 61 73 73 4e 61 6d 65 28 69 29 29 2c 6e 7d 69 66 28 64 2e 71 73 61 26 26 21 4e 5b 74 2b 22 20 22 5d 26 26 28 21 76 7c 7c 21 76 2e 74 65 73 74 28 74 29 29 26
                                              Data Ascii: ById(i))&&y(e,a)&&a.id===i)return n.push(a),n}else{if(u[2])return H.apply(n,e.getElementsByTagName(t)),n;if((i=u[3])&&d.getElementsByClassName&&e.getElementsByClassName)return H.apply(n,e.getElementsByClassName(i)),n}if(d.qsa&&!N[t+" "]&&(!v||!v.test(t))&
                                              2023-04-16 13:07:13 UTC11INData Raw: 72 6e 22 69 6e 70 75 74 22 3d 3d 3d 65 2e 6e 6f 64 65 4e 61 6d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 26 26 65 2e 74 79 70 65 3d 3d 3d 74 7d 7d 66 75 6e 63 74 69 6f 6e 20 68 65 28 6e 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 65 2e 6e 6f 64 65 4e 61 6d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 3b 72 65 74 75 72 6e 28 22 69 6e 70 75 74 22 3d 3d 3d 74 7c 7c 22 62 75 74 74 6f 6e 22 3d 3d 3d 74 29 26 26 65 2e 74 79 70 65 3d 3d 3d 6e 7d 7d 66 75 6e 63 74 69 6f 6e 20 67 65 28 74 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 22 66 6f 72 6d 22 69 6e 20 65 3f 65 2e 70 61 72 65 6e 74 4e 6f 64 65 26 26 21 31 3d 3d 3d 65 2e 64 69 73 61 62 6c 65 64 3f 22 6c 61 62 65 6c 22 69 6e 20 65 3f
                                              Data Ascii: rn"input"===e.nodeName.toLowerCase()&&e.type===t}}function he(n){return function(e){var t=e.nodeName.toLowerCase();return("input"===t||"button"===t)&&e.type===n}}function ge(t){return function(e){return"form"in e?e.parentNode&&!1===e.disabled?"label"in e?
                                              2023-04-16 13:07:13 UTC12INData Raw: 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 65 2e 63 6c 61 73 73 4e 61 6d 65 3d 22 69 22 2c 21 65 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 63 6c 61 73 73 4e 61 6d 65 22 29 7d 29 2c 64 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 3d 63 65 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 65 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 43 2e 63 72 65 61 74 65 43 6f 6d 6d 65 6e 74 28 22 22 29 29 2c 21 65 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 22 2a 22 29 2e 6c 65 6e 67 74 68 7d 29 2c 64 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 43 6c 61 73 73 4e 61 6d 65 3d 4b 2e 74 65 73 74 28 43 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 43 6c 61 73 73 4e 61 6d 65 29 2c 64 2e 67 65 74 42 79 49 64 3d 63 65
                                              Data Ascii: (function(e){return e.className="i",!e.getAttribute("className")}),d.getElementsByTagName=ce(function(e){return e.appendChild(C.createComment("")),!e.getElementsByTagName("*").length}),d.getElementsByClassName=K.test(C.getElementsByClassName),d.getById=ce
                                              2023-04-16 13:07:13 UTC13INData Raw: 29 31 3d 3d 3d 6e 2e 6e 6f 64 65 54 79 70 65 26 26 72 2e 70 75 73 68 28 6e 29 3b 72 65 74 75 72 6e 20 72 7d 72 65 74 75 72 6e 20 6f 7d 2c 62 2e 66 69 6e 64 2e 43 4c 41 53 53 3d 64 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 43 6c 61 73 73 4e 61 6d 65 26 26 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 74 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 43 6c 61 73 73 4e 61 6d 65 26 26 45 29 72 65 74 75 72 6e 20 74 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 43 6c 61 73 73 4e 61 6d 65 28 65 29 7d 2c 73 3d 5b 5d 2c 76 3d 5b 5d 2c 28 64 2e 71 73 61 3d 4b 2e 74 65 73 74 28 43 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 29 29 26 26 28 63 65 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3b 61
                                              Data Ascii: )1===n.nodeType&&r.push(n);return r}return o},b.find.CLASS=d.getElementsByClassName&&function(e,t){if("undefined"!=typeof t.getElementsByClassName&&E)return t.getElementsByClassName(e)},s=[],v=[],(d.qsa=K.test(C.querySelectorAll))&&(ce(function(e){var t;a
                                              2023-04-16 13:07:13 UTC15INData Raw: 26 26 76 2e 70 75 73 68 28 22 3a 65 6e 61 62 6c 65 64 22 2c 22 3a 64 69 73 61 62 6c 65 64 22 29 2c 61 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 65 29 2e 64 69 73 61 62 6c 65 64 3d 21 30 2c 32 21 3d 3d 65 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 3a 64 69 73 61 62 6c 65 64 22 29 2e 6c 65 6e 67 74 68 26 26 76 2e 70 75 73 68 28 22 3a 65 6e 61 62 6c 65 64 22 2c 22 3a 64 69 73 61 62 6c 65 64 22 29 2c 65 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 2a 2c 3a 78 22 29 2c 76 2e 70 75 73 68 28 22 2c 2e 2a 3a 22 29 7d 29 29 2c 28 64 2e 6d 61 74 63 68 65 73 53 65 6c 65 63 74 6f 72 3d 4b 2e 74 65 73 74 28 63 3d 61 2e 6d 61 74 63 68 65 73 7c 7c 61 2e 77 65 62 6b 69 74 4d 61 74 63 68 65 73 53 65 6c 65 63 74 6f 72 7c 7c 61 2e 6d 6f 7a 4d 61 74 63
                                              Data Ascii: &&v.push(":enabled",":disabled"),a.appendChild(e).disabled=!0,2!==e.querySelectorAll(":disabled").length&&v.push(":enabled",":disabled"),e.querySelectorAll("*,:x"),v.push(",.*:")})),(d.matchesSelector=K.test(c=a.matches||a.webkitMatchesSelector||a.mozMatc
                                              2023-04-16 13:07:13 UTC16INData Raw: 31 3a 74 3d 3d 43 3f 31 3a 69 3f 2d 31 3a 6f 3f 31 3a 75 3f 50 28 75 2c 65 29 2d 50 28 75 2c 74 29 3a 30 3b 69 66 28 69 3d 3d 3d 6f 29 72 65 74 75 72 6e 20 70 65 28 65 2c 74 29 3b 6e 3d 65 3b 77 68 69 6c 65 28 6e 3d 6e 2e 70 61 72 65 6e 74 4e 6f 64 65 29 61 2e 75 6e 73 68 69 66 74 28 6e 29 3b 6e 3d 74 3b 77 68 69 6c 65 28 6e 3d 6e 2e 70 61 72 65 6e 74 4e 6f 64 65 29 73 2e 75 6e 73 68 69 66 74 28 6e 29 3b 77 68 69 6c 65 28 61 5b 72 5d 3d 3d 3d 73 5b 72 5d 29 72 2b 2b 3b 72 65 74 75 72 6e 20 72 3f 70 65 28 61 5b 72 5d 2c 73 5b 72 5d 29 3a 61 5b 72 5d 3d 3d 70 3f 2d 31 3a 73 5b 72 5d 3d 3d 70 3f 31 3a 30 7d 29 2c 43 7d 2c 73 65 2e 6d 61 74 63 68 65 73 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 73 65 28 65 2c 6e 75 6c 6c 2c 6e 75 6c 6c
                                              Data Ascii: 1:t==C?1:i?-1:o?1:u?P(u,e)-P(u,t):0;if(i===o)return pe(e,t);n=e;while(n=n.parentNode)a.unshift(n);n=t;while(n=n.parentNode)s.unshift(n);while(a[r]===s[r])r++;return r?pe(a[r],s[r]):a[r]==p?-1:s[r]==p?1:0}),C},se.matches=function(e,t){return se(e,null,null
                                              2023-04-16 13:07:13 UTC17INData Raw: 69 66 28 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 65 2e 74 65 78 74 43 6f 6e 74 65 6e 74 29 72 65 74 75 72 6e 20 65 2e 74 65 78 74 43 6f 6e 74 65 6e 74 3b 66 6f 72 28 65 3d 65 2e 66 69 72 73 74 43 68 69 6c 64 3b 65 3b 65 3d 65 2e 6e 65 78 74 53 69 62 6c 69 6e 67 29 6e 2b 3d 6f 28 65 29 7d 65 6c 73 65 20 69 66 28 33 3d 3d 3d 69 7c 7c 34 3d 3d 3d 69 29 72 65 74 75 72 6e 20 65 2e 6e 6f 64 65 56 61 6c 75 65 7d 65 6c 73 65 20 77 68 69 6c 65 28 74 3d 65 5b 72 2b 2b 5d 29 6e 2b 3d 6f 28 74 29 3b 72 65 74 75 72 6e 20 6e 7d 2c 28 62 3d 73 65 2e 73 65 6c 65 63 74 6f 72 73 3d 7b 63 61 63 68 65 4c 65 6e 67 74 68 3a 35 30 2c 63 72 65 61 74 65 50 73 65 75 64 6f 3a 6c 65 2c 6d 61 74 63 68 3a 47 2c 61 74 74 72 48 61 6e 64 6c 65 3a 7b 7d 2c 66 69 6e 64 3a 7b 7d
                                              Data Ascii: if("string"==typeof e.textContent)return e.textContent;for(e=e.firstChild;e;e=e.nextSibling)n+=o(e)}else if(3===i||4===i)return e.nodeValue}else while(t=e[r++])n+=o(t);return n},(b=se.selectors={cacheLength:50,createPseudo:le,match:G,attrHandle:{},find:{}
                                              2023-04-16 13:07:13 UTC18INData Raw: 3d 74 79 70 65 6f 66 20 65 2e 63 6c 61 73 73 4e 61 6d 65 26 26 65 2e 63 6c 61 73 73 4e 61 6d 65 7c 7c 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 65 2e 67 65 74 41 74 74 72 69 62 75 74 65 26 26 65 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 63 6c 61 73 73 22 29 7c 7c 22 22 29 7d 29 7d 2c 41 54 54 52 3a 66 75 6e 63 74 69 6f 6e 28 6e 2c 72 2c 69 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 73 65 2e 61 74 74 72 28 65 2c 6e 29 3b 72 65 74 75 72 6e 20 6e 75 6c 6c 3d 3d 74 3f 22 21 3d 22 3d 3d 3d 72 3a 21 72 7c 7c 28 74 2b 3d 22 22 2c 22 3d 22 3d 3d 3d 72 3f 74 3d 3d 3d 69 3a 22 21 3d 22 3d 3d 3d 72 3f 74 21 3d 3d 69 3a 22 5e 3d 22 3d 3d 3d 72 3f 69 26 26 30 3d 3d 3d 74 2e 69 6e 64 65 78 4f 66 28 69 29 3a 22
                                              Data Ascii: =typeof e.className&&e.className||"undefined"!=typeof e.getAttribute&&e.getAttribute("class")||"")})},ATTR:function(n,r,i){return function(e){var t=se.attr(e,n);return null==t?"!="===r:!r||(t+="","="===r?t===i:"!="===r?t!==i:"^="===r?i&&0===t.indexOf(i):"
                                              2023-04-16 13:07:13 UTC20INData Raw: 72 43 61 73 65 28 29 3d 3d 3d 66 3a 31 3d 3d 3d 61 2e 6e 6f 64 65 54 79 70 65 29 26 26 2b 2b 64 26 26 28 70 26 26 28 28 69 3d 28 6f 3d 61 5b 53 5d 7c 7c 28 61 5b 53 5d 3d 7b 7d 29 29 5b 61 2e 75 6e 69 71 75 65 49 44 5d 7c 7c 28 6f 5b 61 2e 75 6e 69 71 75 65 49 44 5d 3d 7b 7d 29 29 5b 68 5d 3d 5b 6b 2c 64 5d 29 2c 61 3d 3d 3d 65 29 29 62 72 65 61 6b 3b 72 65 74 75 72 6e 28 64 2d 3d 76 29 3d 3d 3d 67 7c 7c 64 25 67 3d 3d 30 26 26 30 3c 3d 64 2f 67 7d 7d 7d 2c 50 53 45 55 44 4f 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 6f 29 7b 76 61 72 20 74 2c 61 3d 62 2e 70 73 65 75 64 6f 73 5b 65 5d 7c 7c 62 2e 73 65 74 46 69 6c 74 65 72 73 5b 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 5d 7c 7c 73 65 2e 65 72 72 6f 72 28 22 75 6e 73 75 70 70 6f 72 74 65 64 20 70 73 65 75 64
                                              Data Ascii: rCase()===f:1===a.nodeType)&&++d&&(p&&((i=(o=a[S]||(a[S]={}))[a.uniqueID]||(o[a.uniqueID]={}))[h]=[k,d]),a===e))break;return(d-=v)===g||d%g==0&&0<=d/g}}},PSEUDO:function(e,o){var t,a=b.pseudos[e]||b.setFilters[e.toLowerCase()]||se.error("unsupported pseud
                                              2023-04-16 13:07:13 UTC21INData Raw: 69 64 7d 2c 72 6f 6f 74 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 65 3d 3d 3d 61 7d 2c 66 6f 63 75 73 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 65 3d 3d 3d 43 2e 61 63 74 69 76 65 45 6c 65 6d 65 6e 74 26 26 28 21 43 2e 68 61 73 46 6f 63 75 73 7c 7c 43 2e 68 61 73 46 6f 63 75 73 28 29 29 26 26 21 21 28 65 2e 74 79 70 65 7c 7c 65 2e 68 72 65 66 7c 7c 7e 65 2e 74 61 62 49 6e 64 65 78 29 7d 2c 65 6e 61 62 6c 65 64 3a 67 65 28 21 31 29 2c 64 69 73 61 62 6c 65 64 3a 67 65 28 21 30 29 2c 63 68 65 63 6b 65 64 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 65 2e 6e 6f 64 65 4e 61 6d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 3b 72 65 74 75 72 6e 22 69 6e 70 75 74 22 3d 3d 3d 74 26 26 21 21 65 2e 63 68 65 63 6b 65 64
                                              Data Ascii: id},root:function(e){return e===a},focus:function(e){return e===C.activeElement&&(!C.hasFocus||C.hasFocus())&&!!(e.type||e.href||~e.tabIndex)},enabled:ge(!1),disabled:ge(!0),checked:function(e){var t=e.nodeName.toLowerCase();return"input"===t&&!!e.checked
                                              2023-04-16 13:07:13 UTC22INData Raw: 2e 65 71 2c 7b 72 61 64 69 6f 3a 21 30 2c 63 68 65 63 6b 62 6f 78 3a 21 30 2c 66 69 6c 65 3a 21 30 2c 70 61 73 73 77 6f 72 64 3a 21 30 2c 69 6d 61 67 65 3a 21 30 7d 29 62 2e 70 73 65 75 64 6f 73 5b 65 5d 3d 64 65 28 65 29 3b 66 6f 72 28 65 20 69 6e 7b 73 75 62 6d 69 74 3a 21 30 2c 72 65 73 65 74 3a 21 30 7d 29 62 2e 70 73 65 75 64 6f 73 5b 65 5d 3d 68 65 28 65 29 3b 66 75 6e 63 74 69 6f 6e 20 6d 65 28 29 7b 7d 66 75 6e 63 74 69 6f 6e 20 78 65 28 65 29 7b 66 6f 72 28 76 61 72 20 74 3d 30 2c 6e 3d 65 2e 6c 65 6e 67 74 68 2c 72 3d 22 22 3b 74 3c 6e 3b 74 2b 2b 29 72 2b 3d 65 5b 74 5d 2e 76 61 6c 75 65 3b 72 65 74 75 72 6e 20 72 7d 66 75 6e 63 74 69 6f 6e 20 62 65 28 73 2c 65 2c 74 29 7b 76 61 72 20 75 3d 65 2e 64 69 72 2c 6c 3d 65 2e 6e 65 78 74 2c 63 3d 6c
                                              Data Ascii: .eq,{radio:!0,checkbox:!0,file:!0,password:!0,image:!0})b.pseudos[e]=de(e);for(e in{submit:!0,reset:!0})b.pseudos[e]=he(e);function me(){}function xe(e){for(var t=0,n=e.length,r="";t<n;t++)r+=e[t].value;return r}function be(s,e,t){var u=e.dir,l=e.next,c=l
                                              2023-04-16 13:07:13 UTC23INData Raw: 76 29 7b 69 3d 54 65 28 70 2c 75 29 2c 76 28 69 2c 5b 5d 2c 6e 2c 72 29 2c 6f 3d 69 2e 6c 65 6e 67 74 68 3b 77 68 69 6c 65 28 6f 2d 2d 29 28 61 3d 69 5b 6f 5d 29 26 26 28 70 5b 75 5b 6f 5d 5d 3d 21 28 66 5b 75 5b 6f 5d 5d 3d 61 29 29 7d 69 66 28 65 29 7b 69 66 28 79 7c 7c 64 29 7b 69 66 28 79 29 7b 69 3d 5b 5d 2c 6f 3d 70 2e 6c 65 6e 67 74 68 3b 77 68 69 6c 65 28 6f 2d 2d 29 28 61 3d 70 5b 6f 5d 29 26 26 69 2e 70 75 73 68 28 66 5b 6f 5d 3d 61 29 3b 79 28 6e 75 6c 6c 2c 70 3d 5b 5d 2c 69 2c 72 29 7d 6f 3d 70 2e 6c 65 6e 67 74 68 3b 77 68 69 6c 65 28 6f 2d 2d 29 28 61 3d 70 5b 6f 5d 29 26 26 2d 31 3c 28 69 3d 79 3f 50 28 65 2c 61 29 3a 73 5b 6f 5d 29 26 26 28 65 5b 69 5d 3d 21 28 74 5b 69 5d 3d 61 29 29 7d 7d 65 6c 73 65 20 70 3d 54 65 28 70 3d 3d 3d 74 3f
                                              Data Ascii: v){i=Te(p,u),v(i,[],n,r),o=i.length;while(o--)(a=i[o])&&(p[u[o]]=!(f[u[o]]=a))}if(e){if(y||d){if(y){i=[],o=p.length;while(o--)(a=p[o])&&i.push(f[o]=a);y(null,p=[],i,r)}o=p.length;while(o--)(a=p[o])&&-1<(i=y?P(e,a):s[o])&&(e[i]=!(t[i]=a))}}else p=Te(p===t?
                                              2023-04-16 13:07:13 UTC24INData Raw: 65 28 6e 2e 6c 65 6e 67 74 68 29 29 2c 62 2e 66 69 6c 74 65 72 29 21 28 72 3d 47 5b 6f 5d 2e 65 78 65 63 28 61 29 29 7c 7c 75 5b 6f 5d 26 26 21 28 72 3d 75 5b 6f 5d 28 72 29 29 7c 7c 28 6e 3d 72 2e 73 68 69 66 74 28 29 2c 69 2e 70 75 73 68 28 7b 76 61 6c 75 65 3a 6e 2c 74 79 70 65 3a 6f 2c 6d 61 74 63 68 65 73 3a 72 7d 29 2c 61 3d 61 2e 73 6c 69 63 65 28 6e 2e 6c 65 6e 67 74 68 29 29 3b 69 66 28 21 6e 29 62 72 65 61 6b 7d 72 65 74 75 72 6e 20 74 3f 61 2e 6c 65 6e 67 74 68 3a 61 3f 73 65 2e 65 72 72 6f 72 28 65 29 3a 78 28 65 2c 73 29 2e 73 6c 69 63 65 28 30 29 7d 2c 66 3d 73 65 2e 63 6f 6d 70 69 6c 65 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 2c 76 2c 79 2c 6d 2c 78 2c 72 2c 69 3d 5b 5d 2c 6f 3d 5b 5d 2c 61 3d 41 5b 65 2b 22 20 22 5d 3b
                                              Data Ascii: e(n.length)),b.filter)!(r=G[o].exec(a))||u[o]&&!(r=u[o](r))||(n=r.shift(),i.push({value:n,type:o,matches:r}),a=a.slice(n.length));if(!n)break}return t?a.length:a?se.error(e):x(e,s).slice(0)},f=se.compile=function(e,t){var n,v,y,m,x,r,i=[],o=[],a=A[e+" "];
                                              2023-04-16 13:07:13 UTC26INData Raw: 67 74 68 29 7d 69 3d 47 2e 6e 65 65 64 73 43 6f 6e 74 65 78 74 2e 74 65 73 74 28 65 29 3f 30 3a 6f 2e 6c 65 6e 67 74 68 3b 77 68 69 6c 65 28 69 2d 2d 29 7b 69 66 28 61 3d 6f 5b 69 5d 2c 62 2e 72 65 6c 61 74 69 76 65 5b 73 3d 61 2e 74 79 70 65 5d 29 62 72 65 61 6b 3b 69 66 28 28 75 3d 62 2e 66 69 6e 64 5b 73 5d 29 26 26 28 72 3d 75 28 61 2e 6d 61 74 63 68 65 73 5b 30 5d 2e 72 65 70 6c 61 63 65 28 74 65 2c 6e 65 29 2c 65 65 2e 74 65 73 74 28 6f 5b 30 5d 2e 74 79 70 65 29 26 26 79 65 28 74 2e 70 61 72 65 6e 74 4e 6f 64 65 29 7c 7c 74 29 29 29 7b 69 66 28 6f 2e 73 70 6c 69 63 65 28 69 2c 31 29 2c 21 28 65 3d 72 2e 6c 65 6e 67 74 68 26 26 78 65 28 6f 29 29 29 72 65 74 75 72 6e 20 48 2e 61 70 70 6c 79 28 6e 2c 72 29 2c 6e 3b 62 72 65 61 6b 7d 7d 7d 72 65 74 75
                                              Data Ascii: gth)}i=G.needsContext.test(e)?0:o.length;while(i--){if(a=o[i],b.relative[s=a.type])break;if((u=b.find[s])&&(r=u(a.matches[0].replace(te,ne),ee.test(o[0].type)&&ye(t.parentNode)||t))){if(o.splice(i,1),!(e=r.length&&xe(o)))return H.apply(n,r),n;break}}}retu
                                              2023-04-16 13:07:13 UTC27INData Raw: 73 2c 53 2e 65 73 63 61 70 65 53 65 6c 65 63 74 6f 72 3d 64 2e 65 73 63 61 70 65 3b 76 61 72 20 68 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 76 61 72 20 72 3d 5b 5d 2c 69 3d 76 6f 69 64 20 30 21 3d 3d 6e 3b 77 68 69 6c 65 28 28 65 3d 65 5b 74 5d 29 26 26 39 21 3d 3d 65 2e 6e 6f 64 65 54 79 70 65 29 69 66 28 31 3d 3d 3d 65 2e 6e 6f 64 65 54 79 70 65 29 7b 69 66 28 69 26 26 53 28 65 29 2e 69 73 28 6e 29 29 62 72 65 61 6b 3b 72 2e 70 75 73 68 28 65 29 7d 72 65 74 75 72 6e 20 72 7d 2c 54 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 66 6f 72 28 76 61 72 20 6e 3d 5b 5d 3b 65 3b 65 3d 65 2e 6e 65 78 74 53 69 62 6c 69 6e 67 29 31 3d 3d 3d 65 2e 6e 6f 64 65 54 79 70 65 26 26 65 21 3d 3d 74 26 26 6e 2e 70 75 73 68 28 65 29 3b 72 65 74 75 72 6e 20 6e 7d 2c
                                              Data Ascii: s,S.escapeSelector=d.escape;var h=function(e,t,n){var r=[],i=void 0!==n;while((e=e[t])&&9!==e.nodeType)if(1===e.nodeType){if(i&&S(e).is(n))break;r.push(e)}return r},T=function(e,t){for(var n=[];e;e=e.nextSibling)1===e.nodeType&&e!==t&&n.push(e);return n},
                                              2023-04-16 13:07:13 UTC28INData Raw: 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 65 26 26 6b 2e 74 65 73 74 28 65 29 3f 53 28 65 29 3a 65 7c 7c 5b 5d 2c 21 31 29 2e 6c 65 6e 67 74 68 7d 7d 29 3b 76 61 72 20 44 2c 71 3d 2f 5e 28 3f 3a 5c 73 2a 28 3c 5b 5c 77 5c 57 5d 2b 3e 29 5b 5e 3e 5d 2a 7c 23 28 5b 5c 77 2d 5d 2b 29 29 24 2f 3b 28 53 2e 66 6e 2e 69 6e 69 74 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 76 61 72 20 72 2c 69 3b 69 66 28 21 65 29 72 65 74 75 72 6e 20 74 68 69 73 3b 69 66 28 6e 3d 6e 7c 7c 44 2c 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 65 29 7b 69 66 28 21 28 72 3d 22 3c 22 3d 3d 3d 65 5b 30 5d 26 26 22 3e 22 3d 3d 3d 65 5b 65 2e 6c 65 6e 67 74 68 2d 31 5d 26 26 33 3c 3d 65 2e 6c 65 6e 67 74 68 3f 5b 6e 75 6c 6c 2c 65 2c 6e 75 6c 6c 5d 3a 71 2e 65 78 65 63 28
                                              Data Ascii: tring"==typeof e&&k.test(e)?S(e):e||[],!1).length}});var D,q=/^(?:\s*(<[\w\W]+>)[^>]*|#([\w-]+))$/;(S.fn.init=function(e,t,n){var r,i;if(!e)return this;if(n=n||D,"string"==typeof e){if(!(r="<"===e[0]&&">"===e[e.length-1]&&3<=e.length?[null,e,null]:q.exec(
                                              2023-04-16 13:07:13 UTC29INData Raw: 61 6b 7d 72 65 74 75 72 6e 20 74 68 69 73 2e 70 75 73 68 53 74 61 63 6b 28 31 3c 6f 2e 6c 65 6e 67 74 68 3f 53 2e 75 6e 69 71 75 65 53 6f 72 74 28 6f 29 3a 6f 29 7d 2c 69 6e 64 65 78 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 65 3f 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 65 3f 69 2e 63 61 6c 6c 28 53 28 65 29 2c 74 68 69 73 5b 30 5d 29 3a 69 2e 63 61 6c 6c 28 74 68 69 73 2c 65 2e 6a 71 75 65 72 79 3f 65 5b 30 5d 3a 65 29 3a 74 68 69 73 5b 30 5d 26 26 74 68 69 73 5b 30 5d 2e 70 61 72 65 6e 74 4e 6f 64 65 3f 74 68 69 73 2e 66 69 72 73 74 28 29 2e 70 72 65 76 41 6c 6c 28 29 2e 6c 65 6e 67 74 68 3a 2d 31 7d 2c 61 64 64 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 70 75 73 68 53 74 61 63 6b 28 53
                                              Data Ascii: ak}return this.pushStack(1<o.length?S.uniqueSort(o):o)},index:function(e){return e?"string"==typeof e?i.call(S(e),this[0]):i.call(this,e.jquery?e[0]:e):this[0]&&this[0].parentNode?this.first().prevAll().length:-1},add:function(e,t){return this.pushStack(S
                                              2023-04-16 13:07:13 UTC31INData Raw: 26 26 28 6e 3d 53 2e 66 69 6c 74 65 72 28 74 2c 6e 29 29 2c 31 3c 74 68 69 73 2e 6c 65 6e 67 74 68 26 26 28 48 5b 72 5d 7c 7c 53 2e 75 6e 69 71 75 65 53 6f 72 74 28 6e 29 2c 4c 2e 74 65 73 74 28 72 29 26 26 6e 2e 72 65 76 65 72 73 65 28 29 29 2c 74 68 69 73 2e 70 75 73 68 53 74 61 63 6b 28 6e 29 7d 7d 29 3b 76 61 72 20 50 3d 2f 5b 5e 5c 78 32 30 5c 74 5c 72 5c 6e 5c 66 5d 2b 2f 67 3b 66 75 6e 63 74 69 6f 6e 20 52 28 65 29 7b 72 65 74 75 72 6e 20 65 7d 66 75 6e 63 74 69 6f 6e 20 4d 28 65 29 7b 74 68 72 6f 77 20 65 7d 66 75 6e 63 74 69 6f 6e 20 49 28 65 2c 74 2c 6e 2c 72 29 7b 76 61 72 20 69 3b 74 72 79 7b 65 26 26 6d 28 69 3d 65 2e 70 72 6f 6d 69 73 65 29 3f 69 2e 63 61 6c 6c 28 65 29 2e 64 6f 6e 65 28 74 29 2e 66 61 69 6c 28 6e 29 3a 65 26 26 6d 28 69 3d
                                              Data Ascii: &&(n=S.filter(t,n)),1<this.length&&(H[r]||S.uniqueSort(n),L.test(r)&&n.reverse()),this.pushStack(n)}});var P=/[^\x20\t\r\n\f]+/g;function R(e){return e}function M(e){throw e}function I(e,t,n,r){var i;try{e&&m(i=e.promise)?i.call(e).done(t).fail(n):e&&m(i=
                                              2023-04-16 13:07:13 UTC32INData Raw: 74 68 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 61 7c 7c 28 74 3d 5b 65 2c 28 74 3d 74 7c 7c 5b 5d 29 2e 73 6c 69 63 65 3f 74 2e 73 6c 69 63 65 28 29 3a 74 5d 2c 75 2e 70 75 73 68 28 74 29 2c 69 7c 7c 63 28 29 29 2c 74 68 69 73 7d 2c 66 69 72 65 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 66 2e 66 69 72 65 57 69 74 68 28 74 68 69 73 2c 61 72 67 75 6d 65 6e 74 73 29 2c 74 68 69 73 7d 2c 66 69 72 65 64 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 21 21 6f 7d 7d 3b 72 65 74 75 72 6e 20 66 7d 2c 53 2e 65 78 74 65 6e 64 28 7b 44 65 66 65 72 72 65 64 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 6f 3d 5b 5b 22 6e 6f 74 69 66 79 22 2c 22 70 72 6f 67 72 65 73 73 22 2c 53 2e 43 61 6c 6c 62 61 63 6b 73 28 22 6d 65
                                              Data Ascii: th:function(e,t){return a||(t=[e,(t=t||[]).slice?t.slice():t],u.push(t),i||c()),this},fire:function(){return f.fireWith(this,arguments),this},fired:function(){return!!o}};return f},S.extend({Deferred:function(e){var o=[["notify","progress",S.Callbacks("me
                                              2023-04-16 13:07:13 UTC33INData Raw: 52 2c 6f 2e 6e 6f 74 69 66 79 57 69 74 68 29 29 29 3a 28 61 21 3d 3d 52 26 26 28 6e 3d 76 6f 69 64 20 30 2c 72 3d 5b 65 5d 29 2c 28 73 7c 7c 6f 2e 72 65 73 6f 6c 76 65 57 69 74 68 29 28 6e 2c 72 29 29 7d 7d 2c 74 3d 73 3f 65 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 65 28 29 7d 63 61 74 63 68 28 65 29 7b 53 2e 44 65 66 65 72 72 65 64 2e 65 78 63 65 70 74 69 6f 6e 48 6f 6f 6b 26 26 53 2e 44 65 66 65 72 72 65 64 2e 65 78 63 65 70 74 69 6f 6e 48 6f 6f 6b 28 65 2c 74 2e 73 74 61 63 6b 54 72 61 63 65 29 2c 75 3c 3d 69 2b 31 26 26 28 61 21 3d 3d 4d 26 26 28 6e 3d 76 6f 69 64 20 30 2c 72 3d 5b 65 5d 29 2c 6f 2e 72 65 6a 65 63 74 57 69 74 68 28 6e 2c 72 29 29 7d 7d 3b 69 3f 74 28 29 3a 28 53 2e 44 65 66 65 72 72 65 64 2e 67 65 74 53 74 61 63 6b 48 6f 6f 6b
                                              Data Ascii: R,o.notifyWith))):(a!==R&&(n=void 0,r=[e]),(s||o.resolveWith)(n,r))}},t=s?e:function(){try{e()}catch(e){S.Deferred.exceptionHook&&S.Deferred.exceptionHook(e,t.stackTrace),u<=i+1&&(a!==M&&(n=void 0,r=[e]),o.rejectWith(n,r))}};i?t():(S.Deferred.getStackHook
                                              2023-04-16 13:07:13 UTC34INData Raw: 65 66 65 72 72 65 64 2e 65 78 63 65 70 74 69 6f 6e 48 6f 6f 6b 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 43 2e 63 6f 6e 73 6f 6c 65 26 26 43 2e 63 6f 6e 73 6f 6c 65 2e 77 61 72 6e 26 26 65 26 26 57 2e 74 65 73 74 28 65 2e 6e 61 6d 65 29 26 26 43 2e 63 6f 6e 73 6f 6c 65 2e 77 61 72 6e 28 22 6a 51 75 65 72 79 2e 44 65 66 65 72 72 65 64 20 65 78 63 65 70 74 69 6f 6e 3a 20 22 2b 65 2e 6d 65 73 73 61 67 65 2c 65 2e 73 74 61 63 6b 2c 74 29 7d 2c 53 2e 72 65 61 64 79 45 78 63 65 70 74 69 6f 6e 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 43 2e 73 65 74 54 69 6d 65 6f 75 74 28 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 72 6f 77 20 65 7d 29 7d 3b 76 61 72 20 46 3d 53 2e 44 65 66 65 72 72 65 64 28 29 3b 66 75 6e 63 74 69 6f 6e 20 42 28 29 7b 45 2e 72 65 6d 6f 76 65 45 76
                                              Data Ascii: eferred.exceptionHook=function(e,t){C.console&&C.console.warn&&e&&W.test(e.name)&&C.console.warn("jQuery.Deferred exception: "+e.message,e.stack,t)},S.readyException=function(e){C.setTimeout(function(){throw e})};var F=S.Deferred();function B(){E.removeEv
                                              2023-04-16 13:07:13 UTC35INData Raw: 22 6d 73 2d 22 29 2e 72 65 70 6c 61 63 65 28 7a 2c 55 29 7d 76 61 72 20 56 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 31 3d 3d 3d 65 2e 6e 6f 64 65 54 79 70 65 7c 7c 39 3d 3d 3d 65 2e 6e 6f 64 65 54 79 70 65 7c 7c 21 2b 65 2e 6e 6f 64 65 54 79 70 65 7d 3b 66 75 6e 63 74 69 6f 6e 20 47 28 29 7b 74 68 69 73 2e 65 78 70 61 6e 64 6f 3d 53 2e 65 78 70 61 6e 64 6f 2b 47 2e 75 69 64 2b 2b 7d 47 2e 75 69 64 3d 31 2c 47 2e 70 72 6f 74 6f 74 79 70 65 3d 7b 63 61 63 68 65 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 65 5b 74 68 69 73 2e 65 78 70 61 6e 64 6f 5d 3b 72 65 74 75 72 6e 20 74 7c 7c 28 74 3d 7b 7d 2c 56 28 65 29 26 26 28 65 2e 6e 6f 64 65 54 79 70 65 3f 65 5b 74 68 69 73 2e 65 78 70 61 6e 64 6f 5d 3d 74 3a 4f 62 6a 65 63 74 2e
                                              Data Ascii: "ms-").replace(z,U)}var V=function(e){return 1===e.nodeType||9===e.nodeType||!+e.nodeType};function G(){this.expando=S.expando+G.uid++}G.uid=1,G.prototype={cache:function(e){var t=e[this.expando];return t||(t={},V(e)&&(e.nodeType?e[this.expando]=t:Object.
                                              2023-04-16 13:07:13 UTC37INData Raw: 3d 3d 3d 2b 69 2b 22 22 3f 2b 69 3a 4a 2e 74 65 73 74 28 69 29 3f 4a 53 4f 4e 2e 70 61 72 73 65 28 69 29 3a 69 29 7d 63 61 74 63 68 28 65 29 7b 7d 51 2e 73 65 74 28 65 2c 74 2c 6e 29 7d 65 6c 73 65 20 6e 3d 76 6f 69 64 20 30 3b 72 65 74 75 72 6e 20 6e 7d 53 2e 65 78 74 65 6e 64 28 7b 68 61 73 44 61 74 61 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 51 2e 68 61 73 44 61 74 61 28 65 29 7c 7c 59 2e 68 61 73 44 61 74 61 28 65 29 7d 2c 64 61 74 61 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 72 65 74 75 72 6e 20 51 2e 61 63 63 65 73 73 28 65 2c 74 2c 6e 29 7d 2c 72 65 6d 6f 76 65 44 61 74 61 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 51 2e 72 65 6d 6f 76 65 28 65 2c 74 29 7d 2c 5f 64 61 74 61 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e
                                              Data Ascii: ===+i+""?+i:J.test(i)?JSON.parse(i):i)}catch(e){}Q.set(e,t,n)}else n=void 0;return n}S.extend({hasData:function(e){return Q.hasData(e)||Y.hasData(e)},data:function(e,t,n){return Q.access(e,t,n)},removeData:function(e,t){Q.remove(e,t)},_data:function(e,t,n
                                              2023-04-16 13:07:13 UTC38INData Raw: 6c 65 74 65 20 6f 2e 73 74 6f 70 2c 69 2e 63 61 6c 6c 28 65 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 53 2e 64 65 71 75 65 75 65 28 65 2c 74 29 7d 2c 6f 29 29 2c 21 72 26 26 6f 26 26 6f 2e 65 6d 70 74 79 2e 66 69 72 65 28 29 7d 2c 5f 71 75 65 75 65 48 6f 6f 6b 73 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 3d 74 2b 22 71 75 65 75 65 48 6f 6f 6b 73 22 3b 72 65 74 75 72 6e 20 59 2e 67 65 74 28 65 2c 6e 29 7c 7c 59 2e 61 63 63 65 73 73 28 65 2c 6e 2c 7b 65 6d 70 74 79 3a 53 2e 43 61 6c 6c 62 61 63 6b 73 28 22 6f 6e 63 65 20 6d 65 6d 6f 72 79 22 29 2e 61 64 64 28 66 75 6e 63 74 69 6f 6e 28 29 7b 59 2e 72 65 6d 6f 76 65 28 65 2c 5b 74 2b 22 71 75 65 75 65 22 2c 6e 5d 29 7d 29 7d 29 7d 7d 29 2c 53 2e 66 6e 2e 65 78 74 65 6e 64 28 7b 71 75 65 75 65 3a
                                              Data Ascii: lete o.stop,i.call(e,function(){S.dequeue(e,t)},o)),!r&&o&&o.empty.fire()},_queueHooks:function(e,t){var n=t+"queueHooks";return Y.get(e,n)||Y.access(e,n,{empty:S.Callbacks("once memory").add(function(){Y.remove(e,[t+"queue",n])})})}}),S.fn.extend({queue:
                                              2023-04-16 13:07:13 UTC39INData Raw: 73 74 79 6c 65 2e 64 69 73 70 6c 61 79 7c 7c 22 22 3d 3d 3d 65 2e 73 74 79 6c 65 2e 64 69 73 70 6c 61 79 26 26 69 65 28 65 29 26 26 22 6e 6f 6e 65 22 3d 3d 3d 53 2e 63 73 73 28 65 2c 22 64 69 73 70 6c 61 79 22 29 7d 3b 66 75 6e 63 74 69 6f 6e 20 73 65 28 65 2c 74 2c 6e 2c 72 29 7b 76 61 72 20 69 2c 6f 2c 61 3d 32 30 2c 73 3d 72 3f 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 72 2e 63 75 72 28 29 7d 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 53 2e 63 73 73 28 65 2c 74 2c 22 22 29 7d 2c 75 3d 73 28 29 2c 6c 3d 6e 26 26 6e 5b 33 5d 7c 7c 28 53 2e 63 73 73 4e 75 6d 62 65 72 5b 74 5d 3f 22 22 3a 22 70 78 22 29 2c 63 3d 65 2e 6e 6f 64 65 54 79 70 65 26 26 28 53 2e 63 73 73 4e 75 6d 62 65 72 5b 74 5d 7c 7c 22 70 78 22 21 3d 3d 6c 26 26 2b
                                              Data Ascii: style.display||""===e.style.display&&ie(e)&&"none"===S.css(e,"display")};function se(e,t,n,r){var i,o,a=20,s=r?function(){return r.cur()}:function(){return S.css(e,t,"")},u=s(),l=n&&n[3]||(S.cssNumber[t]?"":"px"),c=e.nodeType&&(S.cssNumber[t]||"px"!==l&&+
                                              2023-04-16 13:07:13 UTC40INData Raw: 5e 28 3f 3a 63 68 65 63 6b 62 6f 78 7c 72 61 64 69 6f 29 24 2f 69 2c 64 65 3d 2f 3c 28 5b 61 2d 7a 5d 5b 5e 5c 2f 5c 30 3e 5c 78 32 30 5c 74 5c 72 5c 6e 5c 66 5d 2a 29 2f 69 2c 68 65 3d 2f 5e 24 7c 5e 6d 6f 64 75 6c 65 24 7c 5c 2f 28 3f 3a 6a 61 76 61 7c 65 63 6d 61 29 73 63 72 69 70 74 2f 69 3b 63 65 3d 45 2e 63 72 65 61 74 65 44 6f 63 75 6d 65 6e 74 46 72 61 67 6d 65 6e 74 28 29 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 45 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 64 69 76 22 29 29 2c 28 66 65 3d 45 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 69 6e 70 75 74 22 29 29 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 74 79 70 65 22 2c 22 72 61 64 69 6f 22 29 2c 66 65 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 63 68 65 63 6b 65 64 22 2c 22 63 68 65 63
                                              Data Ascii: ^(?:checkbox|radio)$/i,de=/<([a-z][^\/\0>\x20\t\r\n\f]*)/i,he=/^$|^module$|\/(?:java|ecma)script/i;ce=E.createDocumentFragment().appendChild(E.createElement("div")),(fe=E.createElement("input")).setAttribute("type","radio"),fe.setAttribute("checked","chec
                                              2023-04-16 13:07:13 UTC42INData Raw: 2e 63 72 65 61 74 65 44 6f 63 75 6d 65 6e 74 46 72 61 67 6d 65 6e 74 28 29 2c 70 3d 5b 5d 2c 64 3d 30 2c 68 3d 65 2e 6c 65 6e 67 74 68 3b 64 3c 68 3b 64 2b 2b 29 69 66 28 28 6f 3d 65 5b 64 5d 29 7c 7c 30 3d 3d 3d 6f 29 69 66 28 22 6f 62 6a 65 63 74 22 3d 3d 3d 77 28 6f 29 29 53 2e 6d 65 72 67 65 28 70 2c 6f 2e 6e 6f 64 65 54 79 70 65 3f 5b 6f 5d 3a 6f 29 3b 65 6c 73 65 20 69 66 28 6d 65 2e 74 65 73 74 28 6f 29 29 7b 61 3d 61 7c 7c 66 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 64 69 76 22 29 29 2c 73 3d 28 64 65 2e 65 78 65 63 28 6f 29 7c 7c 5b 22 22 2c 22 22 5d 29 5b 31 5d 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2c 75 3d 67 65 5b 73 5d 7c 7c 67 65 2e 5f 64 65 66 61 75 6c 74 2c 61 2e 69 6e 6e 65 72 48 54 4d
                                              Data Ascii: .createDocumentFragment(),p=[],d=0,h=e.length;d<h;d++)if((o=e[d])||0===o)if("object"===w(o))S.merge(p,o.nodeType?[o]:o);else if(me.test(o)){a=a||f.appendChild(t.createElement("div")),s=(de.exec(o)||["",""])[1].toLowerCase(),u=ge[s]||ge._default,a.innerHTM
                                              2023-04-16 13:07:13 UTC43INData Raw: 21 31 2c 68 61 6e 64 6c 65 72 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 2c 6e 2c 72 3d 59 2e 67 65 74 28 74 68 69 73 2c 69 29 3b 69 66 28 31 26 65 2e 69 73 54 72 69 67 67 65 72 26 26 74 68 69 73 5b 69 5d 29 7b 69 66 28 72 2e 6c 65 6e 67 74 68 29 28 53 2e 65 76 65 6e 74 2e 73 70 65 63 69 61 6c 5b 69 5d 7c 7c 7b 7d 29 2e 64 65 6c 65 67 61 74 65 54 79 70 65 26 26 65 2e 73 74 6f 70 50 72 6f 70 61 67 61 74 69 6f 6e 28 29 3b 65 6c 73 65 20 69 66 28 72 3d 73 2e 63 61 6c 6c 28 61 72 67 75 6d 65 6e 74 73 29 2c 59 2e 73 65 74 28 74 68 69 73 2c 69 2c 72 29 2c 74 3d 6f 28 74 68 69 73 2c 69 29 2c 74 68 69 73 5b 69 5d 28 29 2c 72 21 3d 3d 28 6e 3d 59 2e 67 65 74 28 74 68 69 73 2c 69 29 29 7c 7c 74 3f 59 2e 73 65 74 28 74 68 69 73 2c 69 2c 21 31 29 3a 6e 3d
                                              Data Ascii: !1,handler:function(e){var t,n,r=Y.get(this,i);if(1&e.isTrigger&&this[i]){if(r.length)(S.event.special[i]||{}).delegateType&&e.stopPropagation();else if(r=s.call(arguments),Y.set(this,i,r),t=o(this,i),this[i](),r!==(n=Y.get(this,i))||t?Y.set(this,i,!1):n=
                                              2023-04-16 13:07:13 UTC44INData Raw: 67 61 74 65 43 6f 75 6e 74 3d 30 2c 66 2e 73 65 74 75 70 26 26 21 31 21 3d 3d 66 2e 73 65 74 75 70 2e 63 61 6c 6c 28 74 2c 72 2c 68 2c 61 29 7c 7c 74 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 26 26 74 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 64 2c 61 29 29 2c 66 2e 61 64 64 26 26 28 66 2e 61 64 64 2e 63 61 6c 6c 28 74 2c 63 29 2c 63 2e 68 61 6e 64 6c 65 72 2e 67 75 69 64 7c 7c 28 63 2e 68 61 6e 64 6c 65 72 2e 67 75 69 64 3d 6e 2e 67 75 69 64 29 29 2c 69 3f 70 2e 73 70 6c 69 63 65 28 70 2e 64 65 6c 65 67 61 74 65 43 6f 75 6e 74 2b 2b 2c 30 2c 63 29 3a 70 2e 70 75 73 68 28 63 29 2c 53 2e 65 76 65 6e 74 2e 67 6c 6f 62 61 6c 5b 64 5d 3d 21 30 29 7d 7d 2c 72 65 6d 6f 76 65 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 2c 72 2c 69 29 7b 76
                                              Data Ascii: gateCount=0,f.setup&&!1!==f.setup.call(t,r,h,a)||t.addEventListener&&t.addEventListener(d,a)),f.add&&(f.add.call(t,c),c.handler.guid||(c.handler.guid=n.guid)),i?p.splice(p.delegateCount++,0,c):p.push(c),S.event.global[d]=!0)}},remove:function(e,t,n,r,i){v
                                              2023-04-16 13:07:13 UTC45INData Raw: 68 7c 7c 21 31 21 3d 3d 63 2e 70 72 65 44 69 73 70 61 74 63 68 2e 63 61 6c 6c 28 74 68 69 73 2c 75 29 29 7b 61 3d 53 2e 65 76 65 6e 74 2e 68 61 6e 64 6c 65 72 73 2e 63 61 6c 6c 28 74 68 69 73 2c 75 2c 6c 29 2c 74 3d 30 3b 77 68 69 6c 65 28 28 69 3d 61 5b 74 2b 2b 5d 29 26 26 21 75 2e 69 73 50 72 6f 70 61 67 61 74 69 6f 6e 53 74 6f 70 70 65 64 28 29 29 7b 75 2e 63 75 72 72 65 6e 74 54 61 72 67 65 74 3d 69 2e 65 6c 65 6d 2c 6e 3d 30 3b 77 68 69 6c 65 28 28 6f 3d 69 2e 68 61 6e 64 6c 65 72 73 5b 6e 2b 2b 5d 29 26 26 21 75 2e 69 73 49 6d 6d 65 64 69 61 74 65 50 72 6f 70 61 67 61 74 69 6f 6e 53 74 6f 70 70 65 64 28 29 29 75 2e 72 6e 61 6d 65 73 70 61 63 65 26 26 21 31 21 3d 3d 6f 2e 6e 61 6d 65 73 70 61 63 65 26 26 21 75 2e 72 6e 61 6d 65 73 70 61 63 65 2e 74
                                              Data Ascii: h||!1!==c.preDispatch.call(this,u)){a=S.event.handlers.call(this,u,l),t=0;while((i=a[t++])&&!u.isPropagationStopped()){u.currentTarget=i.elem,n=0;while((o=i.handlers[n++])&&!u.isImmediatePropagationStopped())u.rnamespace&&!1!==o.namespace&&!u.rnamespace.t
                                              2023-04-16 13:07:13 UTC46INData Raw: 2c 74 2c 7b 65 6e 75 6d 65 72 61 62 6c 65 3a 21 30 2c 63 6f 6e 66 69 67 75 72 61 62 6c 65 3a 21 30 2c 77 72 69 74 61 62 6c 65 3a 21 30 2c 76 61 6c 75 65 3a 65 7d 29 7d 7d 29 7d 2c 66 69 78 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 65 5b 53 2e 65 78 70 61 6e 64 6f 5d 3f 65 3a 6e 65 77 20 53 2e 45 76 65 6e 74 28 65 29 7d 2c 73 70 65 63 69 61 6c 3a 7b 6c 6f 61 64 3a 7b 6e 6f 42 75 62 62 6c 65 3a 21 30 7d 2c 63 6c 69 63 6b 3a 7b 73 65 74 75 70 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 74 68 69 73 7c 7c 65 3b 72 65 74 75 72 6e 20 70 65 2e 74 65 73 74 28 74 2e 74 79 70 65 29 26 26 74 2e 63 6c 69 63 6b 26 26 41 28 74 2c 22 69 6e 70 75 74 22 29 26 26 53 65 28 74 2c 22 63 6c 69 63 6b 22 2c 77 65 29 2c 21 31 7d 2c 74 72 69 67 67 65
                                              Data Ascii: ,t,{enumerable:!0,configurable:!0,writable:!0,value:e})}})},fix:function(e){return e[S.expando]?e:new S.Event(e)},special:{load:{noBubble:!0},click:{setup:function(e){var t=this||e;return pe.test(t.type)&&t.click&&A(t,"input")&&Se(t,"click",we),!1},trigge
                                              2023-04-16 13:07:13 UTC48INData Raw: 2c 70 72 65 76 65 6e 74 44 65 66 61 75 6c 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3d 74 68 69 73 2e 6f 72 69 67 69 6e 61 6c 45 76 65 6e 74 3b 74 68 69 73 2e 69 73 44 65 66 61 75 6c 74 50 72 65 76 65 6e 74 65 64 3d 77 65 2c 65 26 26 21 74 68 69 73 2e 69 73 53 69 6d 75 6c 61 74 65 64 26 26 65 2e 70 72 65 76 65 6e 74 44 65 66 61 75 6c 74 28 29 7d 2c 73 74 6f 70 50 72 6f 70 61 67 61 74 69 6f 6e 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3d 74 68 69 73 2e 6f 72 69 67 69 6e 61 6c 45 76 65 6e 74 3b 74 68 69 73 2e 69 73 50 72 6f 70 61 67 61 74 69 6f 6e 53 74 6f 70 70 65 64 3d 77 65 2c 65 26 26 21 74 68 69 73 2e 69 73 53 69 6d 75 6c 61 74 65 64 26 26 65 2e 73 74 6f 70 50 72 6f 70 61 67 61 74 69 6f 6e 28 29 7d 2c 73 74 6f 70 49 6d 6d 65 64 69
                                              Data Ascii: ,preventDefault:function(){var e=this.originalEvent;this.isDefaultPrevented=we,e&&!this.isSimulated&&e.preventDefault()},stopPropagation:function(){var e=this.originalEvent;this.isPropagationStopped=we,e&&!this.isSimulated&&e.stopPropagation()},stopImmedi
                                              2023-04-16 13:07:13 UTC49INData Raw: 74 61 69 6e 73 28 74 68 69 73 2c 6e 29 29 7c 7c 28 65 2e 74 79 70 65 3d 72 2e 6f 72 69 67 54 79 70 65 2c 74 3d 72 2e 68 61 6e 64 6c 65 72 2e 61 70 70 6c 79 28 74 68 69 73 2c 61 72 67 75 6d 65 6e 74 73 29 2c 65 2e 74 79 70 65 3d 69 29 2c 74 7d 7d 7d 29 2c 53 2e 66 6e 2e 65 78 74 65 6e 64 28 7b 6f 6e 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 2c 72 29 7b 72 65 74 75 72 6e 20 45 65 28 74 68 69 73 2c 65 2c 74 2c 6e 2c 72 29 7d 2c 6f 6e 65 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 2c 72 29 7b 72 65 74 75 72 6e 20 45 65 28 74 68 69 73 2c 65 2c 74 2c 6e 2c 72 2c 31 29 7d 2c 6f 66 66 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 76 61 72 20 72 2c 69 3b 69 66 28 65 26 26 65 2e 70 72 65 76 65 6e 74 44 65 66 61 75 6c 74 26 26 65 2e 68 61 6e 64 6c 65 4f 62
                                              Data Ascii: tains(this,n))||(e.type=r.origType,t=r.handler.apply(this,arguments),e.type=i),t}}}),S.fn.extend({on:function(e,t,n,r){return Ee(this,e,t,n,r)},one:function(e,t,n,r){return Ee(this,e,t,n,r,1)},off:function(e,t,n){var r,i;if(e&&e.preventDefault&&e.handleOb
                                              2023-04-16 13:07:13 UTC50INData Raw: 63 3d 30 2c 66 3d 6e 2e 6c 65 6e 67 74 68 2c 70 3d 66 2d 31 2c 64 3d 72 5b 30 5d 2c 68 3d 6d 28 64 29 3b 69 66 28 68 7c 7c 31 3c 66 26 26 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 64 26 26 21 79 2e 63 68 65 63 6b 43 6c 6f 6e 65 26 26 41 65 2e 74 65 73 74 28 64 29 29 72 65 74 75 72 6e 20 6e 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 6e 2e 65 71 28 65 29 3b 68 26 26 28 72 5b 30 5d 3d 64 2e 63 61 6c 6c 28 74 68 69 73 2c 65 2c 74 2e 68 74 6d 6c 28 29 29 29 2c 48 65 28 74 2c 72 2c 69 2c 6f 29 7d 29 3b 69 66 28 66 26 26 28 74 3d 28 65 3d 78 65 28 72 2c 6e 5b 30 5d 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 2c 21 31 2c 6e 2c 6f 29 29 2e 66 69 72 73 74 43 68 69 6c 64 2c 31 3d 3d 3d 65 2e 63 68 69 6c 64 4e 6f 64 65 73 2e 6c 65
                                              Data Ascii: c=0,f=n.length,p=f-1,d=r[0],h=m(d);if(h||1<f&&"string"==typeof d&&!y.checkClone&&Ae.test(d))return n.each(function(e){var t=n.eq(e);h&&(r[0]=d.call(this,e,t.html())),He(t,r,i,o)});if(f&&(t=(e=xe(r,n[0].ownerDocument,!1,n,o)).firstChild,1===e.childNodes.le
                                              2023-04-16 13:07:13 UTC51INData Raw: 22 21 3d 3d 6c 7c 7c 28 75 2e 64 65 66 61 75 6c 74 56 61 6c 75 65 3d 73 2e 64 65 66 61 75 6c 74 56 61 6c 75 65 29 3b 69 66 28 74 29 69 66 28 6e 29 66 6f 72 28 6f 3d 6f 7c 7c 76 65 28 65 29 2c 61 3d 61 7c 7c 76 65 28 63 29 2c 72 3d 30 2c 69 3d 6f 2e 6c 65 6e 67 74 68 3b 72 3c 69 3b 72 2b 2b 29 4c 65 28 6f 5b 72 5d 2c 61 5b 72 5d 29 3b 65 6c 73 65 20 4c 65 28 65 2c 63 29 3b 72 65 74 75 72 6e 20 30 3c 28 61 3d 76 65 28 63 2c 22 73 63 72 69 70 74 22 29 29 2e 6c 65 6e 67 74 68 26 26 79 65 28 61 2c 21 66 26 26 76 65 28 65 2c 22 73 63 72 69 70 74 22 29 29 2c 63 7d 2c 63 6c 65 61 6e 44 61 74 61 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 66 6f 72 28 76 61 72 20 74 2c 6e 2c 72 2c 69 3d 53 2e 65 76 65 6e 74 2e 73 70 65 63 69 61 6c 2c 6f 3d 30 3b 76 6f 69 64 20 30 21 3d
                                              Data Ascii: "!==l||(u.defaultValue=s.defaultValue);if(t)if(n)for(o=o||ve(e),a=a||ve(c),r=0,i=o.length;r<i;r++)Le(o[r],a[r]);else Le(e,c);return 0<(a=ve(c,"script")).length&&ye(a,!f&&ve(e,"script")),c},cleanData:function(e){for(var t,n,r,i=S.event.special,o=0;void 0!=
                                              2023-04-16 13:07:13 UTC53INData Raw: 2e 69 6e 73 65 72 74 42 65 66 6f 72 65 28 65 2c 74 68 69 73 2e 6e 65 78 74 53 69 62 6c 69 6e 67 29 7d 29 7d 2c 65 6d 70 74 79 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 66 6f 72 28 76 61 72 20 65 2c 74 3d 30 3b 6e 75 6c 6c 21 3d 28 65 3d 74 68 69 73 5b 74 5d 29 3b 74 2b 2b 29 31 3d 3d 3d 65 2e 6e 6f 64 65 54 79 70 65 26 26 28 53 2e 63 6c 65 61 6e 44 61 74 61 28 76 65 28 65 2c 21 31 29 29 2c 65 2e 74 65 78 74 43 6f 6e 74 65 6e 74 3d 22 22 29 3b 72 65 74 75 72 6e 20 74 68 69 73 7d 2c 63 6c 6f 6e 65 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 65 3d 6e 75 6c 6c 21 3d 65 26 26 65 2c 74 3d 6e 75 6c 6c 3d 3d 74 3f 65 3a 74 2c 74 68 69 73 2e 6d 61 70 28 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 53 2e 63 6c 6f 6e 65 28 74 68 69 73 2c 65
                                              Data Ascii: .insertBefore(e,this.nextSibling)})},empty:function(){for(var e,t=0;null!=(e=this[t]);t++)1===e.nodeType&&(S.cleanData(ve(e,!1)),e.textContent="");return this},clone:function(e,t){return e=null!=e&&e,t=null==t?e:t,this.map(function(){return S.clone(this,e
                                              2023-04-16 13:07:13 UTC54INData Raw: 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 76 61 72 20 72 2c 69 2c 6f 3d 7b 7d 3b 66 6f 72 28 69 20 69 6e 20 74 29 6f 5b 69 5d 3d 65 2e 73 74 79 6c 65 5b 69 5d 2c 65 2e 73 74 79 6c 65 5b 69 5d 3d 74 5b 69 5d 3b 66 6f 72 28 69 20 69 6e 20 72 3d 6e 2e 63 61 6c 6c 28 65 29 2c 74 29 65 2e 73 74 79 6c 65 5b 69 5d 3d 6f 5b 69 5d 3b 72 65 74 75 72 6e 20 72 7d 2c 49 65 3d 6e 65 77 20 52 65 67 45 78 70 28 6e 65 2e 6a 6f 69 6e 28 22 7c 22 29 2c 22 69 22 29 3b 66 75 6e 63 74 69 6f 6e 20 57 65 28 65 2c 74 2c 6e 29 7b 76 61 72 20 72 2c 69 2c 6f 2c 61 2c 73 3d 65 2e 73 74 79 6c 65 3b 72 65 74 75 72 6e 28 6e 3d 6e 7c 7c 52 65 28 65 29 29 26 26 28 22 22 21 3d 3d 28 61 3d 6e 2e 67 65 74 50 72 6f 70 65 72 74 79 56 61 6c 75 65 28 74 29 7c 7c 6e 5b 74 5d 29 7c 7c 69 65 28 65 29
                                              Data Ascii: ction(e,t,n){var r,i,o={};for(i in t)o[i]=e.style[i],e.style[i]=t[i];for(i in r=n.call(e),t)e.style[i]=o[i];return r},Ie=new RegExp(ne.join("|"),"i");function We(e,t,n){var r,i,o,a,s=e.style;return(n=n||Re(e))&&(""!==(a=n.getPropertyValue(t)||n[t])||ie(e)
                                              2023-04-16 13:07:13 UTC55INData Raw: 64 43 6c 69 70 3d 22 22 2c 79 2e 63 6c 65 61 72 43 6c 6f 6e 65 53 74 79 6c 65 3d 22 63 6f 6e 74 65 6e 74 2d 62 6f 78 22 3d 3d 3d 6c 2e 73 74 79 6c 65 2e 62 61 63 6b 67 72 6f 75 6e 64 43 6c 69 70 2c 53 2e 65 78 74 65 6e 64 28 79 2c 7b 62 6f 78 53 69 7a 69 6e 67 52 65 6c 69 61 62 6c 65 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 28 29 2c 72 7d 2c 70 69 78 65 6c 42 6f 78 53 74 79 6c 65 73 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 28 29 2c 6f 7d 2c 70 69 78 65 6c 50 6f 73 69 74 69 6f 6e 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 28 29 2c 6e 7d 2c 72 65 6c 69 61 62 6c 65 4d 61 72 67 69 6e 4c 65 66 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 28 29 2c 73 7d 2c 73 63 72 6f 6c 6c 62 6f 78 53 69
                                              Data Ascii: dClip="",y.clearCloneStyle="content-box"===l.style.backgroundClip,S.extend(y,{boxSizingReliable:function(){return e(),r},pixelBoxStyles:function(){return e(),o},pixelPosition:function(){return e(),n},reliableMarginLeft:function(){return e(),s},scrollboxSi
                                              2023-04-16 13:07:13 UTC56INData Raw: 7c 30 29 29 2b 28 72 5b 33 5d 7c 7c 22 70 78 22 29 3a 74 7d 66 75 6e 63 74 69 6f 6e 20 51 65 28 65 2c 74 2c 6e 2c 72 2c 69 2c 6f 29 7b 76 61 72 20 61 3d 22 77 69 64 74 68 22 3d 3d 3d 74 3f 31 3a 30 2c 73 3d 30 2c 75 3d 30 3b 69 66 28 6e 3d 3d 3d 28 72 3f 22 62 6f 72 64 65 72 22 3a 22 63 6f 6e 74 65 6e 74 22 29 29 72 65 74 75 72 6e 20 30 3b 66 6f 72 28 3b 61 3c 34 3b 61 2b 3d 32 29 22 6d 61 72 67 69 6e 22 3d 3d 3d 6e 26 26 28 75 2b 3d 53 2e 63 73 73 28 65 2c 6e 2b 6e 65 5b 61 5d 2c 21 30 2c 69 29 29 2c 72 3f 28 22 63 6f 6e 74 65 6e 74 22 3d 3d 3d 6e 26 26 28 75 2d 3d 53 2e 63 73 73 28 65 2c 22 70 61 64 64 69 6e 67 22 2b 6e 65 5b 61 5d 2c 21 30 2c 69 29 29 2c 22 6d 61 72 67 69 6e 22 21 3d 3d 6e 26 26 28 75 2d 3d 53 2e 63 73 73 28 65 2c 22 62 6f 72 64 65 72
                                              Data Ascii: |0))+(r[3]||"px"):t}function Qe(e,t,n,r,i,o){var a="width"===t?1:0,s=0,u=0;if(n===(r?"border":"content"))return 0;for(;a<4;a+=2)"margin"===n&&(u+=S.css(e,n+ne[a],!0,i)),r?("content"===n&&(u-=S.css(e,"padding"+ne[a],!0,i)),"margin"!==n&&(u-=S.css(e,"border
                                              2023-04-16 13:07:13 UTC57INData Raw: 6e 6b 3a 21 30 2c 66 6f 6e 74 57 65 69 67 68 74 3a 21 30 2c 67 72 69 64 41 72 65 61 3a 21 30 2c 67 72 69 64 43 6f 6c 75 6d 6e 3a 21 30 2c 67 72 69 64 43 6f 6c 75 6d 6e 45 6e 64 3a 21 30 2c 67 72 69 64 43 6f 6c 75 6d 6e 53 74 61 72 74 3a 21 30 2c 67 72 69 64 52 6f 77 3a 21 30 2c 67 72 69 64 52 6f 77 45 6e 64 3a 21 30 2c 67 72 69 64 52 6f 77 53 74 61 72 74 3a 21 30 2c 6c 69 6e 65 48 65 69 67 68 74 3a 21 30 2c 6f 70 61 63 69 74 79 3a 21 30 2c 6f 72 64 65 72 3a 21 30 2c 6f 72 70 68 61 6e 73 3a 21 30 2c 77 69 64 6f 77 73 3a 21 30 2c 7a 49 6e 64 65 78 3a 21 30 2c 7a 6f 6f 6d 3a 21 30 7d 2c 63 73 73 50 72 6f 70 73 3a 7b 7d 2c 73 74 79 6c 65 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 2c 72 29 7b 69 66 28 65 26 26 33 21 3d 3d 65 2e 6e 6f 64 65 54 79 70 65 26 26
                                              Data Ascii: nk:!0,fontWeight:!0,gridArea:!0,gridColumn:!0,gridColumnEnd:!0,gridColumnStart:!0,gridRow:!0,gridRowEnd:!0,gridRowStart:!0,lineHeight:!0,opacity:!0,order:!0,orphans:!0,widows:!0,zIndex:!0,zoom:!0},cssProps:{},style:function(e,t,n,r){if(e&&3!==e.nodeType&&
                                              2023-04-16 13:07:13 UTC59INData Raw: 26 26 22 61 62 73 6f 6c 75 74 65 22 3d 3d 3d 69 2e 70 6f 73 69 74 69 6f 6e 2c 61 3d 28 6f 7c 7c 6e 29 26 26 22 62 6f 72 64 65 72 2d 62 6f 78 22 3d 3d 3d 53 2e 63 73 73 28 65 2c 22 62 6f 78 53 69 7a 69 6e 67 22 2c 21 31 2c 69 29 2c 73 3d 6e 3f 51 65 28 65 2c 75 2c 6e 2c 61 2c 69 29 3a 30 3b 72 65 74 75 72 6e 20 61 26 26 6f 26 26 28 73 2d 3d 4d 61 74 68 2e 63 65 69 6c 28 65 5b 22 6f 66 66 73 65 74 22 2b 75 5b 30 5d 2e 74 6f 55 70 70 65 72 43 61 73 65 28 29 2b 75 2e 73 6c 69 63 65 28 31 29 5d 2d 70 61 72 73 65 46 6c 6f 61 74 28 69 5b 75 5d 29 2d 51 65 28 65 2c 75 2c 22 62 6f 72 64 65 72 22 2c 21 31 2c 69 29 2d 2e 35 29 29 2c 73 26 26 28 72 3d 74 65 2e 65 78 65 63 28 74 29 29 26 26 22 70 78 22 21 3d 3d 28 72 5b 33 5d 7c 7c 22 70 78 22 29 26 26 28 65 2e 73 74
                                              Data Ascii: &&"absolute"===i.position,a=(o||n)&&"border-box"===S.css(e,"boxSizing",!1,i),s=n?Qe(e,u,n,a,i):0;return a&&o&&(s-=Math.ceil(e["offset"+u[0].toUpperCase()+u.slice(1)]-parseFloat(i[u])-Qe(e,u,"border",!1,i)-.5)),s&&(r=te.exec(t))&&"px"!==(r[3]||"px")&&(e.st
                                              2023-04-16 13:07:13 UTC60INData Raw: 65 74 75 72 6e 20 65 26 26 65 2e 67 65 74 3f 65 2e 67 65 74 28 74 68 69 73 29 3a 4b 65 2e 70 72 6f 70 48 6f 6f 6b 73 2e 5f 64 65 66 61 75 6c 74 2e 67 65 74 28 74 68 69 73 29 7d 2c 72 75 6e 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 2c 6e 3d 4b 65 2e 70 72 6f 70 48 6f 6f 6b 73 5b 74 68 69 73 2e 70 72 6f 70 5d 3b 72 65 74 75 72 6e 20 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 64 75 72 61 74 69 6f 6e 3f 74 68 69 73 2e 70 6f 73 3d 74 3d 53 2e 65 61 73 69 6e 67 5b 74 68 69 73 2e 65 61 73 69 6e 67 5d 28 65 2c 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 64 75 72 61 74 69 6f 6e 2a 65 2c 30 2c 31 2c 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 64 75 72 61 74 69 6f 6e 29 3a 74 68 69 73 2e 70 6f 73 3d 74 3d 65 2c 74 68 69 73 2e 6e 6f 77 3d 28 74 68 69 73 2e 65 6e 64 2d
                                              Data Ascii: eturn e&&e.get?e.get(this):Ke.propHooks._default.get(this)},run:function(e){var t,n=Ke.propHooks[this.prop];return this.options.duration?this.pos=t=S.easing[this.easing](e,this.options.duration*e,0,1,this.options.duration):this.pos=t=e,this.now=(this.end-
                                              2023-04-16 13:07:13 UTC61INData Raw: 29 29 7d 66 75 6e 63 74 69 6f 6e 20 61 74 28 29 7b 72 65 74 75 72 6e 20 43 2e 73 65 74 54 69 6d 65 6f 75 74 28 66 75 6e 63 74 69 6f 6e 28 29 7b 5a 65 3d 76 6f 69 64 20 30 7d 29 2c 5a 65 3d 44 61 74 65 2e 6e 6f 77 28 29 7d 66 75 6e 63 74 69 6f 6e 20 73 74 28 65 2c 74 29 7b 76 61 72 20 6e 2c 72 3d 30 2c 69 3d 7b 68 65 69 67 68 74 3a 65 7d 3b 66 6f 72 28 74 3d 74 3f 31 3a 30 3b 72 3c 34 3b 72 2b 3d 32 2d 74 29 69 5b 22 6d 61 72 67 69 6e 22 2b 28 6e 3d 6e 65 5b 72 5d 29 5d 3d 69 5b 22 70 61 64 64 69 6e 67 22 2b 6e 5d 3d 65 3b 72 65 74 75 72 6e 20 74 26 26 28 69 2e 6f 70 61 63 69 74 79 3d 69 2e 77 69 64 74 68 3d 65 29 2c 69 7d 66 75 6e 63 74 69 6f 6e 20 75 74 28 65 2c 74 2c 6e 29 7b 66 6f 72 28 76 61 72 20 72 2c 69 3d 28 6c 74 2e 74 77 65 65 6e 65 72 73 5b 74
                                              Data Ascii: ))}function at(){return C.setTimeout(function(){Ze=void 0}),Ze=Date.now()}function st(e,t){var n,r=0,i={height:e};for(t=t?1:0;r<4;r+=2-t)i["margin"+(n=ne[r])]=i["padding"+n]=e;return t&&(i.opacity=i.width=e),i}function ut(e,t,n){for(var r,i=(lt.tweeners[t
                                              2023-04-16 13:07:13 UTC62INData Raw: 69 3d 74 5b 72 3d 58 28 6e 29 5d 2c 6f 3d 65 5b 6e 5d 2c 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 6f 29 26 26 28 69 3d 6f 5b 31 5d 2c 6f 3d 65 5b 6e 5d 3d 6f 5b 30 5d 29 2c 6e 21 3d 3d 72 26 26 28 65 5b 72 5d 3d 6f 2c 64 65 6c 65 74 65 20 65 5b 6e 5d 29 2c 28 61 3d 53 2e 63 73 73 48 6f 6f 6b 73 5b 72 5d 29 26 26 22 65 78 70 61 6e 64 22 69 6e 20 61 29 66 6f 72 28 6e 20 69 6e 20 6f 3d 61 2e 65 78 70 61 6e 64 28 6f 29 2c 64 65 6c 65 74 65 20 65 5b 72 5d 2c 6f 29 6e 20 69 6e 20 65 7c 7c 28 65 5b 6e 5d 3d 6f 5b 6e 5d 2c 74 5b 6e 5d 3d 69 29 3b 65 6c 73 65 20 74 5b 72 5d 3d 69 7d 28 63 2c 6c 2e 6f 70 74 73 2e 73 70 65 63 69 61 6c 45 61 73 69 6e 67 29 3b 72 3c 69 3b 72 2b 2b 29 69 66 28 6e 3d 6c 74 2e 70 72 65 66 69 6c 74 65 72 73 5b 72 5d 2e 63 61 6c 6c 28 6c
                                              Data Ascii: i=t[r=X(n)],o=e[n],Array.isArray(o)&&(i=o[1],o=e[n]=o[0]),n!==r&&(e[r]=o,delete e[n]),(a=S.cssHooks[r])&&"expand"in a)for(n in o=a.expand(o),delete e[r],o)n in e||(e[n]=o[n],t[n]=i);else t[r]=i}(c,l.opts.specialEasing);r<i;r++)if(n=lt.prefilters[r].call(l
                                              2023-04-16 13:07:13 UTC64INData Raw: 65 6c 65 74 65 20 74 5b 72 5d 2c 6f 3d 6f 7c 7c 22 74 6f 67 67 6c 65 22 3d 3d 3d 69 2c 69 3d 3d 3d 28 67 3f 22 68 69 64 65 22 3a 22 73 68 6f 77 22 29 29 7b 69 66 28 22 73 68 6f 77 22 21 3d 3d 69 7c 7c 21 76 7c 7c 76 6f 69 64 20 30 3d 3d 3d 76 5b 72 5d 29 63 6f 6e 74 69 6e 75 65 3b 67 3d 21 30 7d 64 5b 72 5d 3d 76 26 26 76 5b 72 5d 7c 7c 53 2e 73 74 79 6c 65 28 65 2c 72 29 7d 69 66 28 28 75 3d 21 53 2e 69 73 45 6d 70 74 79 4f 62 6a 65 63 74 28 74 29 29 7c 7c 21 53 2e 69 73 45 6d 70 74 79 4f 62 6a 65 63 74 28 64 29 29 66 6f 72 28 72 20 69 6e 20 66 26 26 31 3d 3d 3d 65 2e 6e 6f 64 65 54 79 70 65 26 26 28 6e 2e 6f 76 65 72 66 6c 6f 77 3d 5b 68 2e 6f 76 65 72 66 6c 6f 77 2c 68 2e 6f 76 65 72 66 6c 6f 77 58 2c 68 2e 6f 76 65 72 66 6c 6f 77 59 5d 2c 6e 75 6c 6c
                                              Data Ascii: elete t[r],o=o||"toggle"===i,i===(g?"hide":"show")){if("show"!==i||!v||void 0===v[r])continue;g=!0}d[r]=v&&v[r]||S.style(e,r)}if((u=!S.isEmptyObject(t))||!S.isEmptyObject(d))for(r in f&&1===e.nodeType&&(n.overflow=[h.overflow,h.overflowX,h.overflowY],null
                                              2023-04-16 13:07:13 UTC65INData Raw: 69 6e 20 53 2e 66 78 2e 73 70 65 65 64 73 3f 72 2e 64 75 72 61 74 69 6f 6e 3d 53 2e 66 78 2e 73 70 65 65 64 73 5b 72 2e 64 75 72 61 74 69 6f 6e 5d 3a 72 2e 64 75 72 61 74 69 6f 6e 3d 53 2e 66 78 2e 73 70 65 65 64 73 2e 5f 64 65 66 61 75 6c 74 29 2c 6e 75 6c 6c 21 3d 72 2e 71 75 65 75 65 26 26 21 30 21 3d 3d 72 2e 71 75 65 75 65 7c 7c 28 72 2e 71 75 65 75 65 3d 22 66 78 22 29 2c 72 2e 6f 6c 64 3d 72 2e 63 6f 6d 70 6c 65 74 65 2c 72 2e 63 6f 6d 70 6c 65 74 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 6d 28 72 2e 6f 6c 64 29 26 26 72 2e 6f 6c 64 2e 63 61 6c 6c 28 74 68 69 73 29 2c 72 2e 71 75 65 75 65 26 26 53 2e 64 65 71 75 65 75 65 28 74 68 69 73 2c 72 2e 71 75 65 75 65 29 7d 2c 72 7d 2c 53 2e 66 6e 2e 65 78 74 65 6e 64 28 7b 66 61 64 65 54 6f 3a 66 75 6e 63 74
                                              Data Ascii: in S.fx.speeds?r.duration=S.fx.speeds[r.duration]:r.duration=S.fx.speeds._default),null!=r.queue&&!0!==r.queue||(r.queue="fx"),r.old=r.complete,r.complete=function(){m(r.old)&&r.old.call(this),r.queue&&S.dequeue(this,r.queue)},r},S.fn.extend({fadeTo:funct
                                              2023-04-16 13:07:13 UTC66INData Raw: 69 73 26 26 69 5b 65 5d 2e 71 75 65 75 65 3d 3d 3d 61 26 26 28 69 5b 65 5d 2e 61 6e 69 6d 2e 73 74 6f 70 28 21 30 29 2c 69 2e 73 70 6c 69 63 65 28 65 2c 31 29 29 3b 66 6f 72 28 65 3d 30 3b 65 3c 6f 3b 65 2b 2b 29 6e 5b 65 5d 26 26 6e 5b 65 5d 2e 66 69 6e 69 73 68 26 26 6e 5b 65 5d 2e 66 69 6e 69 73 68 2e 63 61 6c 6c 28 74 68 69 73 29 3b 64 65 6c 65 74 65 20 74 2e 66 69 6e 69 73 68 7d 29 7d 7d 29 2c 53 2e 65 61 63 68 28 5b 22 74 6f 67 67 6c 65 22 2c 22 73 68 6f 77 22 2c 22 68 69 64 65 22 5d 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 72 29 7b 76 61 72 20 69 3d 53 2e 66 6e 5b 72 5d 3b 53 2e 66 6e 5b 72 5d 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 72 65 74 75 72 6e 20 6e 75 6c 6c 3d 3d 65 7c 7c 22 62 6f 6f 6c 65 61 6e 22 3d 3d 74 79 70 65 6f 66 20 65 3f 69
                                              Data Ascii: is&&i[e].queue===a&&(i[e].anim.stop(!0),i.splice(e,1));for(e=0;e<o;e++)n[e]&&n[e].finish&&n[e].finish.call(this);delete t.finish})}}),S.each(["toggle","show","hide"],function(e,r){var i=S.fn[r];S.fn[r]=function(e,t,n){return null==e||"boolean"==typeof e?i
                                              2023-04-16 13:07:13 UTC67INData Raw: 64 69 6f 22 2c 79 2e 72 61 64 69 6f 56 61 6c 75 65 3d 22 74 22 3d 3d 3d 74 74 2e 76 61 6c 75 65 3b 76 61 72 20 63 74 2c 66 74 3d 53 2e 65 78 70 72 2e 61 74 74 72 48 61 6e 64 6c 65 3b 53 2e 66 6e 2e 65 78 74 65 6e 64 28 7b 61 74 74 72 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 24 28 74 68 69 73 2c 53 2e 61 74 74 72 2c 65 2c 74 2c 31 3c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 29 7d 2c 72 65 6d 6f 76 65 41 74 74 72 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 29 7b 53 2e 72 65 6d 6f 76 65 41 74 74 72 28 74 68 69 73 2c 65 29 7d 29 7d 7d 29 2c
                                              Data Ascii: dio",y.radioValue="t"===tt.value;var ct,ft=S.expr.attrHandle;S.fn.extend({attr:function(e,t){return $(this,S.attr,e,t,1<arguments.length)},removeAttr:function(e){return this.each(function(){S.removeAttr(this,e)})}}),
                                              2023-04-16 13:07:13 UTC67INData Raw: 53 2e 65 78 74 65 6e 64 28 7b 61 74 74 72 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 76 61 72 20 72 2c 69 2c 6f 3d 65 2e 6e 6f 64 65 54 79 70 65 3b 69 66 28 33 21 3d 3d 6f 26 26 38 21 3d 3d 6f 26 26 32 21 3d 3d 6f 29 72 65 74 75 72 6e 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 74 79 70 65 6f 66 20 65 2e 67 65 74 41 74 74 72 69 62 75 74 65 3f 53 2e 70 72 6f 70 28 65 2c 74 2c 6e 29 3a 28 31 3d 3d 3d 6f 26 26 53 2e 69 73 58 4d 4c 44 6f 63 28 65 29 7c 7c 28 69 3d 53 2e 61 74 74 72 48 6f 6f 6b 73 5b 74 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 5d 7c 7c 28 53 2e 65 78 70 72 2e 6d 61 74 63 68 2e 62 6f 6f 6c 2e 74 65 73 74 28 74 29 3f 63 74 3a 76 6f 69 64 20 30 29 29 2c 76 6f 69 64 20 30 21 3d 3d 6e 3f 6e 75 6c 6c 3d 3d 3d 6e 3f 76 6f 69 64 20 53 2e 72 65 6d
                                              Data Ascii: S.extend({attr:function(e,t,n){var r,i,o=e.nodeType;if(3!==o&&8!==o&&2!==o)return"undefined"==typeof e.getAttribute?S.prop(e,t,n):(1===o&&S.isXMLDoc(e)||(i=S.attrHooks[t.toLowerCase()]||(S.expr.match.bool.test(t)?ct:void 0)),void 0!==n?null===n?void S.rem
                                              2023-04-16 13:07:13 UTC69INData Raw: 6f 70 2c 65 2c 74 2c 31 3c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 29 7d 2c 72 65 6d 6f 76 65 50 72 6f 70 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 29 7b 64 65 6c 65 74 65 20 74 68 69 73 5b 53 2e 70 72 6f 70 46 69 78 5b 65 5d 7c 7c 65 5d 7d 29 7d 7d 29 2c 53 2e 65 78 74 65 6e 64 28 7b 70 72 6f 70 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 76 61 72 20 72 2c 69 2c 6f 3d 65 2e 6e 6f 64 65 54 79 70 65 3b 69 66 28 33 21 3d 3d 6f 26 26 38 21 3d 3d 6f 26 26 32 21 3d 3d 6f 29 72 65 74 75 72 6e 20 31 3d 3d 3d 6f 26 26 53 2e 69 73 58 4d 4c 44 6f 63 28 65 29 7c 7c 28 74 3d 53 2e 70 72 6f 70 46 69 78 5b 74 5d 7c 7c 74 2c 69 3d 53 2e 70 72 6f 70 48 6f 6f 6b 73 5b 74 5d 29 2c 76
                                              Data Ascii: op,e,t,1<arguments.length)},removeProp:function(e){return this.each(function(){delete this[S.propFix[e]||e]})}}),S.extend({prop:function(e,t,n){var r,i,o=e.nodeType;if(3!==o&&8!==o&&2!==o)return 1===o&&S.isXMLDoc(e)||(t=S.propFix[t]||t,i=S.propHooks[t]),v
                                              2023-04-16 13:07:13 UTC70INData Raw: 26 26 6e 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 63 6c 61 73 73 22 2c 73 29 7d 72 65 74 75 72 6e 20 74 68 69 73 7d 2c 72 65 6d 6f 76 65 43 6c 61 73 73 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 65 2c 6e 2c 72 2c 69 2c 6f 2c 61 2c 73 2c 75 3d 30 3b 69 66 28 6d 28 74 29 29 72 65 74 75 72 6e 20 74 68 69 73 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 53 28 74 68 69 73 29 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 74 2e 63 61 6c 6c 28 74 68 69 73 2c 65 2c 67 74 28 74 68 69 73 29 29 29 7d 29 3b 69 66 28 21 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 29 72 65 74 75 72 6e 20 74 68 69 73 2e 61 74 74 72 28 22 63 6c 61 73 73 22 2c 22 22 29 3b 69 66 28 28 65 3d 76 74 28 74 29 29 2e 6c 65 6e 67 74 68 29 77 68 69 6c 65 28 6e 3d 74 68 69 73 5b 75
                                              Data Ascii: &&n.setAttribute("class",s)}return this},removeClass:function(t){var e,n,r,i,o,a,s,u=0;if(m(t))return this.each(function(e){S(this).removeClass(t.call(this,e,gt(this)))});if(!arguments.length)return this.attr("class","");if((e=vt(t)).length)while(n=this[u
                                              2023-04-16 13:07:13 UTC71INData Raw: 74 68 69 73 29 2e 76 61 6c 28 29 29 3a 6e 29 3f 74 3d 22 22 3a 22 6e 75 6d 62 65 72 22 3d 3d 74 79 70 65 6f 66 20 74 3f 74 2b 3d 22 22 3a 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 74 29 26 26 28 74 3d 53 2e 6d 61 70 28 74 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 6e 75 6c 6c 3d 3d 65 3f 22 22 3a 65 2b 22 22 7d 29 29 2c 28 72 3d 53 2e 76 61 6c 48 6f 6f 6b 73 5b 74 68 69 73 2e 74 79 70 65 5d 7c 7c 53 2e 76 61 6c 48 6f 6f 6b 73 5b 74 68 69 73 2e 6e 6f 64 65 4e 61 6d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 5d 29 26 26 22 73 65 74 22 69 6e 20 72 26 26 76 6f 69 64 20 30 21 3d 3d 72 2e 73 65 74 28 74 68 69 73 2c 74 2c 22 76 61 6c 75 65 22 29 7c 7c 28 74 68 69 73 2e 76 61 6c 75 65 3d 74 29 29 7d 29 29 3a 74 3f 28 72 3d 53 2e 76 61 6c 48 6f
                                              Data Ascii: this).val()):n)?t="":"number"==typeof t?t+="":Array.isArray(t)&&(t=S.map(t,function(e){return null==e?"":e+""})),(r=S.valHooks[this.type]||S.valHooks[this.nodeName.toLowerCase()])&&"set"in r&&void 0!==r.set(this,t,"value")||(this.value=t))})):t?(r=S.valHo
                                              2023-04-16 13:07:13 UTC72INData Raw: 63 75 73 69 6e 22 69 6e 20 43 3b 76 61 72 20 6d 74 3d 2f 5e 28 3f 3a 66 6f 63 75 73 69 6e 66 6f 63 75 73 7c 66 6f 63 75 73 6f 75 74 62 6c 75 72 29 24 2f 2c 78 74 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 2e 73 74 6f 70 50 72 6f 70 61 67 61 74 69 6f 6e 28 29 7d 3b 53 2e 65 78 74 65 6e 64 28 53 2e 65 76 65 6e 74 2c 7b 74 72 69 67 67 65 72 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 2c 72 29 7b 76 61 72 20 69 2c 6f 2c 61 2c 73 2c 75 2c 6c 2c 63 2c 66 2c 70 3d 5b 6e 7c 7c 45 5d 2c 64 3d 76 2e 63 61 6c 6c 28 65 2c 22 74 79 70 65 22 29 3f 65 2e 74 79 70 65 3a 65 2c 68 3d 76 2e 63 61 6c 6c 28 65 2c 22 6e 61 6d 65 73 70 61 63 65 22 29 3f 65 2e 6e 61 6d 65 73 70 61 63 65 2e 73 70 6c 69 74 28 22 2e 22 29 3a 5b 5d 3b 69 66 28 6f 3d 66 3d 61 3d 6e 3d 6e 7c 7c 45 2c
                                              Data Ascii: cusin"in C;var mt=/^(?:focusinfocus|focusoutblur)$/,xt=function(e){e.stopPropagation()};S.extend(S.event,{trigger:function(e,t,n,r){var i,o,a,s,u,l,c,f,p=[n||E],d=v.call(e,"type")?e.type:e,h=v.call(e,"namespace")?e.namespace.split("."):[];if(o=f=a=n=n||E,
                                              2023-04-16 13:07:13 UTC74INData Raw: 75 26 26 6d 28 6e 5b 64 5d 29 26 26 21 78 28 6e 29 26 26 28 28 61 3d 6e 5b 75 5d 29 26 26 28 6e 5b 75 5d 3d 6e 75 6c 6c 29 2c 53 2e 65 76 65 6e 74 2e 74 72 69 67 67 65 72 65 64 3d 64 2c 65 2e 69 73 50 72 6f 70 61 67 61 74 69 6f 6e 53 74 6f 70 70 65 64 28 29 26 26 66 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 64 2c 78 74 29 2c 6e 5b 64 5d 28 29 2c 65 2e 69 73 50 72 6f 70 61 67 61 74 69 6f 6e 53 74 6f 70 70 65 64 28 29 26 26 66 2e 72 65 6d 6f 76 65 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 64 2c 78 74 29 2c 53 2e 65 76 65 6e 74 2e 74 72 69 67 67 65 72 65 64 3d 76 6f 69 64 20 30 2c 61 26 26 28 6e 5b 75 5d 3d 61 29 29 2c 65 2e 72 65 73 75 6c 74 7d 7d 2c 73 69 6d 75 6c 61 74 65 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 76 61 72 20 72 3d 53
                                              Data Ascii: u&&m(n[d])&&!x(n)&&((a=n[u])&&(n[u]=null),S.event.triggered=d,e.isPropagationStopped()&&f.addEventListener(d,xt),n[d](),e.isPropagationStopped()&&f.removeEventListener(d,xt),S.event.triggered=void 0,a&&(n[u]=a)),e.result}},simulate:function(e,t,n){var r=S
                                              2023-04-16 13:07:13 UTC75INData Raw: 43 6f 6e 74 65 6e 74 7d 29 2e 6a 6f 69 6e 28 22 5c 6e 22 29 3a 65 29 29 2c 74 7d 3b 76 61 72 20 43 74 3d 2f 5c 5b 5c 5d 24 2f 2c 45 74 3d 2f 5c 72 3f 5c 6e 2f 67 2c 53 74 3d 2f 5e 28 3f 3a 73 75 62 6d 69 74 7c 62 75 74 74 6f 6e 7c 69 6d 61 67 65 7c 72 65 73 65 74 7c 66 69 6c 65 29 24 2f 69 2c 6b 74 3d 2f 5e 28 3f 3a 69 6e 70 75 74 7c 73 65 6c 65 63 74 7c 74 65 78 74 61 72 65 61 7c 6b 65 79 67 65 6e 29 2f 69 3b 66 75 6e 63 74 69 6f 6e 20 41 74 28 6e 2c 65 2c 72 2c 69 29 7b 76 61 72 20 74 3b 69 66 28 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 65 29 29 53 2e 65 61 63 68 28 65 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 7c 7c 43 74 2e 74 65 73 74 28 6e 29 3f 69 28 6e 2c 74 29 3a 41 74 28 6e 2b 22 5b 22 2b 28 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66
                                              Data Ascii: Content}).join("\n"):e)),t};var Ct=/\[\]$/,Et=/\r?\n/g,St=/^(?:submit|button|image|reset|file)$/i,kt=/^(?:input|select|textarea|keygen)/i;function At(n,e,r,i){var t;if(Array.isArray(e))S.each(e,function(e,t){r||Ct.test(n)?i(n,t):At(n+"["+("object"==typeof
                                              2023-04-16 13:07:13 UTC76INData Raw: 74 5d 2a 28 5b 5e 5c 72 5c 6e 5d 2a 29 24 2f 67 6d 2c 4c 74 3d 2f 5e 28 3f 3a 47 45 54 7c 48 45 41 44 29 24 2f 2c 48 74 3d 2f 5e 5c 2f 5c 2f 2f 2c 4f 74 3d 7b 7d 2c 50 74 3d 7b 7d 2c 52 74 3d 22 2a 2f 22 2e 63 6f 6e 63 61 74 28 22 2a 22 29 2c 4d 74 3d 45 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 61 22 29 3b 66 75 6e 63 74 69 6f 6e 20 49 74 28 6f 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 73 74 72 69 6e 67 22 21 3d 74 79 70 65 6f 66 20 65 26 26 28 74 3d 65 2c 65 3d 22 2a 22 29 3b 76 61 72 20 6e 2c 72 3d 30 2c 69 3d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2e 6d 61 74 63 68 28 50 29 7c 7c 5b 5d 3b 69 66 28 6d 28 74 29 29 77 68 69 6c 65 28 6e 3d 69 5b 72 2b 2b 5d 29 22 2b 22 3d 3d 3d 6e 5b 30 5d 3f 28 6e 3d 6e 2e 73 6c
                                              Data Ascii: t]*([^\r\n]*)$/gm,Lt=/^(?:GET|HEAD)$/,Ht=/^\/\//,Ot={},Pt={},Rt="*/".concat("*"),Mt=E.createElement("a");function It(o){return function(e,t){"string"!=typeof e&&(t=e,e="*");var n,r=0,i=e.toLowerCase().match(P)||[];if(m(t))while(n=i[r++])"+"===n[0]?(n=n.sl
                                              2023-04-16 13:07:13 UTC77INData Raw: 72 73 3a 7b 22 2a 20 74 65 78 74 22 3a 53 74 72 69 6e 67 2c 22 74 65 78 74 20 68 74 6d 6c 22 3a 21 30 2c 22 74 65 78 74 20 6a 73 6f 6e 22 3a 4a 53 4f 4e 2e 70 61 72 73 65 2c 22 74 65 78 74 20 78 6d 6c 22 3a 53 2e 70 61 72 73 65 58 4d 4c 7d 2c 66 6c 61 74 4f 70 74 69 6f 6e 73 3a 7b 75 72 6c 3a 21 30 2c 63 6f 6e 74 65 78 74 3a 21 30 7d 7d 2c 61 6a 61 78 53 65 74 75 70 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 74 3f 46 74 28 46 74 28 65 2c 53 2e 61 6a 61 78 53 65 74 74 69 6e 67 73 29 2c 74 29 3a 46 74 28 53 2e 61 6a 61 78 53 65 74 74 69 6e 67 73 2c 65 29 7d 2c 61 6a 61 78 50 72 65 66 69 6c 74 65 72 3a 49 74 28 4f 74 29 2c 61 6a 61 78 54 72 61 6e 73 70 6f 72 74 3a 49 74 28 50 74 29 2c 61 6a 61 78 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74
                                              Data Ascii: rs:{"* text":String,"text html":!0,"text json":JSON.parse,"text xml":S.parseXML},flatOptions:{url:!0,context:!0}},ajaxSetup:function(e,t){return t?Ft(Ft(e,S.ajaxSettings),t):Ft(S.ajaxSettings,e)},ajaxPrefilter:It(Ot),ajaxTransport:It(Pt),ajax:function(e,t
                                              2023-04-16 13:07:13 UTC78INData Raw: 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2e 6d 61 74 63 68 28 50 29 7c 7c 5b 22 22 5d 2c 6e 75 6c 6c 3d 3d 76 2e 63 72 6f 73 73 44 6f 6d 61 69 6e 29 7b 72 3d 45 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 61 22 29 3b 74 72 79 7b 72 2e 68 72 65 66 3d 76 2e 75 72 6c 2c 72 2e 68 72 65 66 3d 72 2e 68 72 65 66 2c 76 2e 63 72 6f 73 73 44 6f 6d 61 69 6e 3d 4d 74 2e 70 72 6f 74 6f 63 6f 6c 2b 22 2f 2f 22 2b 4d 74 2e 68 6f 73 74 21 3d 72 2e 70 72 6f 74 6f 63 6f 6c 2b 22 2f 2f 22 2b 72 2e 68 6f 73 74 7d 63 61 74 63 68 28 65 29 7b 76 2e 63 72 6f 73 73 44 6f 6d 61 69 6e 3d 21 30 7d 7d 69 66 28 76 2e 64 61 74 61 26 26 76 2e 70 72 6f 63 65 73 73 44 61 74 61 26 26 22 73 74 72 69 6e 67 22 21 3d 74 79 70 65 6f 66 20 76 2e 64 61 74 61 26 26 28 76 2e 64 61 74 61 3d 53
                                              Data Ascii: .toLowerCase().match(P)||[""],null==v.crossDomain){r=E.createElement("a");try{r.href=v.url,r.href=r.href,v.crossDomain=Mt.protocol+"//"+Mt.host!=r.protocol+"//"+r.host}catch(e){v.crossDomain=!0}}if(v.data&&v.processData&&"string"!=typeof v.data&&(v.data=S
                                              2023-04-16 13:07:13 UTC80INData Raw: 61 64 65 72 28 69 2c 76 2e 68 65 61 64 65 72 73 5b 69 5d 29 3b 69 66 28 76 2e 62 65 66 6f 72 65 53 65 6e 64 26 26 28 21 31 3d 3d 3d 76 2e 62 65 66 6f 72 65 53 65 6e 64 2e 63 61 6c 6c 28 79 2c 54 2c 76 29 7c 7c 68 29 29 72 65 74 75 72 6e 20 54 2e 61 62 6f 72 74 28 29 3b 69 66 28 75 3d 22 61 62 6f 72 74 22 2c 62 2e 61 64 64 28 76 2e 63 6f 6d 70 6c 65 74 65 29 2c 54 2e 64 6f 6e 65 28 76 2e 73 75 63 63 65 73 73 29 2c 54 2e 66 61 69 6c 28 76 2e 65 72 72 6f 72 29 2c 63 3d 57 74 28 50 74 2c 76 2c 74 2c 54 29 29 7b 69 66 28 54 2e 72 65 61 64 79 53 74 61 74 65 3d 31 2c 67 26 26 6d 2e 74 72 69 67 67 65 72 28 22 61 6a 61 78 53 65 6e 64 22 2c 5b 54 2c 76 5d 29 2c 68 29 72 65 74 75 72 6e 20 54 3b 76 2e 61 73 79 6e 63 26 26 30 3c 76 2e 74 69 6d 65 6f 75 74 26 26 28 64
                                              Data Ascii: ader(i,v.headers[i]);if(v.beforeSend&&(!1===v.beforeSend.call(y,T,v)||h))return T.abort();if(u="abort",b.add(v.complete),T.done(v.success),T.fail(v.error),c=Wt(Pt,v,t,T)){if(T.readyState=1,g&&m.trigger("ajaxSend",[T,v]),h)return T;v.async&&0<v.timeout&&(d
                                              2023-04-16 13:07:13 UTC81INData Raw: 68 69 66 74 28 29 29 69 66 28 22 2a 22 3d 3d 3d 6f 29 6f 3d 75 3b 65 6c 73 65 20 69 66 28 22 2a 22 21 3d 3d 75 26 26 75 21 3d 3d 6f 29 7b 69 66 28 21 28 61 3d 6c 5b 75 2b 22 20 22 2b 6f 5d 7c 7c 6c 5b 22 2a 20 22 2b 6f 5d 29 29 66 6f 72 28 69 20 69 6e 20 6c 29 69 66 28 28 73 3d 69 2e 73 70 6c 69 74 28 22 20 22 29 29 5b 31 5d 3d 3d 3d 6f 26 26 28 61 3d 6c 5b 75 2b 22 20 22 2b 73 5b 30 5d 5d 7c 7c 6c 5b 22 2a 20 22 2b 73 5b 30 5d 5d 29 29 7b 21 30 3d 3d 3d 61 3f 61 3d 6c 5b 69 5d 3a 21 30 21 3d 3d 6c 5b 69 5d 26 26 28 6f 3d 73 5b 30 5d 2c 63 2e 75 6e 73 68 69 66 74 28 73 5b 31 5d 29 29 3b 62 72 65 61 6b 7d 69 66 28 21 30 21 3d 3d 61 29 69 66 28 61 26 26 65 5b 22 74 68 72 6f 77 73 22 5d 29 74 3d 61 28 74 29 3b 65 6c 73 65 20 74 72 79 7b 74 3d 61 28 74 29 7d
                                              Data Ascii: hift())if("*"===o)o=u;else if("*"!==u&&u!==o){if(!(a=l[u+" "+o]||l["* "+o]))for(i in l)if((s=i.split(" "))[1]===o&&(a=l[u+" "+s[0]]||l["* "+s[0]])){!0===a?a=l[i]:!0!==l[i]&&(o=s[0],c.unshift(s[1]));break}if(!0!==a)if(a&&e["throws"])t=a(t);else try{t=a(t)}
                                              2023-04-16 13:07:13 UTC82INData Raw: 2e 68 65 61 64 65 72 73 29 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 3d 3d 3d 74 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 26 26 28 65 2e 63 6f 6e 74 65 6e 74 54 79 70 65 3d 65 2e 68 65 61 64 65 72 73 5b 74 5d 7c 7c 22 22 29 7d 29 2c 53 2e 5f 65 76 61 6c 55 72 6c 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 72 65 74 75 72 6e 20 53 2e 61 6a 61 78 28 7b 75 72 6c 3a 65 2c 74 79 70 65 3a 22 47 45 54 22 2c 64 61 74 61 54 79 70 65 3a 22 73 63 72 69 70 74 22 2c 63 61 63 68 65 3a 21 30 2c 61 73 79 6e 63 3a 21 31 2c 67 6c 6f 62 61 6c 3a 21 31 2c 63 6f 6e 76 65 72 74 65 72 73 3a 7b 22 74 65 78 74 20 73 63 72 69 70 74 22 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 7d 2c 64 61 74 61 46 69 6c 74 65 72 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 53 2e 67 6c 6f 62 61 6c 45
                                              Data Ascii: .headers)"content-type"===t.toLowerCase()&&(e.contentType=e.headers[t]||"")}),S._evalUrl=function(e,t,n){return S.ajax({url:e,type:"GET",dataType:"script",cache:!0,async:!1,global:!1,converters:{"text script":function(){}},dataFilter:function(e){S.globalE
                                              2023-04-16 13:07:13 UTC83INData Raw: 65 64 65 6e 74 69 61 6c 73 22 69 6e 20 24 74 2c 79 2e 61 6a 61 78 3d 24 74 3d 21 21 24 74 2c 53 2e 61 6a 61 78 54 72 61 6e 73 70 6f 72 74 28 66 75 6e 63 74 69 6f 6e 28 69 29 7b 76 61 72 20 6f 2c 61 3b 69 66 28 79 2e 63 6f 72 73 7c 7c 24 74 26 26 21 69 2e 63 72 6f 73 73 44 6f 6d 61 69 6e 29 72 65 74 75 72 6e 7b 73 65 6e 64 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 2c 72 3d 69 2e 78 68 72 28 29 3b 69 66 28 72 2e 6f 70 65 6e 28 69 2e 74 79 70 65 2c 69 2e 75 72 6c 2c 69 2e 61 73 79 6e 63 2c 69 2e 75 73 65 72 6e 61 6d 65 2c 69 2e 70 61 73 73 77 6f 72 64 29 2c 69 2e 78 68 72 46 69 65 6c 64 73 29 66 6f 72 28 6e 20 69 6e 20 69 2e 78 68 72 46 69 65 6c 64 73 29 72 5b 6e 5d 3d 69 2e 78 68 72 46 69 65 6c 64 73 5b 6e 5d 3b 66 6f 72 28 6e 20 69 6e 20
                                              Data Ascii: edentials"in $t,y.ajax=$t=!!$t,S.ajaxTransport(function(i){var o,a;if(y.cors||$t&&!i.crossDomain)return{send:function(e,t){var n,r=i.xhr();if(r.open(i.type,i.url,i.async,i.username,i.password),i.xhrFields)for(n in i.xhrFields)r[n]=i.xhrFields[n];for(n in
                                              2023-04-16 13:07:13 UTC85INData Raw: 65 63 6d 61 73 63 72 69 70 74 22 7d 2c 63 6f 6e 74 65 6e 74 73 3a 7b 73 63 72 69 70 74 3a 2f 5c 62 28 3f 3a 6a 61 76 61 7c 65 63 6d 61 29 73 63 72 69 70 74 5c 62 2f 7d 2c 63 6f 6e 76 65 72 74 65 72 73 3a 7b 22 74 65 78 74 20 73 63 72 69 70 74 22 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 53 2e 67 6c 6f 62 61 6c 45 76 61 6c 28 65 29 2c 65 7d 7d 7d 29 2c 53 2e 61 6a 61 78 50 72 65 66 69 6c 74 65 72 28 22 73 63 72 69 70 74 22 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 6f 69 64 20 30 3d 3d 3d 65 2e 63 61 63 68 65 26 26 28 65 2e 63 61 63 68 65 3d 21 31 29 2c 65 2e 63 72 6f 73 73 44 6f 6d 61 69 6e 26 26 28 65 2e 74 79 70 65 3d 22 47 45 54 22 29 7d 29 2c 53 2e 61 6a 61 78 54 72 61 6e 73 70 6f 72 74 28 22 73 63 72 69 70 74 22 2c 66 75 6e 63 74 69
                                              Data Ascii: ecmascript"},contents:{script:/\b(?:java|ecma)script\b/},converters:{"text script":function(e){return S.globalEval(e),e}}}),S.ajaxPrefilter("script",function(e){void 0===e.cache&&(e.cache=!1),e.crossDomain&&(e.type="GET")}),S.ajaxTransport("script",functi
                                              2023-04-16 13:07:13 UTC86INData Raw: 72 67 75 6d 65 6e 74 73 7d 2c 6e 2e 61 6c 77 61 79 73 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 6f 69 64 20 30 3d 3d 3d 69 3f 53 28 43 29 2e 72 65 6d 6f 76 65 50 72 6f 70 28 72 29 3a 43 5b 72 5d 3d 69 2c 65 5b 72 5d 26 26 28 65 2e 6a 73 6f 6e 70 43 61 6c 6c 62 61 63 6b 3d 74 2e 6a 73 6f 6e 70 43 61 6c 6c 62 61 63 6b 2c 7a 74 2e 70 75 73 68 28 72 29 29 2c 6f 26 26 6d 28 69 29 26 26 69 28 6f 5b 30 5d 29 2c 6f 3d 69 3d 76 6f 69 64 20 30 7d 29 2c 22 73 63 72 69 70 74 22 7d 29 2c 79 2e 63 72 65 61 74 65 48 54 4d 4c 44 6f 63 75 6d 65 6e 74 3d 28 28 5f 74 3d 45 2e 69 6d 70 6c 65 6d 65 6e 74 61 74 69 6f 6e 2e 63 72 65 61 74 65 48 54 4d 4c 44 6f 63 75 6d 65 6e 74 28 22 22 29 2e 62 6f 64 79 29 2e 69 6e 6e 65 72 48 54 4d 4c 3d 22 3c 66 6f 72 6d 3e 3c 2f 66 6f 72 6d 3e
                                              Data Ascii: rguments},n.always(function(){void 0===i?S(C).removeProp(r):C[r]=i,e[r]&&(e.jsonpCallback=t.jsonpCallback,zt.push(r)),o&&m(i)&&i(o[0]),o=i=void 0}),"script"}),y.createHTMLDocument=((_t=E.implementation.createHTMLDocument("").body).innerHTML="<form></form>
                                              2023-04-16 13:07:13 UTC87INData Raw: 3d 6c 26 26 28 65 2e 73 74 79 6c 65 2e 70 6f 73 69 74 69 6f 6e 3d 22 72 65 6c 61 74 69 76 65 22 29 2c 73 3d 63 2e 6f 66 66 73 65 74 28 29 2c 6f 3d 53 2e 63 73 73 28 65 2c 22 74 6f 70 22 29 2c 75 3d 53 2e 63 73 73 28 65 2c 22 6c 65 66 74 22 29 2c 28 22 61 62 73 6f 6c 75 74 65 22 3d 3d 3d 6c 7c 7c 22 66 69 78 65 64 22 3d 3d 3d 6c 29 26 26 2d 31 3c 28 6f 2b 75 29 2e 69 6e 64 65 78 4f 66 28 22 61 75 74 6f 22 29 3f 28 61 3d 28 72 3d 63 2e 70 6f 73 69 74 69 6f 6e 28 29 29 2e 74 6f 70 2c 69 3d 72 2e 6c 65 66 74 29 3a 28 61 3d 70 61 72 73 65 46 6c 6f 61 74 28 6f 29 7c 7c 30 2c 69 3d 70 61 72 73 65 46 6c 6f 61 74 28 75 29 7c 7c 30 29 2c 6d 28 74 29 26 26 28 74 3d 74 2e 63 61 6c 6c 28 65 2c 6e 2c 53 2e 65 78 74 65 6e 64 28 7b 7d 2c 73 29 29 29 2c 6e 75 6c 6c 21 3d
                                              Data Ascii: =l&&(e.style.position="relative"),s=c.offset(),o=S.css(e,"top"),u=S.css(e,"left"),("absolute"===l||"fixed"===l)&&-1<(o+u).indexOf("auto")?(a=(r=c.position()).top,i=r.left):(a=parseFloat(o)||0,i=parseFloat(u)||0),m(t)&&(t=t.call(e,n,S.extend({},s))),null!=
                                              2023-04-16 13:07:13 UTC88INData Raw: 66 66 73 65 74 50 61 72 65 6e 74 3b 77 68 69 6c 65 28 65 26 26 22 73 74 61 74 69 63 22 3d 3d 3d 53 2e 63 73 73 28 65 2c 22 70 6f 73 69 74 69 6f 6e 22 29 29 65 3d 65 2e 6f 66 66 73 65 74 50 61 72 65 6e 74 3b 72 65 74 75 72 6e 20 65 7c 7c 72 65 7d 29 7d 7d 29 2c 53 2e 65 61 63 68 28 7b 73 63 72 6f 6c 6c 4c 65 66 74 3a 22 70 61 67 65 58 4f 66 66 73 65 74 22 2c 73 63 72 6f 6c 6c 54 6f 70 3a 22 70 61 67 65 59 4f 66 66 73 65 74 22 7d 2c 66 75 6e 63 74 69 6f 6e 28 74 2c 69 29 7b 76 61 72 20 6f 3d 22 70 61 67 65 59 4f 66 66 73 65 74 22 3d 3d 3d 69 3b 53 2e 66 6e 5b 74 5d 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 24 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 76 61 72 20 72 3b 69 66 28 78 28 65 29 3f 72 3d 65 3a 39 3d 3d 3d
                                              Data Ascii: ffsetParent;while(e&&"static"===S.css(e,"position"))e=e.offsetParent;return e||re})}}),S.each({scrollLeft:"pageXOffset",scrollTop:"pageYOffset"},function(t,i){var o="pageYOffset"===i;S.fn[t]=function(e){return $(this,function(e,t,n){var r;if(x(e)?r=e:9===
                                              2023-04-16 13:07:13 UTC89INData Raw: 28 65 2c 74 2c 6e 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 6f 6e 28 65 2c 6e 75 6c 6c 2c 74 2c 6e 29 7d 2c 75 6e 62 69 6e 64 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 6f 66 66 28 65 2c 6e 75 6c 6c 2c 74 29 7d 2c 64 65 6c 65 67 61 74 65 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 2c 72 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 6f 6e 28 74 2c 65 2c 6e 2c 72 29 7d 2c 75 6e 64 65 6c 65 67 61 74 65 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 72 65 74 75 72 6e 20 31 3d 3d 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3f 74 68 69 73 2e 6f 66 66 28 65 2c 22 2a 2a 22 29 3a 74 68 69 73 2e 6f 66 66 28 74 2c 65 7c 7c 22 2a 2a 22 2c 6e 29 7d 2c 68 6f 76 65 72 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75
                                              Data Ascii: (e,t,n){return this.on(e,null,t,n)},unbind:function(e,t){return this.off(e,null,t)},delegate:function(e,t,n,r){return this.on(t,e,n,r)},undelegate:function(e,t,n){return 1===arguments.length?this.off(e,"**"):this.off(t,e||"**",n)},hover:function(e,t){retu
                                              2023-04-16 13:07:13 UTC91INData Raw: 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 53 7d 29 3b 76 61 72 20 56 74 3d 43 2e 6a 51 75 65 72 79 2c 47 74 3d 43 2e 24 3b 72 65 74 75 72 6e 20 53 2e 6e 6f 43 6f 6e 66 6c 69 63 74 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 43 2e 24 3d 3d 3d 53 26 26 28 43 2e 24 3d 47 74 29 2c 65 26 26 43 2e 6a 51 75 65 72 79 3d 3d 3d 53 26 26 28 43 2e 6a 51 75 65 72 79 3d 56 74 29 2c 53 7d 2c 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 74 79 70 65 6f 66 20 65 26 26 28 43 2e 6a 51 75 65 72 79 3d 43 2e 24 3d 53 29 2c 53 7d 29 3b 0a
                                              Data Ascii: tion(){return S});var Vt=C.jQuery,Gt=C.$;return S.noConflict=function(e){return C.$===S&&(C.$=Gt),e&&C.jQuery===S&&(C.jQuery=Vt),S},"undefined"==typeof e&&(C.jQuery=C.$=S),S});


                                              Statistics

                                              CPU Usage

                                              Click to jump to process

                                              Memory Usage

                                              Click to jump to process

                                              High Level Behavior Distribution

                                              Click to dive into process behavior distribution

                                              Behavior

                                              Click to jump to process

                                              System Behavior

                                              General

                                              Target ID:0
                                              Start time:15:05:06
                                              Start date:16/04/2023
                                              Path:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              Wow64 process (32bit):true
                                              Commandline:C:\Users\user\Desktop\GalacticShooter (3).exe
                                              Imagebase:0x400000
                                              File size:64791841 bytes
                                              MD5 hash:83024EA067AB552D39FFDB6E12A30817
                                              Has elevated privileges:true
                                              Has administrator privileges:true
                                              Programmed in:C, C++ or other language
                                              Reputation:low

                                              General

                                              Target ID:10
                                              Start time:15:06:13
                                              Start date:16/04/2023
                                              Path:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              Wow64 process (32bit):false
                                              Commandline:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              Imagebase:0x7ff7f0c50000
                                              File size:146870272 bytes
                                              MD5 hash:93BD0AE322D0293B5AFF20C25B1F71A2
                                              Has elevated privileges:true
                                              Has administrator privileges:true
                                              Programmed in:C, C++ or other language
                                              Antivirus matches:
                                              • Detection: 0%, ReversingLabs
                                              Reputation:low

                                              General

                                              Target ID:13
                                              Start time:15:06:32
                                              Start date:16/04/2023
                                              Path:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              Wow64 process (32bit):false
                                              Commandline:"C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe" --type=gpu-process --user-data-dir="C:\Users\user\AppData\Roaming\GalacticShooter" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1688 --field-trial-handle=1808,i,15278089115020680940,8688177150396165339,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
                                              Imagebase:0x7ff7f0c50000
                                              File size:146870272 bytes
                                              MD5 hash:93BD0AE322D0293B5AFF20C25B1F71A2
                                              Has elevated privileges:false
                                              Has administrator privileges:false
                                              Programmed in:C, C++ or other language
                                              Reputation:low

                                              General

                                              Target ID:14
                                              Start time:15:06:47
                                              Start date:16/04/2023
                                              Path:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              Wow64 process (32bit):false
                                              Commandline:"C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\user\AppData\Roaming\GalacticShooter" --mojo-platform-channel-handle=2012 --field-trial-handle=1808,i,15278089115020680940,8688177150396165339,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
                                              Imagebase:0x7ff7f0c50000
                                              File size:146870272 bytes
                                              MD5 hash:93BD0AE322D0293B5AFF20C25B1F71A2
                                              Has elevated privileges:true
                                              Has administrator privileges:true
                                              Programmed in:C, C++ or other language
                                              Reputation:low

                                              General

                                              Target ID:15
                                              Start time:15:07:00
                                              Start date:16/04/2023
                                              Path:C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe
                                              Wow64 process (32bit):false
                                              Commandline:"C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\GalacticShooter.exe" --type=renderer --user-data-dir="C:\Users\user\AppData\Roaming\GalacticShooter" --app-path="C:\Users\user\AppData\Local\Temp\2ONWRcI5GZ6reM4AjlGk3S9hVCy\resources\app.asar" --enable-sandbox --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --launch-time-ticks=6097977297 --mojo-platform-channel-handle=2372 --field-trial-handle=1808,i,15278089115020680940,8688177150396165339,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
                                              Imagebase:0x7ff7f0c50000
                                              File size:146870272 bytes
                                              MD5 hash:93BD0AE322D0293B5AFF20C25B1F71A2
                                              Has elevated privileges:false
                                              Has administrator privileges:false
                                              Programmed in:C, C++ or other language
                                              Reputation:low

                                              Disassembly

                                              No disassembly